Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

CyberDuck

Written by
Updated at April 1, 2025

CyberDuck is a GUI client that allows you to work with cloud storages, including those compatible with the Amazon S3 API. CyberDuck is available for macOS and Windows and as a console client for Linux.

Getting started

  1. Create a bucket.

  2. Create a service account.

  3. Assign the required role to the service account, e.g., storage.editor. For more information about roles, see Managing access with Yandex Identity and Access Management.

    To work with objects in an encrypted bucket, a user or service account must have the following roles for the encryption key in addition to the storage.configurer role:

    • kms.keys.encrypter: To read the key, encrypt and upload objects.
    • kms.keys.decrypter: To read the key, decrypt and download objects.
    • kms.keys.encrypterDecrypter: This role includes the kms.keys.encrypter and kms.keys.decrypter permissions.

    For more information, see Key Management Service service roles.

    Tip

    You can assign a role for a folder or a bucket to a service account. A role for a folder gives the GUI client access to all the buckets in the folder. A role for a bucket gives the client access only to this particular bucket. For granular access, assign a role for a particular bucket.

  4. Create a static access key.

    As a result, you will get the static access key data. To authenticate in Object Storage, you will need the following:

    • key_id: Static access key ID
    • secret: Secret key

    Save key_id and secret: you will not be able to get the key value again.

Note

A service account is only allowed to view a list of buckets in the folder it was created in.

A service account can perform actions with objects in buckets that are created in folders different from the service account folder. To enable this, assign the service account roles for the appropriate folder or its bucket.

Installation

Download the CyberDuck distribution for your OS and run it.

Connection

  1. Run CyberDuck.
  2. Click Open Connection.
  3. Select the Amazon S3 connection type.
  4. Specify the connection settings:

    • Server: storage.yandexcloud.net.

      To connect to a particular bucket, specify <bucket_name>.storage.yandexcloud.net in the Server field.

    • Port: 443.

    • Access key ID: Static key ID you got previously.

    • Secret Access Key: Static key contents you got previously.

  5. Click Connect.

Once the connection is established, the previously created bucket will open.

Note

CyberDuck treats Object Storage as a hierarchical file system. This means that the keys of objects uploaded via CyberDuck will look like file paths, e.g., prefix/subprefix/picture.jpg.

To learn more about how to use CyberDuck with S3-compatible storage, see the CyberDuck documentation.

Previous
S3cmd
Next
WinSCP