AWS S3 Storage Configuration using IAM role
AWS S3 Storage configuration with NirvaShare can be done without using Access and Secret keys, instead IAM role can be assigned directly to EC2 instance where NirvaShare is installed. The IAM role should have permission to access S3 storage. In this document, we will look in to how to create a IAM role and assign the same to EC2 instance where NirvaShare is installed.
AWS IAM Role Assignment for EC2 Instance
To configure the storage, let us create an IAM role that can be assigned to EC2 instance to access S3 storage. To create a new IAM role follow below steps.
- Open IAM service or go to URL https://console.aws.amazon.com/iamv2
- From the left menu, click on Roles and click on Create role button on the top right corner.
- For trusted entity type, select AWS Service and EC2 for use case.
- Click on Next
- For the Permissions policies select AmazonS3FullAccess and click on Next.
- Provide a role name and create it. With this a new role is created that have full access to S3 storage.
- Let us assign the newly created role to NirvaShare EC2 instance.
- Go to the EC2 services and select the NirvaShare instance.
- From the Action menu, select Modify IAM Role as shown below.
- Select the newly created role and save it.
The assigned IAM role on EC2 can be leveraged by NirvaShare to access S3 storage.
- Login to Admin Console of NirvaShare.
- Click on left menu Settings
- Edit the File Storage
- Select AWS S3 from the drop down list.
- Enable the checkbox for Use AWS IAM Role
- Click on TEST to validate the access to storage.
- Save it.