MinIO Server Documentation
Customer Login
Product
MinIO Enterprise Object Store
Overview Architecture
Features
MinIO for Public Cloud
AWS GCS Azure
MinIO for Private Cloud
OpenShift SUSE Rancher Tanzu
MinIO for Baremetal
Linux and Windows
Determine your raw and usable capacity Erasure Code Calculator MinIO's Recommended Hardware Configuration Reference Hardware
Solutions
AI Storage Object storage is powering the AI revolution. Learn how MinIO is leading the AI storage market through performance at scale. Modern Datalakes Modern, multi-engine datalakes depend on object stores that deliver performance at scale. Learn more about this core MinIO use case. Hybrid Cloud Effective multi-cloud storage strategies rely on utilizing architecture and tools that can function seamlessly across diverse environments. Equinix Repatriate your data onto the cloud you control with MinIO on Equinix to lower costs while maintaining public cloud adjacency. Splunk Find out how MinIO is delivering performance at scale for Splunk SmartStores. Snowflake Query and analyze multiple data sources, including streaming data, residing on MinIO with the Snowflake Data Cloud. No need to move the data, just query using SnowSQL. SQL Server Discover how to pair SQL Server 2022 with MinIO to run queries on your data on any cloud - without having to move it. HDFS Migration Modernize and simplify your big data storage infrastructure with high-performance, Kubernetes-native object storage from MinIO. VMware Discover how MinIO integrates with VMware across the portfolio from the Persistent Data platform to TKG and how we support their Kubernetes ambitions. Veeam Learn how MinIO and Veeam have partnered to drive performance and scalability for a variety of backup use cases. Commvault Learn how Commvault and MinIO are partnered to deliver performance at scale for mission critical backup and restore workloads. Integrations Browse our vast portfolio of integrations.
Community
GitHub Join our GitHub open source community: explore, experiment, ask questions, and contribute. Slack Channel The MinIO Community Slack provides an open forum for discussing topics related to MinIO. All support is provided on a best-effort basis.
Docs Blog Resources Training Partner Pricing Download

Documentation

MinIO Object Storage for Linux

mc admin tier

Changed in version RELEASE.2022-12-24T15-21-38Z: mc admin tier replaced by mc ilm tier.

Description

The mc admin tier command configures a remote supported S3-compatible service for supporting MinIO Lifecycle Management: Object Transition (“Tiering”).

Use mc admin on MinIO Deployments Only

MinIO does not support using mc admin commands with other S3-compatible services, regardless of their claimed compatibility with MinIO deployments.

Supported S3 Services

mc admin tier supports only the following S3-compatible services as a remote target for object tiering:

  • Amazon S3

  • Google Cloud Storage

  • Azure Blob Storage

Required Permissions

MinIO requires the following permissions scoped to to the bucket or buckets for which you are creating lifecycle management rules.

MinIO also requires the following administrative permissions on the cluster in which you are creating remote tiers for object transition lifecycle management rules:

For example, the following policy provides permission for configuring object transition lifecycle management rules on any bucket in the cluster:.

{
   "Version": "2012-10-17",
   "Statement": [
      {
            "Action": [
               "admin:SetTier",
               "admin:ListTier"
            ],
            "Effect": "Allow",
            "Sid": "EnableRemoteTierManagement"
      },
      {
            "Action": [
               "s3:PutLifecycleConfiguration",
               "s3:GetLifecycleConfiguration"
            ],
            "Resource": [
                        "arn:aws:s3:::*"
            ],
            "Effect": "Allow",
            "Sid": "EnableLifecycleManagementRules"
      }
   ]
}

Transition Permissions

Object transition lifecycle management rules require additional permissions on the remote storage tier. Specifically, MinIO requires the remote tier credentials provide read, write, list, and delete permissions.

For example, if the remote storage tier implements AWS IAM policy-based access control, the following policy provides the necessary permission for transitioning objects into and out of the remote tier:

{
   "Version": "2012-10-17",
   "Statement": [
      {
            "Action": [
               "s3:ListBucket"
            ],
            "Effect": "Allow",
            "Resource": [
               "arn:aws:s3:::MyDestinationBucket"
            ],
            "Sid": ""
      },
      {
            "Action": [
               "s3:GetObject",
               "s3:PutObject",
               "s3:DeleteObject"
            ],
            "Effect": "Allow",
            "Resource": [
               "arn:aws:s3:::MyDestinationBucket/*"
            ],
            "Sid": ""
      }
   ]
}

Modify the Resource for the bucket into which MinIO tiers objects.

Defer to the documentation for the supported tiering targets for more complete information on configuring users and permissions to support MinIO tiering:

Syntax

mc admin tier add

Creates a new remote storage tier for transitioning objects using MinIO lifecycle management rules.

Important

MinIO does not support removing remote storage tiers. Ensure the storage backend supports the intended workload prior to adding it as a remote tier target.

The command has the following syntax:

mc admin tier add TIER_TYPE TARGET TIER_NAME [FLAGS]

The command accepts the following arguments:

TIER_TYPE

Required

The Cloud Service Provider storage backend (“Tier”) to which MinIO transitions objects. Specify one of the following supported values:

s3

Use AWS S3 or a remote MinIO deployment as the storage backend for the new Tier.

Requires specifying the following additional options:

azure

Use Azure Blob Storage as the storage backend for the new Tier.

Requires specifying the following additional options:

gcs

Use GCP Cloud Storage as the storage backend for the new Tier.

Requires specifying the following additional option:
TARGET

Required

The alias of a configured MinIO deployment on which the command creates the new remote tier.

TIER_NAME

Required

The name to associate with the new remote tier. The name must be unique across all configured tiers on the MinIO cluster.

You must specify the tier in all-caps, e.g. WARM_TIER.

--endpoint

Required

The URL endpoint for the cloud service provider. The URL endpoint must resolve to the provider specified to TIER_TYPE.

--access-key

Required

The access key for a user on the remote S3 tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

Required if TIER_TYPE is s3. This option has no effect for any other value of TIER_TYPE.

--secret-key

Required

The secret key for a user on the remote S3 tier.

Required if TIER_TYPE is s3. This option has no effect for any other value of TIER_TYPE.

--account-name

Required

The account name for a user on the remote Azure tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

Required if TIER_TYPE is azure. This option has no effect for any other value of TIER_TYPE.

MinIO does not support changing the account name associated to an Azure remote tier. Azure storage backends are tied to the account, such that changing the account would change the storage backend and prevent access to any objects transitioned to the original account/backend.

--account-key

Required

The account key for the --account-name associated to the remote Azure tier.

Required if TIER_TYPE is azure. This option has no effect for any other value of TIER_TYPE.

--credentials-file

Required

The credential file for a user on the remote GCS tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

Required if TIER_TYPE is gcs. This option has no effect for any other value of TIER_TYPE.

--bucket

Required

The bucket on the remote tier to which MinIO transitions objects.

--prefix

Optional

The prefix path for the specified --bucket to which MinIO transitions objects.

Omit this field to transition objects into the bucket root.

--storage-class

Optional

The AWS storage class to use for objects transitioned by MinIO. MinIO supports only the following storage classes:

  • STANDARD

  • REDUCED_REDUNDANCY

Defaults to S3_STANDARD if omitted.

This option only applies if TIER_TYPE is s3. This option has no effect for any other value of TIER_TYPE.

--region

Optional

The S3 backend region for the specified TIER_TYPE, such as us-west-1.

This option only applies if TIER_TYPE is s3. This option has no effect for any other value of TIER_TYPE.

mc admin tier edit

Modify or remove a remote storage tier from a MinIO cluster. Remote storage tiers support transitioning objects using MinIO lifecycle management rules.

The command has the following syntax:

mc admin tier edit TARGET TIER_NAME [FLAGS]

The command accepts the following arguments:

TARGET

Required

The alias of a configured MinIO deployment.

TIER_NAME

Required

The name of the remote tier the command modifies. The value corresponds to the mc admin tier add TIER_NAME specified when creating the remote tier.

--access-key

Optional

The access key for a user on the remote S3 tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

This option only applies to remote storage tiers with TIER_TYPE is s3. This option has no effect for any other TIER_TYPE.

--secret-key

Optional

The secret key for a user on the remote S3 tier.

This option only applies to remote storage tiers with TIER_TYPE is s3. This option has no effect for any other TIER_TYPE.

--account-key

Required

The account key for a user on the remote Azure tier. Use this option to rotate the credentials for the --account-name associated to the remote tier.

This option only applies to remote storage tiers with TIER_TYPE is azure. This option has no effect for any other TIER_TYPE.

--credentials-file

Required

The credential file for a user on the remote GCS tier. The user must have permission to perform read/write/list/delete operations on the remote bucket or bucket prefix.

This option only applies to remote storage tiers with TIER_TYPE is gcs. This option has no effect for any other TIER_TYPE.

mc admin tier ls

List all remote storage tiers on a MinIO cluster. Remote storage tiers support transitioning objects using MinIO lifecycle management rules.

The command has the following syntax:

mc admin tier ls TARGET [FLAGS]

The command accepts the following arguments:

TARGET

Required

The alias of a configured MinIO deployment.

This work is licensed under a Creative Commons Attribution 4.0 International License. 2020-Present, MinIO, Inc. Creative Commons License