Globus Connect Server Administration Guides
  • Quickstart Guide
  • Installation Guide
  • Data Access Admin Guide
  • Domain Guide
  • Domain Migration to gaccess.io
  • HTTPS Access to Collections
  • Identity Mapping Admin Guide
  • Globus OIDC Installation Guide
  • Troubleshooting Guide
  • Command-Line Reference
    • Command summary
    • Audit
      • Load
      • Query
      • Dump
    • Endpoint
      • Setup
      • Show
      • Update
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription ID
      • Cleanup
      • Key Convert
      • Domain
      • Role
      • Upgrade
    • OIDC
      • Create
      • Delete
      • Register
      • Show
      • Update
    • Node
      • Create
      • Disable
      • Enable
      • New Secret
      • Setup
      • List
      • Show
      • Update
      • Cleanup
      • Delete
    • Login
    • Session
      • Consent
      • Show
      • Update
    • Whoami
    • Logout
    • Storage Gateway
      • Create
      • List
      • Show
      • Update
      • Delete
    • Collection
      • Create
      • List
      • Show
      • Batch Delete
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription Admin Verified Collection Property
      • Update
      • Delete
      • Domain
      • Check
      • Role
    • Auth Policy
      • Create
      • List
      • Show
      • Update
      • Delete
    • Sharing Policy
      • Create
      • List
      • Show
      • Delete
    • User Credentials
      • Activescale Create
      • OAuth Create
      • Delete
      • List
      • S3 Create
      • S3 Keys Add
      • S3 Keys Delete
      • S3 Keys Update
    • Self Diagnostic
  • Globus Connect Server Manager API
    • Authorization
    • Versioning
    • Endpoint
    • Roles
    • Nodes
    • Storage Gateways
    • Collections
    • User Credentials
    • Domains
    • Sharing Policies
  • API Access for Portals
  • Automated Endpoint Deployment
  • Data Access Application Guide
  • Application Migration Guide
  • Change Log
Skip to main content
Globus Docs
  • Getting Started
    Getting Started

    Getting Started and Tutorial docs cover how to perform some activity or provide an introduction to a feature. They are not comprehensive, but help you get started with Globus or with new Globus features.

    • Users
    • Admins
    • Developers
  • Reference
    Reference
    • Service
      • Auth
      • Groups
      • Transfer
      • Timers
      • Flows
      • Compute
      • Search
    • Agents
      • Globus Connect Server
      • GCS CLI
      • Globus Connect Personal
      • Globus Compute
    • SDK
      • Python
      • JS
    • Clients
      • CLI
    • Security and Compliance
      • Product Security
      • Privacy
      • Solutions for Sensitive Data
      • FAQs
  • Solutions & Guides
    Solutions & Guides

    Find practical approaches for leveraging Globus in research environments, integrating with platforms, and building science gateways. Access hands-on guides, integration instructions, and real-world scenarios for advanced usage.

    • Portals/Science Gateways
    • Guides
  • Support
    Support

    Find answers to frequently asked questions, connect with the community by joining our mailing lists, or reach out directly to Globus support.

    • FAQs
    • Mailing Lists
    • Contact Us
    • Check Support Tickets
  • Site Search
  1. Home
  2. Globus Connect Server
  3. v5.4
  4. Command-Line Reference
  5. Storage Gateway

Globus Connect Server Storage Gateway

Storage Gateways

A storage gateway provides the access policies for the endpoint’s connected storage systems. It is a named interface by which authorized users can create and manage collections on the connected storage system. A single storage system may be associated with multiple storage gateways, each with its own policies.

Storage gateway policies describe what type connector the storage gateway uses, the paths it allows access to, the login requirements are for the storage gateway, and the algorithm to map Globus identities to the user namespace of the storage gateway (e.g. local accounts).

Version 1.1.0 includes support for multi-factor authentication requirements for high assurance storage gateways.

Version 1.2.0 includes support for admin managed credentials.

Version 1.3.0 includes support for overriding the endpoint’s network use parameters on a storage gateway.

Connectors

Each Storage Gateway configures access to one type of data storage. The type of storage is referred to as a connector. Globus Connect Server supports the following connectors:

ActiveScale

Cloud data stored on ActiveScale Object Storage.

Amazon S3

Cloud data stored in the Amazon S3 service.

Box

Cloud data sharing systemd stored in the Box service.

Ceph

Distributed object storage stored in a Ceph RADOS object store.

Google Cloud Storage

Cloud data stored in the Google Cloud Storage service.

Google Drive

Cloud data stored in the Google Drive web service service.

HPSS

Archive data storage stored in an HPSS storage system.

iRODS

Storage Resources on an iRODS server.

Microsoft OneDrive

Cloud data stored in Microsoft OneDrive

POSIX

Local file storage backed by any file system that supports basic POSIX file API operations to access files, directories, and basic metadata.

POSIX Staging

Local file storage backed by a tertiary storage system. Provides for a command callout to stage data to cache.

Spectra Logic Black Pearl

Archive data storage stored in a Spectra Logic Black Pearl system.

Each of these connectors has some different configuration steps and storage policies. These are described in the individual connector storage gateway management commands.

Note

Connectors other than POSIX are premium features which require a subscription to enable use of those other connectors. See Premium Storage Connectors and https://globus.org/subscriptions for more information.

High Assurance

When a Storage Gateway is created, it can be configured to require High Assurance for data access. This enhances authentication assurance by enforcing session-based authentication timeouts and higher encryption standards for data in transit. Stricter access controls are employed when accessing the storage gateway configuration and performing data operations on collections created on High Assurance Storage Gateways.

Note

This is a premium feature, and requires a subscription with the high assurance add-on.
Important

If you are using Globus Connect Server with high assurance features, you will need to set all storage gateways that have access to restricted data as high assurance.

Commands

globus-connect-server storage-gateway create

Create a storage gateway

globus-connect-server storage-gateway delete

Delete a storage gateway

globus-connect-server storage-gateway list

List storage gateways

globus-connect-server storage-gateway show

Show a storage gateway definition

globus-connect-server storage-gateway update

Update an existing Storage Gateway

  • Quickstart Guide
  • Installation Guide
  • Data Access Admin Guide
  • Domain Guide
  • Domain Migration to gaccess.io
  • HTTPS Access to Collections
  • Identity Mapping Admin Guide
  • Globus OIDC Installation Guide
  • Troubleshooting Guide
  • Command-Line Reference
    • Command summary
    • Audit
      • Load
      • Query
      • Dump
    • Endpoint
      • Setup
      • Show
      • Update
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription ID
      • Cleanup
      • Key Convert
      • Domain
      • Role
      • Upgrade
    • OIDC
      • Create
      • Delete
      • Register
      • Show
      • Update
    • Node
      • Create
      • Disable
      • Enable
      • New Secret
      • Setup
      • List
      • Show
      • Update
      • Cleanup
      • Delete
    • Login
    • Session
      • Consent
      • Show
      • Update
    • Whoami
    • Logout
    • Storage Gateway
      • Create
      • List
      • Show
      • Update
      • Delete
    • Collection
      • Create
      • List
      • Show
      • Batch Delete
      • Reset Advertised Owner String
      • Set Advertised Owner String
      • Set Owner
      • Set Subscription Admin Verified Collection Property
      • Update
      • Delete
      • Domain
      • Check
      • Role
    • Auth Policy
      • Create
      • List
      • Show
      • Update
      • Delete
    • Sharing Policy
      • Create
      • List
      • Show
      • Delete
    • User Credentials
      • Activescale Create
      • OAuth Create
      • Delete
      • List
      • S3 Create
      • S3 Keys Add
      • S3 Keys Delete
      • S3 Keys Update
    • Self Diagnostic
  • Globus Connect Server Manager API
    • Authorization
    • Versioning
    • Endpoint
    • Roles
    • Nodes
    • Storage Gateways
    • Collections
    • User Credentials
    • Domains
    • Sharing Policies
  • API Access for Portals
  • Automated Endpoint Deployment
  • Data Access Application Guide
  • Application Migration Guide
  • Change Log
© 2010- The University of Chicago Legal Privacy Accessibility