Skip to content

Configure Amazon S3 Storage Target

This page provides the instructions to configure an Amazon S3 service as a Storage Target in MiaRec web application.

Configure S3 Bucket in Amazon

1. Create an S3 bucket

  1. Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. Click Create bucket.

    Create Bucket

  3. In the Bucket name field, type a unique DNS-compliant name for your new bucket.

    Bucket Name

The example screenshot uses the bucket name miarec-s3-storage. You cannot use this name because each S3 bucket name must be unique. Create your own bucket name using the following naming guidelines:

  • The name must be unique across all existing bucket names in Amazon S3.
  • After you create the bucket, you cannot change the name, so choose wisely.
  • Choose a bucket name that reflects the objects in the bucket because the bucket name is visible in the URL that points to the objects that you're going to put in your bucket.

For information about naming buckets, see Rules for Bucket Naming in the Amazon Simple Storage Service Developer Guide.

  1. In the AWS Region field, select the region where you want the bucket to reside. It is recommended to chose the region that is closest to your end-users. This will provide them the best performance during playback.

    AWS Region

  2. In the Block Public Access settings for this bucket section, make sure that public access is blocked.

    Block Public Access settings

  3. Click Choose bucket.

    Choose Bucket

2. Create policy that grants access to the S3 bucket

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane on the left, click Policies and then click Create Policy.

    Create Policy

  3. Select the JSON tab, copy the following access policy and paste it into the JSON field.

Info

Do not forget to replace miarec-s3-storage with your bucket name!

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Action": [
            "s3:ListBucket"
        ],
        "Resource": [
            "arn:aws:s3:::miarec-s3-storage"
        ]
    },
    {
        "Effect": "Allow",
        "Action": [
            "s3:PutObject",
            "s3:GetObject",
            "s3:DeleteObject"
        ],
        "Resource": [
            "arn:aws:s3:::miarec-s3-storage/*"
        ]
    }
]
}

JSON Tab

  1. In the Review policy step, enter a descriptive name for the policy and click the Create policy button.

    Review Policy

3. Create IAM user

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. In the navigation pane on the left, click Users and then click Add users.

    Add users

  3. In the User name field, enter the user name and then select the Access key - Programmatic access check box.

    User Name

  4. On the next step, select Attach existing policies directly and then select the previously created policy from the list. Use the search box to find the policy by name.

    Attach existing policies directly

  5. Review the settings and click Create user.

    Create user

  6. In the last step, copy Access Key ID and Secret access Key and store them in secure place. We will use it for configuring storage target in MiaRec.

Copy Access Keys

4. Add Cross-Origin Resource Sharing (CORS) configuration to an S3 bucket

Cross-Origin Resource Sharing (CORS) allows client web applications that are loaded in one domain to interact with resources in another domain. This configuration is required for our setup because MiaRec web application is accessible using one domain (for example, https://recorder.example.com), but audio files are located at Amazon S3 domain (https://s3.amazonaws.com)

To add a CORS configuration to an S3 bucket:

  1. Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. In the Buckets list, choose the name of the bucket that you want to create a bucket policy for.

    Choose Bucket Name

  3. Copy the following CORS configuration and paste it into the CORS configuration editor field:

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "GET"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": [],
        "MaxAgeSeconds": 3000
    }

CORS configuration editor

  1. Click Save changes.

Configure S3 Storage Target in MiaRec

  1. Navigate in MiaRec web portal to Administration -> Storage -> Storage Targets and click Add.

    Add S3 Storage

  2. In the Name field, provide a distinctive name for a newly created storage target.

  3. In the Tenant field, select the tenant this storage target is associated with. Note, this field is available in the multi-tenant environment only.

  4. In the Type field, select Amazon S3.

  5. Configure S3 Bucket, AWS Access Key ID and AWS Secret Access Key fields accordingly (as configured in Amazon).

    Configure Access Keys

  6. Also, check the following optional settings:

    • S3 Endpoint URL - defines an S3 endpoint URL. Leave this field empty to use a default value. Default value: https://s3.amazonaws.com
    • Region - leave this field empty to use a default value. This option is required when an S3 bucket is created in the region that does not support version 2 signature (basically, these are all regions except us-east-1 and us-west-1).
    • AWS Signature Version - the version of the AWS signature protocol. It is recommended to keep the Default version. If using a server-side encryption or HTTP proxy is required, select the relevant check box.
    • HTTP Proxy Host - the host name of the proxy server, if any.
    • HTTP Proxy Port - the port of the proxy server, if any.
    • HTTP Proxy User/Password- the credentials to authenticate a user agent to a proxy server, if any.

  7. Click Save and Test.

Test Connection

The system will try to establish the connection to the Amazon S3 bucket and will display the status.