Set Up Amazon Web Services* Cloud Storage
To enable Cloud Storage on the installed Reference Implementation, you will need Amazon Web Services* (AWS*) paid/free subscription to enable your root user account that has to support the following services:
- Identity and Access Management (IAM)
- Amazon S3 Bucket
After finishing the setup for IAM and S3, you will have your AWS_ACCESS_KEY, AWS_SECRET_ACCESS_KEY and AWS_S3_BUCKET_NAME to be used on your
Edge Insights for Fleet
Reference Implementation Cloud Data - Configuration.
References
Setup Steps
- From your AWS management console, search for IAM and open the IAM Dashboard.
- On the left menu of the dashboard, go toAccess managementand click onUsersto open the IAM Users tab.
- From the IAM users tab, click onAdd Userto access the AWS add user setup.
- On the first tab, provide the username and select the AWS credentials type to beAccess key.
- On the second tab, create a group to attach policies for the new IAM user.
- Search for S3 and selectAmazonS3FullAccesspolicy.
- Click onCreate group.
- Select the group you have created and click onNext: Tags.
- Tags are optional. If you don't want to add tags, you can continue to the Review tab by clicking onNext: Review.
- After review, you can click on theCreate Userbutton.
- On this page, you have access to AWS Key and AWS Secret Access key. (Click onShowto view them.)
- Save both of them to be used later on your Cloud Data - Configuration on theEdge Insights for FleetReference Implementation you have installed.The AWS Secret Key is visible only on this page, you cannot get the key in other way.
- If you forget to save the AWS Secret Key, you can delete the old one and create another key.
- After you have saved the keys, close the tab. You are returned to the IAM Dashboard page.
- Click on the user created and save theUser ARNto be used on S3 bucket setup.In case you forgot to save the AWS Secret key from the User tab, you can selectSecurity Credentials, delete the Access Key and create another one.
S3 Bucket
S3 bucket service offers cloud storage to be used on cloud based applications.
S3 Bucket Service setup
- Open the Amazon Management Console and search for Amazon S3.
- Click onS3to open the AWS S3 Bucket dashboard.
- On the left side menu, click onBuckets.
- Click on theCreate Bucketbutton to open the Create Bucket dashboard.
- Enter a name for your bucket and select your preferred region.
- Scroll down and click onCreate Bucket.
- From the S3 Bucket Dashboard, click on the newly created bucket and go to thePermissionstab.
- Scroll toBucket Policyand click onEditto add a new statement in statements tab that is already created to deny all the uploads.
- You must add a comma before adding the following information.{ "Sid": "<Statement name>", "Effect": "Allow", "Principal": { "AWS": "<User_ARN_Saved>" }, "Action": "s3:*", "Resource": [ "arn:aws:s3:::<bucket_name>", "arn:aws:s3:::<bucket_name>/*" ] }
- Update with the following statement with statement name, your user ARN saved at IAM setup - step 11 and your bucket name.
- Click onSave changes. If the change is successful, you will see asuccess savedmessage, otherwise you need to re-analyze the json file to fix the error.