Documentation Index
Fetch the complete documentation index at: https://docs.coreweave.com/llms.txt
Use this file to discover all available pages before exploring further.
Authentication methods
CoreWeave AI Object Storage supports several authentication methods. Choose the method that best fits your use case.
OIDC Workload Identity Federation (recommended)
For production workloads, Workload Identity Federation with OIDC provides the most secure authentication method. Your applications obtain tokens from your identity provider and exchange them for temporary CoreWeave access credentials that automatically expire.
In Kubernetes environments, the Container Credentials API enables automatic credential rotation without application changes. See Configure AWS CLI and boto3 for setup details.
Process Credential Provider
For environments that need interactive sign-in flows or custom token exchange, AWS SDKs support a Process Credential Provider that invokes a custom command to fetch and refresh credentials. This approach works for both human and machine workloads. See Configure AWS CLI and boto3 for examples.
Static credentials
For initial testing and development, you can use static Access Keys created through the Cloud Console. Static credentials are long-lived and require manual rotation, so they are not recommended for production use.
Static Access Keys are a security risk in production environments because they are long-lived and can be leaked. Use Workload Identity Federation instead. Work with objects
Once your client is configured, you can manage objects in your buckets, including uploading, listing, deleting, and renaming objects.
For endpoint configuration details, including virtual-hosted addressing and LOTA endpoints, see Set Endpoints.
