KALORA CLOUD

Onboarding

How to connect Scaleway Object Storage via CLI

A step-by-step guide to connect Kalora with your Scaleway account using CLI.

Published:
#scaleway #iam #cloud account #onboarding #tutorial #cli

This guide details how to create a secure IAM Application, a scoped Policy, an API Key, and Object Storage buckets in multiple regions using the scw Scaleway CLI. This method is ideal if you want to automate creation or prefer working with command-line tools.

💡 Prefer a visual approach? If you’d rather use the Scaleway Console web interface, check out our step-by-step UI guide instead.

Prerequisites

  1. Scaleway CLI (scw): Ensure scw is installed and configured.
  2. jq: This command-line JSON processor is used to parse outputs. Install it with brew install jq, apt-get install jq, or choco install jq.
  3. Your IDs: You will need your Organization ID and Project ID.
    • Find your Organization ID: scw organization list
    • Find your Project ID: scw project list

Start a connection

In Kalora, go to Cloud Accounts and add a new Scaleway account. Use the values from the script to populate the form and submit it.

The Complete Automation Script

This script performs all necessary steps. You only need to configure the variables in the first section.

#!/bin/bash

# --- 1. CONFIGURE YOUR VARIABLES ---

# Replace with your actual IDs from the prerequisites step.
export SCW_ORGANIZATION_ID="YOUR_ORGANIZATION_ID"
export SCW_PROJECT_ID="YOUR_PROJECT_ID"

# Define the regions where you want to create buckets.
# Available regions: fr-par, nl-ams, pl-waw
export REGIONS=("fr-par" "nl-ams")

# Define a base name for your resources.
export RESOURCE_NAME="kalora-multi-region"

# --- 2. CREATE IAM APPLICATION ---

echo "Creating IAM application: ${RESOURCE_NAME}-app..."
# We create the application and use jq to extract its ID from the JSON output.
export APP_ID=$(scw iam application create \
  name="${RESOURCE_NAME}-app" \
  organization-id="$SCW_ORGANIZATION_ID" \
  -o json | jq -r '.id')

if [ -z "$APP_ID" ]; then
  echo "Error: Failed to create application. Check your Organization ID."
  exit 1
fi
echo "Application created with ID: $APP_ID"
echo "---------------------------------"

# --- 3. CREATE IAM POLICY ---

echo "Creating IAM policy: ${RESOURCE_NAME}-policy..."
# This policy grants the application read/write access to objects
# within the specified project, covering all regions within it.
scw iam policy create \
  name="${RESOURCE_NAME}-policy" \
  principal="application_id=$APP_ID" \
  rule.0.project-ids.0="$SCW_PROJECT_ID" \
  rule.0.permission-set-names.0=ObjectStorageObjectsRead \
  rule.0.permission-set-names.1=ObjectStorageObjectsWrite

echo "Policy created and attached to application."
echo "---------------------------------"

# --- 4. CREATE API KEY ---

echo "--- IMPORTANT: GENERATING API KEY ---"
echo "The following output contains your Secret Key. It will only be shown ONCE."
echo "Copy and save it in a secure location immediately."

# Generate the API key for the application.
scw iam api-key create application-id="$APP_ID"

echo "---------------------------------"
read -p "Press [Enter] to continue after you have saved your keys..."

# --- 5. CREATE OBJECT STORAGE BUCKETS ---

echo "Creating Object Storage buckets in multiple regions..."

for REGION in "${REGIONS[@]}"; do
  BUCKET_NAME="${RESOURCE_NAME}-bucket-${REGION}"
  echo "Creating bucket '$BUCKET_NAME' in region '$REGION'..."
  scw object bucket create \
    name="$BUCKET_NAME" \
    --region "$REGION"
done

echo "All buckets created successfully."
echo "---------------------------------"

# --- 6. VERIFY BUCKET CREATION ---

echo "Verifying buckets across all defined regions..."
for REGION in "${REGIONS[@]}"; do
  echo ""
  echo "--- Buckets in region: $REGION ---"
  scw object bucket list --region "$REGION"
done

echo "---------------------------------"
echo "Setup complete!"