Topic

Kubernetes Object Provisioning & Policy

Kubernetes-native provisioning and management of S3 buckets using operators, the Container Object Storage Interface (COSI), and declarative policy. Bridges the Kubernetes declarative model with object storage lifecycle.

5 connections 3 resources

Summary

What it is

Where it fits

As cloud-native applications run on Kubernetes, teams need to provision S3 buckets the same way they provision PVCs — declaratively, with RBAC and policy. This topic covers the integration layer between K8s resource management and object storage.

Misconceptions / Traps

COSI is not yet GA in Kubernetes. It is an evolving standard. Production use requires evaluating the maturity of specific COSI drivers for your storage backend.
Kubernetes operators for object storage (Rook, MinIO Operator) manage the storage system, not individual buckets. Bucket-level provisioning is a separate concern.

Key Connections

scoped_to S3, Object Storage — managing S3 resources from Kubernetes
Container Object Storage Interface (COSI) scoped_to Kubernetes Object Provisioning & Policy — the K8s-native standard
Rook scoped_to Kubernetes Object Provisioning & Policy — K8s operator for Ceph-based S3
solves Policy Sprawl — centralized declarative policy for bucket provisioning

Definition

What it is

Integrating S3-compatible object storage provisioning, access control, and lifecycle management into Kubernetes-native workflows using operators, CSI drivers, and custom resources.

Why it exists

Kubernetes has become the default orchestration platform for data workloads, but S3 bucket provisioning remains outside Kubernetes' declarative model. Bridging this gap enables GitOps-driven storage management.