To begin integrating TrueNAS with a Cloud Storage provider, register the account credentials on the system.
After saving any credentials, a Cloud Sync Task allows sending or receiving data from that Cloud Storage Provider.
Saving a Cloud Storage Credential
Transferring data from TrueNAS to the Cloud requires saving Cloud Storage Provider credentials on the system.
To maximize security, these credentials are encrypted when saved.
However, this means that to restore any cloud credentials from a TrueNAS configuration file, you must enable Export Password Secret Seed when generating that configuration backup.
Remember to protect any downloaded TrueNAS configuration files.
It is recommended to have another browser tab open and logged in to the Cloud Storage Provider account you intend to link with TrueNAS.
Some providers require additional information that is generated on the storage provider account page.
For example, saving an Amazon S3 credential on TrueNAS could require logging in to the S3 account and generating an access key pair on the Security Credentials > Access Keys page.
To save cloud storage provider credentials, go to System > Cloud Credentials and click Add.
Enter a credential Name and choose a Provider.
The rest of the options change according to the chosen Provider:
Access Key ID
Amazon Web Services Key ID. This is found on Amazon AWS by going through My account > Security Credentials > Access Keys (Access Key ID and Secret Access Key). Must be alphanumeric and between 5 and 20 characters.
Secret Access Key
Amazon Web Services password. If the Secret Access Key cannot be found or remembered, go to My Account > Security Credentials > Access Keys and create a new key pair. Must be alphanumeric and between 8 and 40 characters.
Maximum Upload Ports
Define the maximum number of chunks for a multipart upload. This can be useful if a service does not support the 10,000 chunk AWS S3 specification.
AWS resources in a geographic area. Leave empty to automatically detect the correct public region for the bucket. Entering a private region name allows interacting with Amazon buckets created in that region. For example, enter us-gov-east-1 to discover buckets created in the eastern AWS GovCloud region.
Disable Endpoint Region
Skip automatic detection of the Endpoint URL region. Set this when configuring a custom Endpoint URL.
User Signature Version 2
Force using Signature Version 2 to sign API requests. Set this when configuring a custom Endpoint URL.
Alphanumeric Backblaze B2 Application Key ID. To generate a new application key, log in to the Backblaze account, go to the App Keys page, and add a new application key. Copy the application keyID string to this field.
Backblaze B2 Application Key. To generate a new application key, log in to the Backblaze account, go to the App Keys page, and add a new application key. Copy the applicationKey string to this field.
A User Access Token for Box. An access token enables Box to verify a request belongs to an authorized session. Example token: T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl.
Enter the required Authentication strings to enable saving the credential.
Some providers can automatically populate the required Authentication strings by logging in to the account.
To automatically configure the credential, click Login to Provider and entering your account username and password.
It is recommended to verify the credential before saving it.