Skip to main content

Creating blobstore with non AWS S3 object stores may fail with newer Nexus versions

Updated

 

Overview

Nexus Repository Manager supports fully S3 compatible storage for blobstore. Newer versions of nexus would check for bucket ownerships which may fail with S3 compatible storage and report below error.

 

ERROR:

ValidationErrorXO{id='*', message='The identity used does not belong to the bucket owner's account.'}
or
org.sonatype.nexus.blobstore.s3.internal.S3BlobStoreException: Bucket exists but is not owned by you.

 

With DEBUG enabled for org.sonatype.nexus.blobstore logger, we can see below logs in nexus.log file.

 

2024-08-07 06:17:08,235+0000 DEBUG [qtp1100446952-5037]  admin org.sonatype.nexus.blobstore.s3.internal.BucketManager - Exception thrown checking ownership of "nexus" bucket.
com.amazonaws.services.s3.model.AmazonS3Exception: The specified method is not allowed against this resource. (Service: Amazon S3; Status Code: 405; Error Code: MethodNotAllowed; Request ID: c0a865ee172301142822400003359000; S3 Extended Request ID: Hxr9CVfFa6EzeHxLPTr5Fn/eggapykGiM1QDTHElc3mlhcdMSoL7h/f+j3iBgdU7; Proxy: null)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1879)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleServiceErrorResponse(AmazonHttpClient.java:1418)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1387)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1157)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:814)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:781)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:755)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:715)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:697)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:561)

 

SOLUTION:

Add below option in nexus.properties file to disable this check and add S3 Blobstore. 

Restarting nexus instance may be required.

 

nexus.blobstore.s3.ownership.check.disabled=true

 

 

Related articles