SAVE AS PDF
Cloud Import Service User Manual & Reference Guide
Cloud Import Service 

Was this content helpful?

Import to IBM Cloud

Prerequisites

Before you can configure and submit your import plan, make sure to complete the following steps so that Lyve Import Service can securely access your specified IBM Cloud bucket to import your data:

IBM Cloud subscription—Set up an IBM Cloud Platform account.

Object Storage instance—Set up a storage instance. To learn more, see Choosing a plan and creating an instance.

IBM Cloud bucket— Set up a dedicated bucket for your import. To learn more, see Create some buckets to store your data.

IP address access—If configured by your organization, list Seagate’s IP address(es) as an allowed source. See IP Address Access.

Seagate authorizations—See below.

Seagate authorizations

Seagate requires permissions to read, write, and list to your bucket to perform the import. Hash-based message authentication code (HMAC) keys using an Access Key ID and Secret Access Key are required to authenticate requests to your cloud resources. To generate the HMAC keys, follow the steps below after creating your bucket:

  1. In your Object Storage instance, click the Service credentials tab.
  2. Click the New Credential button.

  3. Name the credential and make the following selections:
    • Role = None
    • Service ID = Auto Generated
    • Include HMAC Credential = On

    Click the Add button. Once added, you can expand the credentials to view the values for the Access Key ID and Secret Access Key.

 When these credentials are created, the underlying service ID has access to any bucket in your instance (if it was automatically generated). To limit access to a specific bucket or subset of buckets, you will need to edit the access policy of the service ID tied to these credentials.

Proceed through the steps below to edit the access policy for the service ID:

  1. Navigate to the IAM console by clicking Manage > Access (IAM). Click Service IDs in the side panel. Click on the service ID you want to edit.
  2. Under Access policies, locate the role with the access policy you want to edit. Click the Actions icon and select Edit.

  3. Click on the Resources tab and select Edit. Select Specific resources and add conditions to scope access to specific resources.

  4. Click Next to continue to the Roles and actions tab. In the Service access column, assign the Writer role. Click Review.

  5. Click Save.

Recommendations

Seagate strongly recommends the following best practices:

  • Create a bucket dedicated to your import plan.
  • When creating your bucket, select “Regional” for resiliency.
  • Block all public access for your bucket.
  • Disable or delete the HMAC key after the import plan has ended.
 Important note on file sizes—In general, Seagate does not recommend importing individual files larger than 5TB. Please refer to your cloud provider’s file size limitations and best practices.

Configure your import plan

Add your cloud destination credentials and bucket information to configure your cloud import plan. 

  • All devices within a subscription must be imported to the same destination and region.
  • You will be required to enter and validate your bucket credentials.
  1. On your Home page, select a Lyve Mobile service subscription that includes a Cloud Import plan.

Alternatively, select the More icon in the 'Actions' column, and then select View Subscription.

  1. Select the link at the top of the page:

  1. Confirm the Cloud Destination and Region. Select Next.
  2. Add the Access Key ID and Secret Access Key for your cloud destination. Specify an existing bucket for the subscription. Select Validate Credentials.
 If the validation fails, check that the Access Key ID, Secret Access Key, and Bucket entered are accurate, and then revalidate.
  1. (Optional) Under 'Customized Path', provide the name of an existing folder or provide a folder name for Seagate to use to create a new folder for import. If you don’t provide a folder name, Seagate will create a folder based on the device serial number and date.
Each storage device in your import plan will have a designated folder in your bucket. The device’s serial number will be automatically appended to the folder name at the time of import.

  • Provide a name for Seagate to use to create the folder(s) in your bucket on your behalf. (Recommended)
  • If you leave this field blank, Seagate will create a folder(s) for your files and will use the device’s serial number as its name.
  • Alternatively, if you have an existing folder within your bucket that you would like to import your files to, provide the name of this folder.
  • Important—Make sure that your bucket policy does not block folder creation. If you are providing a name for a new folder to be created, ensure that the name follows the Naming Guidelines.
  1. To enable the checkbox, select the IP Address Access Guide link.
  2. Select the checkbox, and then select Submit.

Inviting another user to configure an import plan

If a different member of your Org needs to configure the import plan for a Lyve Mobile subscription, you can invite them to do so in Lyve Management Portal.

  • The person must be a member of the Org containing the Lyve Mobile subscription to which you want to add the import plan. See Manage Org members in the Lyve Management Portal User Manual.
  • The member must be given the Manage Import Plans permission. See Manage subscription members in the Lyve Management Portal User Manual.

Naming guidelines

Bucket naming guidelines:

  • Must be unique across the whole IBM Cloud Object Storage system.
  • Do not use any personal information (any part of a name, address, financial or security accounts or SSN)
  • Must start and end in alphanumeric characters (3 to 63)
  • Characters allowed: lowercase, numbers and nonconsecutive dots and hyphens
  • Avoid using these characters: / \ ? < > 1 . This will not cause issues with IBM Cloud Object Storage but may cause issues with your applications.

Object naming guidelines:

  • Object keys can be up to 1024 characters in length, and it’s best to avoid any characters that might be problematic in a web address. For example, ? , = , < , and other special characters might cause unwanted behavior if not URL-encoded.

Troubleshooting

See the following knowledge base articles: