Amazon Simple Storage Service (Amazon S3) is web based cloud storage service. It is an object base storage service capable of storing/managing any amount of data. Bucket is the fundamental storage container of AWS S3.
Overview
In this blog, we will see how to :-
- Create an Amazon S3 Bucket
- Accessibility to S3 Bucket
- Create an IAM Policy to have access to specific Bucket
- Create an IAM user with Access key id and Secret key
Create an Amazon S3 Bucket
You need to log on to AWS console using IAM user (with privileges enough to create an AWS S3 bucket) or as Admin.
Follow below steps to create an Amazon S3 bucket.
- Go to S3 panel and Choose Create Bucket.
- Name your bucket and choose Region. Note:- It has to be unique globally.
- In the next Configure Options Page, some options regarding object versioning and logging can be set. For now just Click on Next. Note:- Can click on Previous to return to last configuration screen.
- Next in Set Permissions page, some default precautionary settings can be changed. Keep them untouched for now and Click on Next.
- Next, you can Review all the bucket configuration. Click on Create Bucket.
Once the bucket is created, you can check the bucket in AWS console.
Accessibility to Buckets
1. Private Access:- By default, every bucket is private i.e. the access to bucket and its resources is restricted to the Account owner and the creator of the bucket.
2. Public Access:- Follow below steps to make a Bucket completely public.
- Select the specific bucket listed in Amazon S3 console and click on Edit Public access Settings.
- Dis-select the just top two options(to allow Public ACLs) and Save. Type “confirm” in new pop-up that appears.
- Now, click on your bucket. Click on Access Control List under Permissions sections. Click on check box in front of “everyone” under Public access . A new pop-up will appear where you can select the operations. Then, click on Save.Now you Bucket is public.
3. Restricted Access (Not Public):- You can allow restricted access to your bucket by using IAM policy or Bucket Access Policy. The access can be limited to just a specific Bucket or some if not all. The IAM policy helps you control what all operations a user will/should be able to perform on your bucket. For this, first you need to create an IAM policy that gives required access on specific buckets and attach it your IAM user. Then, the IAM user can use its Access key id and Secret key to perform operations on the specific buckets as per the IAM policy attached. Follow ahead to read more regarding the steps involved.
Create IAM Policy
Follow below steps to create an IAM policy which would allow access to a specific S3 Bucket:-
- Go to the IAM console.
- Select Policies from navigation panel.
- Choose Create policy.
Note:- A welcome message must appear if you are creating your first policy. Click on Get Started. - Many options will list there. Choose to create Policy on the JSON Tab.
- Paste the below Content.
Note:- Remember to Change bucket-name accordingly. And click on Review Policy{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetBucketLocation", "s3:ListAllMyBuckets" ], "Resource": "*" }, { "Effect": "Allow", "Action": ["s3:ListBucket"], "Resource": ["arn:aws:s3:::mention-your-bucket-name-here"] }, { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject", "s3:DeleteObject" ], "Resource": ["arn:aws:s3:::mention-your-bucket-name-here/*"] } ] }
- Next, enter the Name for your policy and give an optional Description.
- Click on Create Policy to save the policy.
The Policy will be created.
Create an IAM User
Follow below steps to Create an IAM User and attach the above created policy.
-
- Go to the IAM console.
- Choose User from the navigation pane and choose Add User option.
- Next, name the user and choose to allow only Programmatic Access. Click on Next:Permissions.
- In the next page, Choose Attach Existing Policy. Next, search and select the above created policy by name. Proceed to add Tags then.
- Tags are optional. You can skip them for now.
- On the Review Page, verify the fields and proceed to Create User.
- You will get the Access Key ID and Secret key once the user is created.
Note:- Ensure to save Secret access key safely because it won’t be available afterwards.
All Done!!
Now, use the above generated Access Key ID and Secret Access Key to access Amazon S3 Bucket.
Use Odoo Amazon S3 Cloud Storage to integrate Amazon S3 Bucket into Odoo.
Feel free to contact us in case of query. Raise a ticket at http://webkul.uvdesk.com.
Be the first to comment.