AWSHazelcastStore Extension (Cluster Storage)

Introduction

The AWSHazelcastStore extension enables the Platform to use the AWS S3 service as Cluster Storage. S3 is a service provided by Amazon that allows you to store and manage data in the Amazon cloud.

Some features described in this article may be subject to licensing and/or separate surcharge. See the Private Cloud Bundle Products card article for detailed information.
# Using Amazon Web Services S3 as Cluster Storage

To use the AWS S3 service as Cluster Storage, you need the following:

  • A single-node or multi-node FNZ Studio installation
  • The AWSHazelcastStore extension
  • A storage account in AWS S3

Follow these installation steps to use the AWS S3 service as Cluster Storage:

  1. Follow the installation steps in the System Installation: FNZ Studio 2025 section of the System Installation guide.
  2. After stopping the Platform (all nodes), install and configure the AWSHazelcastStore extension (see configuration options).
  3. Start the Platform. The AWSHazelcastStore (permanent) extension should have been configured to start automatically.

Configuration Options

To be able to use the AWSHazelcastStore extension, the following properties must be set before an FNZ Studio instance using the extension is started:

  • com.nm.extensions.awshazelcaststore.accessKey – (Optional) AWS access key that can be used to access the S3 service. It can be configured accessing the IAM > Users > Security Credentials section in the AWS Management Console.
  • com.nm.extensions.awshazelcaststore.secretKey – (Optional) AWS secret key that can be used to access the S3 service. It can be configured accessing the IAM > Users > Security Credentials section in the AWS Management Console.
  • com.nm.extensions.awshazelcaststore.region – (Optional) AWS region used to access the S3 service. E.g. eu-central-1
    • You might choose a region to optimize latency, minimize costs, or address regulatory requirements.
    • Objects stored in a region never leave the region unless you explicitly transfer them to another region.
    • If not specified, the AWS SDK will calculate the appropriate region.
  • com.nm.extensions.awshazelcaststore.serviceUrl – (Optional) Allows using a custom S3 compliant server. This enables the adoption of other S3 technologies such as MinIO.
  • com.nm.extensions.awshazelcaststore.bucketName – The name of the bucket where the Platform data will be stored.
    • A bucket is a container that is used to store the Platform objects in Amazon S3.
    • If the bucket does not exist, it will be created when the extension is started.
    • Take the following limitations into account when choosing a bucket name:
      • S3 allows your bucket to be used as a URL that can be accessed publicly. For this reason, the bucket name that you choose must be globally unique. If another account has already created a bucket with the name that you choose, you are prompted to select a different name.
      • The bucket name can be between 3 and 63 characters long, and can contain only lower-case characters, numbers, periods, and dashes. The bucket name cannot contain underscores, end with a dash, have consecutive periods, or use dashes adjacent to periods.

Credentials Configuration

If Access Key and Secret Key are not provided using the extension configuration properties, the AWS SDK automatically checks sequentially each of the places where you can set default credentials and selects the first one you set. The predefined sequences is:

  1. Environment variables: loads the credentials from AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY system environment variables. If AWS_SESSION_TOKEN is present, the SDK will use temporary credentials.

  2. Java system properties: loads the credentials from aws.accessKeyId and aws.secretKey Java system properties. If aws.sessionToken is present, the SDK will use temporary credentials.

  3. Web identity token from AWS Security Token Service.

  4. The shared credentials and config files: loads the credentials from the [default] profile configured in the credentials or config file. The profile can be changed using AWS_PROFILE environment variable. The AWS credentials file has the following format:

    Copy
    [default]
    aws_access_key_id={YOUR_ACCESS_KEY_ID}
    aws_secret_access_key={YOUR_SECRET_ACCESS_KEY}

    [profile2]
    aws_access_key_id={YOUR_ACCESS_KEY_ID}
    aws_secret_access_key={YOUR_SECRET_ACCESS_KEY}

  5. Amazon ECS container credentials: loads the credentials from the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI environment variable.

  6. Amazon EC2 instance profile credentials: loads temporary AWS credentials that have the same permissions as those associated with the IAM role that is associated with the Amazon EC2 instance in its instance profile.

(See source)

Additional Configuration Options

The following configuration options can be set, although it is not strictly necessary as their default values are suitable for most cases.

  • com.nm.extensions.awshazelcaststore.maps – A comma separated list of persistent maps that use the S3 service as storage. If blank, all maps use the S3 service. Default: blank.
  • com.nm.extensions.awshazelcaststore.genericStore – If true, the AWSHazelcastStore extension is used as the generic store for persistent maps. Default: true
  • com.nm.extensions.awshazelcaststore.connectionTimeoutMs – The amount of time (in milliseconds) to wait when initially establishing a connection before timing out. Default value is 10.000.
  • com.nm.extensions.awshazelcaststore.requestTimeoutMs – The amount of time (in milliseconds) to wait for the request to complete before timing out. Default value is 0 (infinite).

Useful Information

When you use AWS S3 as Cluster Storage, you can also profit from many additional features offered by AWS. See the official Amazon site for more details on these features.