Amazon S3 Support

Information About Amazon S3 Support

In Cisco Catalyst devices, the need for storage capacity is growing due to factors such as larger software images and increased logging rates demanded by customers. Additionally, there is a growing need to distribute software images, provide service maintenance updates (SMUs), and run diverse scripts across numerous devices. The built-in persistent storage available in the devices falls short of meeting these demands. In such situations, a reliable cloud storage solution becomes crucial for enhancing the existing onboard storage by seamlessly incorporating cloud-based storage solutions.

From IOS-XE 17.13.1 release, Amazon S3 or Amazon Simple Storage Service is supported for Cisco Catalyst 9800 Series Wireless Controllers. The Amazon S3 is a service offered by Amazon Web Services (AWS) that provides scalable storage infrastructure through a web service interface. Using Amazon S3, you can seamlessly supplement built-in persistent storage with cloud-based storage.

Restrictions and Guidelines

The cloud storage is accessible only to the active device.
Cloud reachability can be established through any service port, including device management ports, or forwarding interfaces on the device.
Multiple cloud storage configuration profiles can be created for the same S3 bucket with different configuration parameters.
Virtual device instances (like C9800-CL) hosted on AWS can use the Identity and Access Management (IAM) role infrastructure to access S3 storage.

Configuring Amazon S3 Support

Before you begin

Ensure that connectivity to the cloud is established.
Ensure that you have the AWS Identity and Access Management (IAM) access key ID and the secret key ID.

Procedure

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	cloud-services aws s3 profile `profile-name` Example: `Device(config)# cloud-services aws s3 profile 9800_XT_HD`	Configures an Amazon S3 cloud services profile. Use only alphanumeric characters for the profile name. Underscore (_) is the only special character that is supported.
Step 3	bucket `bucket-name` mount-point `mount-point` Example: `Device(config-s3fs-profile)# bucket 9800-B1 mount-point s3-mount`	Configures the Amazon S3 storage bucket and its mountpoint. A bucket is a container for objects stored in Amazon S3. The mountpoint refers to the directory on your local file system where you mount your Amazon S3 bucket.
Step 4	description `profile-description` Example: `Device(config-s3fs-profile)# description 9800-External-Storage`	(Optional) Adds a description to the Amazon S3 cloud services profile, which can be up to 255 alphanumeric characters.
Step 5	vrf mgmt-intf Example: `Device(config-s3fs-profile)# vrf mgmt-Intf`	(Optional) Configures the management interface as the VRF interface. The default interface is the forwarding interface.
Step 6	access-key key-id `iam-id` secret-key {0\| 8}`secret-key` Example: `Device(config-s3fs-profile)# access-key key-id iam-key-id secret-key 0 ******`	Configures the AWS S3 access credentials. Use the same access key ID and the secret key created for the IAM role on the AWS console.
Step 7	permissions read-write Example: `Device(config-s3fs-profile)# permissions read-write`	(Optional) Sets the Amazon S3 bucket permission as read and write. By default, read-only permission is enabled.
Step 8	region `region` Example: `Device(config-s3fs-profile)# region us-west-1`	Specifies the Amazon S3 region where the cloud-based storage is used.
Step 9	proxy {http-server \| https-server} `url-ip` port `port-num` Example: `Device(config-s3fs-profile)# proxy https-server 192.0.2.1 port 12`	(Optional) Configures HTTP or HTTPS server URL or IPv4 address, along with the port details.
Step 10	no shutdown Example: `Device(config-s3fs-profile)# no shutdown`	Saves the configuration and enables it for Amazon S3 services.
Step 11	exit Example: `Device(config-s3fs-profile)# exit`	Returns to global configuration mode.

Verifying Amazon S3 Support

To view a summary of all the Amazon S3 profiles, use the following command.

Device# show cloud-services aws s3 summary 

Profile Name                      Profile Status  Service Status   
-----------------------------------------------------------------
test                              Started         Active           

test2                             Started         Active

To view the operational information of a Amazon S3 profile, use the following command.

Device# show cloud-services aws s3 profile s1

Profile Details

Profile Name          : s1
Bucket Name           : pb-s3-test1
Mount Point           : test
Bucket Permission     : Read-Only
Region                : us-west-1
VRF                   : Global

S3 Service Details

Service Status        : Active
Service PID           : 31934
Mount Time            : 09/28/23 17:06:25
Service Log Level     : Notice

Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE 17.13.x

Bias-Free Language

Book Title

Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE 17.13.x

Chapter Title