Compatible Providers

Overview

Over the last couple of years, we have seen tremendous growth in this area, with a large number of providers now offering storage services "compatible" with AWS S3. When these providers refer to their services as "S3 compatible", what they usually claim is that their API covers a subset of the AWS S3 API, and is binary identical. In essence, what that means is that a software tool that was originally designed to work with the industry standard AWS S3, would be able to integrate seamlessly with the compatible service, because the API is essentially the same.

We at Yarkon have integrated with a number of these providers. So far, we have not encountered any compatible provider API that is 100% identical to that of AWS S3, though some of them are indeed very close - and should definitely work just fine with software tools that work with AWS S3. Naturally, you will not get S3 features that are not supported, such as "Storage Class", "Acceleration", "Tagging", "Versioning", etc., but for many practical and economical implementations, that should not be a blocker.

Depending on the capabilities of your storage provider, some of the features available to AWS S3 users may not be available when using a compatible provider.

Types of Compatible Providers

For the purpose of Yarkon integration, there are two types of S3 providers, based on the level of compatibility:

Storage Providers - providers that support a subset of the S3 API. A drop-in replacement for the majority of features expected by S3 users. Supported on Yarkon Docker only.
Advanced Providers - providers that also support a subset of STS/IAM API. This additional support allows for a granular permission system. Supported on all versions of Yarkon.

Note that any advanced provider can be used as a simple storage provider, but if your provider does offer the extra capabilities, you should use the full feature set of Yarkon.

Storage Providers

Yarkon versions 7+

The majority of S3 compatible providers fall into this category. Some popular examples are Min.io, Garage and Ceph.

Because these providers do not implement any IAM or STS API, the permissions granted to end users are limited, and user access is managed by Yarkon - in addition to any other security and access management provided by the provider. The only security model allowed is the Managed model, and for commercial reasons, we currently only offer this option using Yarkon Docker.

Advanced Providers

An advanced provider implements at least one of these API endpoints:

STS:GetSessionToken
IAM:AssumeRole

STS (Session Token Service) is used for session based credentials. IAM (Identity Access Management) is used for granular user permissions management.

IAM:AssumeRole is required for Integrated Security. A full integration with Yarkon would require all IAM:Get\* and IAM:List\* actions as well.

Before attempting to integrate Yarkon with any advanced compatible provider, make sure to check their API and ensure that these end points are supported. Some popular examples are Wasabi and Dell ECS.

Integrations

Once you confirmed that your compatible storage provider does indeed support the required API subset, you can follow these steps to get your storage integrated with Yarkon. We provide here-by guides on how to integrate Yarkon with a couple common providers, but the steps should be the same for any other provider that meets the prerequisites.

Storage provider - Integrate Yarkon Docker with min.io
Advanced provider - Integrate Yarkon Docker with Wasabi
Advanced provider - Integrate Yarkon Cloud With Wasabi