How to share AWS S3 files and folders with external users using NirvaShare
Sharing a file or folder from AWS S3 storage with external users is one of the common use cases across industries for business purposes. When it comes to files in S3, it brings up challenges with respect to security aspects such as granting proper access to users, authentication and authorization. With NirvaShare, it is pretty easy to configure and share files with just a few clicks. In this document, we will look at how to configure NirvaShare with AWS S3 storage and share files to external users using a simple Form-based authentication.
Installation
NirvaShare can be installed directly from AWS Marketplace http://aws.amazon.com/marketplace/pp/B09YHRWKJB or manually using CloudFormation Installation Using CloudFormation.
After the installation is complete, proceed further with this documentation.
Verifying the Installation
After the installation is complete, wait for 3-4 minutes for server to come up as it takes time to create schema and initial configurations.
From the browser, access the URL as http://(your EC2 Public IP):8080
This should open up login screen as shown below. You also need to make sure, port 8080 and 8081 is accessable from the EC2 instance.
AWS Access and Secret Keys
To create an IAM role and configure the storage in NirvaShare with S3 buckets, please refer to the documentation below.
Login Profile for Form based Authentication
To password protect a shared File/Folder, a login profile is required to be created which will enable authentication for the shares. In this exercise, we will create a simple Form based login profile (Single User) and refer to below documentation.
Sharing File/Folder
Now we are good to share a file/folder with a user that is based on the Login Profile we created. Multiple Shares can be created for the same login profile. Let us create a Share for a folder that you like to share with the user. Please refer to the below documentation on how to create a new share for a file/folder, associate to a login profile, and share the same with the user. During the configuration, for the authentication, please select the login profile that we created from the above section.
SSL and Domain Names
For testing purposes, File/Folder can still be shared to user without SSL and domain name, but however for production deployment or to integration with external identity providers, you will require domain name and SSL to be configured. Please refer to below documentation.