AWS S3 - SaaS
To get to the AWS S3 page, from the navigation pane on the left, click Cloud > AWS S3.
The AWS S3 page contains the following fields:
Element | Field |
Description |
---|---|---|
1 | IAM Role Account | The AWS IAM user. This account applies to every SQS. Copy the value in this field and paste into the AWS configuration. |
2 | Queue URL | Specify the AWS queue URL. See below for details. |
3 | Policy Name | Specify a policy for the AWS S3 connector to work with. Select the Default Policy if you have not created an alternative policy to use. |
4 | Channel name | The AWS S3 connector name |
Note
Fields marked with a * red asterisk are mandatory, to be completed.
Multiple SQS
You may configure more than one SQS associated with a single IAM Role Account.
To add an SQS:
1. | Click on the Add button. |
2. | In the new table that opens, enter the following fields for the SQS: |
t | Queue URL |
t | Policy Name |
t | Channel name |
To remove an SQS, click on the Delete button associated with the SQS.
As you make changes the Items Changed count increases. When finished making changes at the bottom of the page select to either Save Changes or Reset to the original settings.
Prerequisites
n | AWS SQS (Simple Queue Service) Queue (see Creating an AWS SQS Queue for details) |
n | Amazon S3 (Simple Storage Service) bucket |
n | AWS IAM (Identity and Access Management) user that has access to SQS and S3 |
Creating an AWS SQS Queue
You must create an AWS SQS (Simple Queue Service) Queue for S3 bucket integration.
1. | Login to your AWS account. |
2. | Navigate to Simple Queue Service. |
3. | Click on Create queue. |
4. | Under Type, select Standard. |
5. | Enter a Name for the queue. |
6. | Modify the values according to the example below: |
7. | For the Access policy, choose Advanced. |
8. | You may use the below template and replace <AWS_ACCOUNT_NUM>, <QUEUE_NAME> and <BUCKET_NAME> with their actual values: |
{
"Version": "2012-10-17",
"Id": "example-ID",
"Statement": [
{
"Sid": "example-statement-ID",
"Effect": "Allow",
"Principal": {
"Service": "s3.amazonaws.com"
},
"Action": [
"SQS:SendMessage"
],
"Resource": "arn:aws:sqs:us-east-1:<AWS_ACCOUNT_NUM>:<QUEUE_NAME>",
"Condition": {
"StringEquals": {
"aws:SourceAccount": "<AWS_ACCOUNT_NUM>"
}
"ArnLike": {
"aws:SourceArn": "arn:aws:s3:*:*:<BUCKET_NAME>"
},
}
}
}
]
}
9. | Under Tags, you may create an optional tag for the queue by setting Key to "Name" and Value to the queue name, for example: |
10. | Other options should remain at their default values. |
11. | Click on Create queue. |
Assigning the Queue to an Existing S3 Bucket
1. | Navigate to the desired bucket. |
2. | Select the Properties tab. |
3. | Scroll down to Event notifications. |
4. | Click on Create event notifications. |
5. | Set the Event name to the desired name. |
6. | Under Event types, select All object create events. For example: |
7. | Under Destination, select SQS queue. |
8. | Under Specify SQS queue, select Choose from your SQS queues. |
9. | Select the newly created SQS queue from the list of available queues. For example: |
10. | To save the SQS queue configuration, click on Save changes. |
11. | Add the following statements to the SQS Access Policy, and replace <AWS_IAM_USER_ACCOUNT_NUM>, <AWS_ACCOUNT_NUM>, <VOTIRO-S3-CONNECTOR-ROLE> and <BUCKET_NAME> with their actual values: |
{
"Sid":"Votiro_receiver_statement",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::<AWS_IAM_USER_ACCOUNT_NUM>:role/<VOTIRO-S3-CONNECTOR-ROLE>"
},
"Action": [
"SQS:ChangeMessageVisibility",
"SQS:DeleteMessage",
"SQS:ReceiveMessage"
],
}
12. | In the S3 Permission add the following policy: |
To use the example below, replace <AWS_ACCOUNT_NUM>, <QUEUE_NAME> and <BUCKET_NAME> with their actual values.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::<AWS_IAM_USER_ACCOUNT_NUM>:role/<VOTIRO-S3-CONNECTOR-ROLE>"
},
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:GetObjectTagging",
"s3:PutObjectTagging"
],
"Resource": [
"arn:aws:s3:::<BUCKET_NAME>/*"
]
}
]
}
AWS S3 Flowchart
The following diagram illustrates the procedure:
Comments
0 comments
Please sign in to leave a comment.