Storage

Configuring storage within a-ops to handle files that are uploaded in AWS s3 storage bucket.

Setup and configure S3 Storage

Requirements

  1. AWS S3 storage bucket
  2. AWS API Account restricted to only be able to read and write to the storage bucket

Configuration Steps

  1. Login to an AWS account
  2. Navigate to S3 Storage buckets
  3. Create a new storage bucket as shown below:

Create S3 Storage

  1. Create a new IAM user (applying the above policy)

S3 Storage User

  1. Once the user is created, create and attach an in-line policy to the newly created user account:

S3 Storage Inline policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "lab1aopsiostorageS3RW",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucket",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::<S3 Storage bucket name>",
                "arn:aws:s3:::<S3 Storage bucket name>/*"
            ]
        }
    ]
}

S3 Storage Policy

  1. Policy name: S3-\<tenancy-id>-a-ops-storage
  2. Create Security Access keys for the newly created user, by navigating to Security Credentials, Access Keys, Create Access Key
  3. On Usecase select third-party service

AWS Access key

  1. Once the Access Key and Secret of the Key has been created, these should be stored in a secure manner.
  2. Navigate to your a-ops tenancy, then management, storage
  3. Create new Storage
  4. Click on the (+) next to the Storage Provider

A-Ops Storage Provider

  1. Fill in the blanks with the appropriate information

A-Ops New Storage Provider

Once all the above steps have been completed, files should be able to be uploaded via A-ops to the S3 Storage Bucket.