Security

To support AI and analytics, a data lakehouse must be secure by design. This blog covers best practices for securing storage, metadata, and catalog layers including encryption, fine-grained IAM, audit logging, object locking, and multi-site replication without sacrificing performance.

Pairing the Iceberg table format with AIStor creates a powerful, flexible and extensible lakehouse platform. The Iceberg Table Spec declares a table format that is designed to manage “a large, slow-changing collection” of files or objects stored in a distributed system.

In this blog post, we’ll show you how to set up MinIO to work with Keycloak. But broadly it should also give you an idea of how OIDC is configured with MinIO so you can use it with anything other than Keycloak, here we just use it as an example.

Whether you are on-prem or in the Cloud, you want to ensure in the cloud operating model processes are set up in a homogenous way. This tutorial will give you a full overview of how you can surface MinIO audit logs in ElasticSearch so they can be searchable.

In this post we’ll show you how to configure MinIO Operator with KES (Keys Encryption System) and Vault in a cloud native way in Kubernetes.

In this tutorial, we’ll show you how to configure Dremio to connect to MinIO, which uses self-signed TLS certificates. This is one of the more common use cases, and we’ve had customers from SUBNET ask time and time again how they can configure something like this.

Learn how MinIO simplifies and streamlines the generation and assignment of TLS certificates for services running on Kubernetes.

Versioning, S3 Object Locking, Encryption at Rest and in Transit, Identity Providers, Replication, CVE Monitoring for a secure cloud-native object storage foundation.

Learn how to secure, load balance and scale your MinIO instances with Nginx, LetsEncrypt and Certbot.

Learn how Reed-Solomon erasure coding provides data protection for distributed object storage at scale.

Learn how to add external TLS certificates to MinIO tenants and access them using SNI.

Learn how to secure data in transit, data at-rest and establish role-based access control policies in the first of a series of blog posts about securing MinIO.

An overview of erasure coding, BitRot protection, encryption, immutability and versioning.

Learn how MinIO combines multiple built-in data protection capabilities to ensure that nothing is overwritten or deleted unintentionally.

Protecting blocks is not the same as protecting objects. Learn where block-level RAID falls short compared to erasure coding in distributed object storage.