Skip to main content

Get Started with AI Object Storage

Set up AI Object Storage authentication, policies, and storage access for enterprise workloads

This guide provides a high-level overview of the steps required to set up and use AI Object Storage.

Prerequisites

  • Administrative access to your CoreWeave organization
  • A Cloud Console token with admin permissions

Configure authentication

Access keys are required for users and workloads to access AI Object Storage. Choose whether you'd like to get started more quickly with testing, or create a secure setup for production workloads:

  • For the most secure setup, using SAML assertions with Workload Identity Federation to generate workload Access Keys is strongly recommended.
  • For less sensitive operations or for testing, you can use Cloud Console tokens to create your access keys.

For testing and validation: Get started in minutes with Cloud Console tokens.

Create an access key using Cloud Console tokens:

You must be logged in with an account that has admin permissions.

  1. In the Cloud Console, navigate to Object Storage > Keys.
  2. Click Create Key.
  3. In the dialog:
    • For a Temporary key, enter the desired duration in seconds and click Create.
    • For a Permanent key, select Enable Permanent Key and click Create.

After setting up access keys for authentication, you need to set a policy for access control.

Set access policies

You must create an organization access policy to be able to access the Object Storage S3-compatible API.

Before uploading data, you may also want to set bucket access policies for your organization and buckets. Policies are used to control access to data, control lifecycles, and configure auditing.

See these sections for more information:

After setting up access policies, you can configure your development environment and then set up buckets and objects.

Set global configs

Before you create your first bucket in AI Object Storage, ensure the following settings are applied in your AWS config:

  • Your AWS/Boto3 client or CLI is configured to use the AI Object Storage endpoint. The endpoint_url should be:
    • https://cwobject.com for the primary endpoint
    • http://cwlota.com if using LOTA
  • The S3 addressing_style is set to virtual:
    • In AWS CLI config: aws configure set default.s3.addressing_style virtual
    • In Boto3: use config=Config(s3={'addressing_style': 'virtual'})

This is a one-time configuration to add CoreWeave-specific settings to your development environment.

Create a bucket

After creating access keys, an organization access policy, and setting your global configuration, create a bucket to store data. Buckets are the primary organizational unit used by CoreWeave AI Object Storage to store object data.

You can create buckets using popular S3-compatible tools or the Cloud Console at these endpoints:

EndpointURLNotes
Primary endpointhttps://cwobject.comUses HTTPS and requires TLS v1.3. Ensure your S3-compatible tools and OpenSSL use TLS v1.3.
LOTA endpointhttp://cwlota.comUses HTTP protocol, not HTTPS.

Use objects and buckets

CoreWeave AI Object Storage is compatible with the S3 API, so you can use any S3-compatible tool to manage your data. See How-To: Manage Objects to learn how to use CoreWeave AI Object Storage with s3cmd, Boto3, or the AWS CLI.

CoreWeave AI Object Storage is designed to work with LOTA (Local Object Transfer Accelerator), a first-of-its-kind intelligent proxy that provides a highly efficient, local gateway to CoreWeave AI Object Storage. See Concepts: LOTA for details about how LOTA works.

Quota limits

CoreWeave AI Object Storage has default quota limits. See Manage quota limits for more information.

API reference and compatibility information