Amazon S3 offers scalable object storage suitable for backup and archival of data. When integrated with Venio Systems, it provides a robust platform for storing and handling large volumes of data efficiently, enhancing data access and collaboration across the organization.
There are a number of pre-requisites which need to be met prior to successfully integrating AWS S3 buckets with Venio.
- Ensure you have an active AWS account. If not, sign up at AWS Management Console.
- Log into your AWS account and access the AWS Management Console.
¶ Necessary Permissions and Roles for Accessing S3
Please follow these steps carefully. We will need this information when we arrive at the section covering the updates required to the VenioPCD tbl_pj_ControlSetting SQL table.
-
To obtain the values needed for AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_REGION in the VenioPCD tbl_pj_ControlSetting table, you'll typically need to follow these steps:
- Create an AWS IAM User
You'll need an IAM (Identity and Access Management) user in your AWS account with permissions to access the specific resources. Follow these steps to create one:
- Step-by-Step:
- Log in to your AWS Management Console.
- Navigate to the IAM service:
- Go to Services and select IAM to manage access to your AWS resources.
- Create a new IAM user:
- Choose Users from the navigation pane and click the "Add user" button.
- Enter a user name and select the "Programmatic access" checkbox. This setting provides an access key ID and secret access key for the AWS API, CLI, SDK, and other development tools.
- Set permissions:
- Attach existing policies directly and select a policy like AmazonS3FullAccess if you are only using S3 services. For broader access, choose a policy that matches your security requirements.
- Alternatively, create a custom policy with specific permissions.
- Review and create the user:
- Review the settings and create the user.
- Record the Access Key ID and Secret Access Key:
- After the user is created, AWS will provide you with an access key ID and a secret access key. This is the only time you will see the secret access key, so be sure to save it securely.
- Determine the AWS Region
- The AWS region will be the one where your S3 buckets or other resources are located or where you intend to locate them. You can choose this based on proximity to your users, compliance, pricing, or available services. Check the full list of AWS Regions and Endpoints in the official AWS documentation.
- Ensure that You are running Venio_Console_Web_OnDemand Version 7.37 or newer.
- Log into the AWS Management Console
- Use the IAM account as specified in the pre-requisites section.
- Navigate to the S3 service.
- Create a new bucket:
- Click on "Create bucket".
- Provide a unique bucket name and select the appropriate AWS Region.
- Keep the default options or customize settings such as versioning and logging based on requirements.
- Click 'Create' to finalize the bucket creation.
- SQL Settings:
Set AWS S3 Access Information in VenioPCD Table tbl_pj_ControlSetting.
- Open the VenioPCD in SQL Server Management Studio
- Update the tbl_pj_ControlSetting table with the valid values for AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_REGION.
update tbl_pj_ControlSetting Set [Value] = '<ACCESS_STRING>' Where [Key] = AWS_ACCESS_KEY_ID -- replace <ACCESS_STRING> with the proper value.
update tbl_pj_ControlSetting Set [Value] = '<SECRET_STRING>' Where [Key] = AWS_SECRET_ACCESS_KEY -- replace <SECRET_STRING> with the proper value.
update tbl_pj_ControlSetting Set [Value] = '<REGION_ID>' Where [Key] = AWS_REGION -- replace <REGION_ID> with the proper value.
- Console:
- Login console.
- Open any project on the console.
- Click on 'Add Media'.
- Go to the Add Media option.
- Click 'AWS S3 Bucke/Folder/File'
- Go to 'Amazon S3 Bucket Browser' page.
- VOD:
- Login to Web.
- Incorrect bucket permissions or policies that restrict access.
- Misconfigured encryption settings leading to inaccessible data.
¶ Network Issues and Solutions
- Ensure stable internet connectivity.
- Configure proper VPC endpoints if accessing S3 from private networks.
- S3 Bucket: A container for data stored in Amazon S3.
- IAM: AWS Identity and Access Management.
- SDK: Software Development Kit.
¶ Additional Resources and Links to AWS Documentation
- For support related to S3 bucket creation, permissions, access issues, costs, security, etc... contact AWS Support.
- For support related to Venio issues, contact support@veniosystems.com