Authenticating VMware Cloud Director Object Storage Extension REST API Requests

AWS Signature

VMware Cloud Director Object Storage Extension supports AWS Signature Version 4.

To authenticate VMware Cloud Director Object Storage Extension REST API requests using AWS Signature type, you use security credentials. Security credentials are a pair of an access key and a secret key. VMware Cloud Director Object Storage Extension supports user and application types of security credentials. Users own and manage their security credentials.

With S3 API requests authenticated with user credentials, you can manage all objects owned or shared by the owner of the user credentials. With application credentials, you control the S3 API access at the bucket level.

For more information about creating and working with security credentials, see the Working with Security Credentials topic in the VMware Cloud Director Object Storage Extension User's Guide for Tenant Users.

In VMware Cloud Director Object Storage Extension, only tenant users can own security credentials. To create and use security credentials, your user account requires the tenant administrator role or the tenant user role. For more information, see the Roles and Rights in VMware Cloud Director Object Storage Extension.

For more information about AWS Signature authentication, see the Authenticating Requests (AWS Signature Version 4) topic in the AWS documentation.

vCloud API Session

To authenticate VMware Cloud Director Object Storage Extension REST API requests, you can also use the vCloud API login mechanism of VMware Cloud Director. For more information, see the Create a vCloud API Session VMware Cloud Director API Programming Guide.