Storage Authentication

​

Authentication

Nami Cloud Storage uses AWS Signature Version 4 for request authentication, making it compatible with standard S3 clients and SDKs.

​

Credentials

You need two credentials to authenticate requests:

• Access Key ID
• Secret Access Key

These credentials can be obtained from the Nami Cloud Dashboard.

​

Authentication Header

Each request must include an Authorization header with the following format:

Authorization: AWS4-HMAC-SHA256 
    Credential=${AccessKeyID}/${date}/${region}/s3/aws4_request,
    SignedHeaders=${headers},
    Signature=${signature}

​

Example

Authorization: AWS4-HMAC-SHA256 
    Credential=AKIAIOSFODNN7EXAMPLE/20231028/us-east-1/s3/aws4_request,
    SignedHeaders=host;x-amz-content-sha256;x-amz-date,
    Signature=fe5f80f77d5fa3beca038a248ff027d0445342fe2855ddc963176630326f1024

​

Using with SDK

Most S3 SDKs handle authentication automatically. Here are examples in different languages:

import boto3

s3_client = boto3.client('s3',
    endpoint_url='https://storage.nami.cloud',
    aws_access_key_id='YOUR_ACCESS_KEY',
    aws_secret_access_key='YOUR_SECRET_KEY'
)

​

Security Best Practices

1. Credential Protection

   • Never commit credentials to source control
   • Rotate credentials regularly
   • Use environment variables or secure credential stores

2. Access Control

   • Follow the principle of least privilege
   • Use bucket policies and IAM roles when possible
   • Regularly audit access patterns

3. HTTPS

   • Always use HTTPS for API requests
   • Verify SSL/TLS certificates
   • Keep client libraries updated