Quickstart Guide for Shardsecure and Backblaze B2 Cloud Storage Quickstart Guide for Shardsecure and Backblaze B2 Cloud Storage

Quickstart Guide for Shardsecure and Backblaze B2 Cloud Storage

Daniel Pinheiro Daniel Pinheiro


This document will show you step by step how to configure Shardsecure with Backblaze B2 Cloud Storage, a simple, reliable, affordable object-store.

ShardSecure provides a unique focus on securing data on back-end cloud infrastructure, where privileged cloud administrators perform important daily activities including patch management, software updates, and other critical tasks that bear serious consequences in the event of data breaches. Whereas legacy solutions have provided little in the way of back-end cloud data security, microsharding separates sensitive data from privileged administrators, who could be compromised, disgruntled, or simply make mistakes unintentionally that cause data breaches and service interruptions and is an excellent way to achieve zero trust in data security. If attackers breach a cloud administrator’s account for one cloud provider, the Microshard data on that cloud provider cannot be used to reconstruct any files or even a small amount of sensitive information Even if attackers breached all the enterprise’s cloud storage, the Microshard data could not be put back together without access to the Microshard engine, pointers, and host map file. Cloud administrators and nearly all other administrators should never have access to any of these items.


Installation Prerequisites

  1. Backblaze B2 account created:


  1. Create Backblaze B2 Application Key:  


  1. Create Backblaze Bucket:


**ShardSecure leverages Backblaze B2 buckets to distribute and store data. It is recommended to create multiple storage buckets within Backblaze to ensure data distribution.




Setting Up A B2 Bucket

1) Sign in to your Backblaze portal https://secure.backblaze.com/user_signin.htm


2) Click on Create a Bucket to add a new bucket




3) Enter a name for the bucket (e.g. ShardSecure1)

  • Object Lock can be achieved by enabling it in the bucket within ShardSecure. Does not have to be enabled on the Backblaze side since shardsecure is managing
  • Version History is currently not supported


4) Click Create a Bucket to create the bucket


5) Repeat steps 2-4 to add additional storage buckets.

  • We recommend at least 3 storage buckets


6) Go to App Keys and click Add a New Application Key to generate a new key




7) Enter a name for the newly generated key and click Create New Key to generate the new key

  • The new key should have Read and Write permissions on the buckets used for ShardSecure




8) The new key (key ID and applicationKey) will be displayed in your portal

  • Make sure to make a copy of the applicationKey as the secret will not be readable after the first use





Configure ShardSecure


1) Go to your ShardSecure configuration portal to add a new storage location


2) Go to ShardFileSystems and click on + to add Backblaze as a file system


3) Choose Backblaze under Select ShardFileSystem and enter a name for the new ShardFileSystem and click ADD




4)  Add the Application ID, Application Key, and the Key Name (User-Agent) generated in step 8 to the new Backblaze Shard File System and click ADD SCF



5) Enter the bucket name of the Backblaze bucket and a name for the bucket in ShardSecure. The Shard Size should be 4 unless otherwise recommended by your ShardSecure consultant. Click ADD SCF


6) Repeat steps 1-4 to add all buckets configured in Backblaze


7) You will see all Backblaze buckets under the ShardFileSystem for Backblaze




8) Go to Policies and click + to add a policy for Backblaze



9)  Enter the name of the new policy and click ADD




10)  Within the new policy click on Rule to set a rule for the policy



11) Set your policy (see the following settings to create a default policy) and click SAVE




12) Click on ShardContainerFiles to pick the correct storage buckets




13) Click + to add the Backblaze buckets to the policy




14) All Backblaze buckets should be under Configured Shard Container File



15) Click CLOSE to close the setup dialog




Configuration is now complete and you will be able to upload data to Backblaze by leveraging ShardSecure

After uploading the configuration to your ShardSecure cluster, you’ll be able to create a bucket within ShardSecure and upload data via the S3 compatible API. ShardSecure will introduce data confidentiality, integrity and availability before the data is stored on Backblaze.