This article outlines the steps to create an AWS S3 Bucket account, which can be used in Filevine's data exporter tool and connections to Domo for our Periscope product.
Setting up an S3 bucket involves three steps:
- Create an account and bucket.
- Create the user profile and group, and give it the correct permissions.
- Generate the two access keys that will be used for integration setup.
Sign up for an AWS account here: https://portal.aws.amazon.com/billing/signup#/start/email
Note: The AWS account is free, but it does require a credit card on file in case data limits and thresholds are exceeded and charges are incurred.
Create an Account and Bucket
Once you’ve signed up for an AWS account, follow the subsequent steps to set up the bucket:
- Once logged in, in the search bar at the top, search “S3” and click the first S3 option.
- On the right side of the S3 page, click Create bucket.
- Name the bucket a unique name, and keep all other settings as they are presented. Click Create Bucket.
- Once the bucket is created, you will see it listed under the available buckets with the corresponding settings. Some of these settings will be used later for connections, so keep this page handy.
Create the Users and Group
After the S3 bucket is created, you can create users and groups with the correct permissions.
- Search for "IAM" in the search bar and click the first option for "IAM."
- On the IAM page, click Users in the left toolbar, under the Access Management tab. Then click Add users in the top right corner. Type out the user name and click Next.
- The next page will allow you to set permissions by creating a group. Under the User Group section, click Create group on the right side. Type out the group name at the top.
- Below this, you will see Permission Policies, which you can select for this user group. Using the search function, find the policy for “amazons3fullaccess.” Select this policy and then click Create user group. You will be taken back to the Set Permissions page.
- Under the Set Permissions page, click the box for the new user group created in the previous steps and click Next. This will add the user created in the preceding steps to this group with the correct permissions set up for integration purposes.
- Finally, click Create user. You should now see the new user created as a part of the new group created.
Permission Policy
For a more sophisticated or locked-down permissions policy, you can use the following:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PutStuff",
"Effect": "Allow",
"Action": [
"s3:Put*"
],
"Resource": [
"arn:aws:s3:::filevine-data-connector",
"arn:aws:s3:::filevine-data-connector/*"
]
},
{
"Sid": "ListBuckets",
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*"
},
{
"Sid": "KMS",
"Effect": "Allow",
"Action": [
"kms:Encrypt",
"kms:Generate*"
],
"Resource": [
"*"
]
}
]
}
Generate the Secret Access Keys
Once all steps in parts one and two are completed, you can generate the access keys that can be used by both Filevine and Domo.
- Click on the user you created in the previous section. You will be taken to the settings page for that user. Below the Summary section, click on the tab for Security credentials. Scroll down to the Access keys section, and click Create access key.
- On the next page, click the setting for "Application runnings outside of AWS" and click Next.
- Add a description for this key and click Create. This will take you to the Retrieve access keys page. Note: The keys displayed on this page are very sensitive and strong security cautions should be followed to protect these keys. Note at the top of the page where it says "This is the only time that the secret access key can be viewed or downloaded. You cannot recover it later." Store the keys in a secure location that you feel comfortable with, as these keys will need to be referenced a few times in completing your integration. You can download the keys as a csv file by clicking Download .csv file.
Comments
0 comments
Article is closed for comments.