How to keep user data private in S3 object storage for Nextcloud

Hello everyone,

We have set up a Nextcloud instance and need to store user data on an S3 object storage.

We have connected a bucket to Nextcloud using the External storage support app.

However, the problem is that all users or users in a group can see the contents of the bucket.

We need the information of each user in the S3 object storage to remain completely confidential for each user and no other user to have access to it.

In fact, we want External storage to behave similarly to local storage.

We would be grateful if you could let us know your solutions.

Thank you,

There are multiple ways to set-up External Storage mounts:

• You can set-up them globally (what it sounds like you did)[1]
• You can mount them at the user level[2]
• You can use variables for user mountpoints[3]

Also, another option, if you’re only using S3 for all your data (and you also aren’t in need of accessing it from outside of Nextcloud) is to simply use S3 as Primary (not External) Storage[4]. Then it behaves the same as a local drive. It becomes your datadirectory basically.

It’s sound to me like you want one of the other methods.

[1] Configuring External Storage (GUI) — Nextcloud latest Administration Manual latest documentation

[2] Configuring External Storage (GUI) — Nextcloud latest Administration Manual latest documentation

[3] Configuring External Storage (GUI) — Nextcloud latest Administration Manual latest documentation

[4] Configuring Object Storage as Primary Storage — Nextcloud latest Administration Manual latest documentation