TrueNAS CORE
TrueNAS Enterprise
TrueNAS SCALE
TrueCommand
Compare Editions
Software Status
FreeNAS
Systems Overview
M-Series
X-Series
R-Series
Mini Series
Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS EnterpriseCloud Credentials Screens
10 minute read.
Last Modified 2022-08-25 11:10 -0400The Backup Credentials screen displays the Cloud Credentials, SSH Connections and SSH Keypairs widgets.
The Cloud Credentials widget displays a list of cloud storage credentials configured on the system.
Before adding cloud credentials for a cloud storage provider, the Cloud Credentials widget displays No Cloud Credentials configured.
Add opens the Cloud Credentials configuration screen.
Click the name of a cloud credential to open the Cloud Credentials configuration screen populated with the settings for that credential.
The Cloud Credentials configuration screen displays settings to add or edit cloud credentials TrueNAS uses to integrate with cloud storage providers.
Use Verify Credentials after entering the authentication settings to verify you can access the cloud storage provider account with the credentials you entered.
The Authentication settings change based on the selection in Provider.
| Name | Description |
|---|---|
| Name | Enter a name for this cloud credential. For example, cloud1 or amazon1. |
| Provider | Required. Default is set to Amazon S3. Select the cloud storage provider from the options on the dropdown list. |
Amazon S3 has basic authentication and advanced authentication settings. This section provides information on the basic authentication settings.
| Name | Description |
|---|---|
| Access Key ID | Enter the alphanumeric key that is between 5 and 20 characters for the Amazon Web Services Key ID. Find this on Amazon AWS by going through My account > Security Credentials > Access Keys (Access Key ID and Secret Access Key). |
| Secret Access Key | Enter the alphanumeric key that is between 8 and 40 characters for the Amazon Web Services password. If you cannot find the Secret Access Key, go to My Account > Security Credentials > Access Keys and create a new key pair. |
| Maximum Upload Ports | Enter a value to define the maximum number of chunks for a multipart upload. Setting a maximum is necessary if a service does not support the 10,000 chunk AWS S3 specification. |
| Advanced Settings | Select to display the optional Endpoint Advanced Options settings. |
This section provides information on Amazon S3 advanced authentication settings for endpoints. The basic authentication settings are required when using the advanced settings.
| Name | Description |
|---|---|
| Endpoint URL | Optional. When using AWS, you can leave the endpoint field empty to use the default endpoint for the region and automatically fetch available buckets, or enter an S3 API endpoint URL. Refer to the AWS Documentation for a list of Simple Storage Service Website Endpoints. |
| Region | Optional. Enter an AWS resources in a geographic area. Leave empty to detect the correct public region for the bucket. Entering a private region name allows interacting with Amazon buckets created in that region. For example, enter us-gov-east-1 to discover buckets created in the eastern AWS GovCloud region. |
| Disable Endpoint Region | Select to skip automatic detection of the endpoint URL region and to configuring a custom Endpoint URL. |
| User Signature Version 2 | Select to force using Signature Version 2 to sign API requests. Select this when configuring a custom Endpoint URL. |
This section provides information on the BackBlaze B2 authentication settings.
| Name | Description |
|---|---|
| Key ID | Enter or copy and paste the alphanumeric Backblaze B2 Application Key ID string into this field. To generate a new application key, log in to the Backblaze account, go to the App Keys page, and add a new application key. |
| Application Key | Enter or copy and paste the alphanumeric Backblaze B2 Application Key string into this field. To generate a new application key, log in to the Backblaze account, go to the App Keys page, and add a new application key. |
Several cloud storage providers use OAuth authentication and a required access token to authenticate the cloud storage account. Providers that use these methods are Box, Dropbox, Google Photo, pCloud, and Yandex.
| Name | Description |
|---|---|
| OAuth Client ID | Enter the public identifier for the cloud application. |
| OAuth Client Secret | Enter the secret phrase known only to the cloud application and the authorization server. |
| Access Token | Enter a User Access Token for Box. An access token enables Box to verify a request belongs to an authorized session. Example token: T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl. |
| Hostname | pCloud only. Optional. Enter the host name to connect to. |
Use Login to Provider to enter the account username and password.
FTP and SMTP cloud storage providers use host name, port, and user credentials to authenticate accounts. SMTP uses SSH hosts, port, and user credentials and also uses a private key.
| Name | Description |
|---|---|
| Host | Enter the FTP host name or for SMTP the SSH host name to connect. For example, ftp.example.com. |
| Port | Enter the FTP or for SMTP, the SSH port number. Leave blank to use the default port 21 for FTP or 22 for SMTP. |
| Username | Enter a username on the FTP or for the SMTP host system the SSJ user name. This user must already exist on the host. |
| Password | Enter the password for the user account. |
| Private Key ID | SNMP only. Import the private key from an existing SSH keypair or, if no keypairs exist on the system, select Add on the SSH Keypairs widget to open the SSH Keypairs screen. Enter a name, and then click Generate New to create a new SSH key for this credential. |
Google Cloud Storage authentication uses a Google service account json key credential file generated by the Google Cloud Platform Console to authenticate the account. Obtain the json file, download it to the system server and then upload it to the Preview JSON Service Account Key field. Use Choose File to browse to the file location on the server.
Google Drive uses OAuth authentication, a required access token, and a team drive ID to authenticate accounts.
| Name | Description |
|---|---|
| OAuth Client ID | Enter the public identifier for the cloud application. |
| OAuth Client Secret | Enter the secret phrase known only to the cloud application and the authorization server. |
| Access Token | Required. Token created with Google Drive. Access Tokens expire periodically, so you must refresh them. |
| Team Drive ID | Optional. Only needed when connecting to a Team Drive, and is the top-level folder ID for the Team Drive. |
Use Login to Provider to enter the account username and password.
HTTP uses a HTTP host URL to authenticate account credentials.
Hubic uses an access token to authenticate the account. Enter the token generated by a Hubic account into the Access Token field.
Mega uses the username and password for the MEGA user account to authenticate the account credentials.
Microsoft Azure Blob Storage uses the Microsoft Azure account name and account key to authenticate the account credentials.
| Name | Description |
|---|---|
| Account Name | Enter the Microsoft Azure account name. |
| Account Key | Enter the base64 encoded key for Azure account. |
| Endpoint | Enter an endpoint. For example, blob.core.usgovcloudapi.net. |
Microsoft OneDrive uses OAuth authentication, access tokens, drives and drive account type and ID to authenticate account credentials.
| Name | Description |
|---|---|
| OAuth Client ID | Enter the public identifier for the cloud application. |
| OAuth Client Secret | Enter the secret phrase known only to the cloud application and the authorization server. |
| Access Token | Enter the Microsoft Onedrive access token. Log in to the Microsoft account to add an access token. |
| Drives List | Select the drives and IDs registered to the Microsoft account. Selecting a drive also populates the Drive ID field. |
| Drive Account Type | Select the type of Microsoft account from the dropdown options, PERSONAL, BUSINESS, or DOCUMENT_LIBRARY. Logging in to a Microsoft account selects the correct account type. |
| Drive ID | Enter the unique drive identifier if not pre-populated after selecting the drive in Drives List. Log in to a Microsoft account and choose a drive from the Drives List dropdown list to add a valid ID. |
Use Login to Provider to enter the account username and password.
OpenStack Swift uses several required settings to authenticate credential accounts.
| Name | Description |
|---|---|
| User Name | Required. Enter the OpenStack user name (OS_USERNAME) from an OpenStack credentials file. |
| API Key or Password | Required. Enter the Openstack API key or password. This is the OS_PASSWORD from an OpenStack credentials file. |
| Authentication URL | Required. Enter the authentication URL for the server. This is the OS_AUTH_URL from an OpenStack credentials file. |
| AuthVersion | Select the authentication version from the dropdown list if your auth URL has no version (rclone documentation). |
The AuthVersion option selected changes the settings displayed in Authentication Advanced Options. Auto(vX), v1, and v2 use the same advanced authentication settings but V3 displays additional settings.
| Name | Description |
|---|---|
| Tenant Name | Enter the OS_TENANT_NAME from an OpenStack credentials file. |
| Tenant ID | (Optional for v1 auth) Enter the tenant ID Enter the tenant ID. For more information see rclone documentation. |
| Auth Token | (Optional) Enter the auth token from alternate authentication. For more information see rclone documentation. |
When v3 is the AuthVersion option settings Authentication Advanced Options displays additional settings.
| Name | Description |
|---|---|
| User Id | Optional. Enter the user ID to log in. To log into most swift systems leave this blank. For more information see rclone documentation. |
| User Domain | Optional. Enter the user domain. For more information see rclone documentation. |
| Tenant Name | Required. Enter the OS_TENANT_NAME from an OpenStack credentials file. |
| Tenant ID | Required for v2 and v3. Enter the tenant ID. For more information see rclone documentation. |
| Tenant Domain | Optional. Enter the tenant domain. For more information see rclone documentation. |
| Auth Token | Optional. Enter the auth token from alternate authentication. For more information see rclone documentation. |
These settings apply to all OpenStack Swift credentials.
| Name | Description |
|---|---|
| Region Name | Optional. Enter the region name. For more information see rclone documentation. |
| Storage URL | Optional. Enter the storage URL. For more information see rclone documentation. |
| Endpoint Type | Select service catalogue option from the Endpoint Type dropdown. Options are Public, Internal and Admin. Public is recommended. For more information see rclone documentation. |
WebDAV uses the URL, service type and user credentials to authenticate the account credentials.
| Name | Description |
|---|---|
| URL | Required. Enter the URL of the HTTP host to connect to. |
| WebDAV Service | Required. Select the name of the WebDAV site, service, or software used from the dropdown list. Options are NEXTCLOUD, OWNCLOUD, SHAREPOINT, or OTHER. |
| Username | Required. Enter the WebDAV account user name. |
| Password | Required. Enter the WebDAV account password. |
Related Content
- Adding Cloud Credentials
- Adding Cloud Sync Tasks
- Backing Up Google Drive to TrueNAS SCALE
- Cloud Sync Tasks
- Cloud Sync Tasks Screens
- Adding a Storj Cloud Sync Task
Related Backup Articles
- Adding Cloud Credentials
- Adding Cloud Sync Tasks
- Adding Replication Tasks
- Backing Up Google Drive to TrueNAS SCALE
- Managing the System Configuration
- Cloud Sync Tasks Screens
- Setting Up a Local Replication Task
- Adding a Storj Cloud Sync Task
- Setting Up Advanced Replication Tasks