AWS Access Key Integration
-
Print
-
DarkLight
-
PDF
AWS Access Key Integration
-
Print
-
DarkLight
-
PDF
Create an S3 Bucket
- Log in to the AWS Management Console
- Go to the S3 service
- Click on the "Create bucket" button
- Provide a unique bucket name - related to DataLoop
- Make sure Block Public Access settings for this bucket - Block all public access
- For all other optional settings use default values
- Click on the "Create bucket" button
For a step-by-step guide on creating an S3 bucket in AWS, read the AWS documentation.
Create an IAM Policy
- Go to the IAM service
- Click on “Policies” in the left navigation panel
- Click on the "Create policy" button
- Select the JSON tab
- Define policy document in JSON format, like:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowBucketAccess",
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:PutObject",
"s3:DeleteObject",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::<DataLoopBucketName>",
"arn:aws:s3:::<DataLoopBucketName>/*"
]
}
]
}
- Note: Replace <DataLoopBucketName> with the name of the desired S3 bucket.
6. Click on the next button to Review the policy
7. Provide a meaningful name for the policy and an optional description
8. Click the “Create policy” button to finish
Notes:
a. “s3:DeleteObject” action allows DataLoop platform to delete dataset items - please see downstream
b. The resource arn:aws:s3:::<DataLoopBucketName> is required for the ListBucket action
For a step-by-step guide on creating an IAM policy in AWS, read AWS documentation.
Create an IAM User:
- Go to the IAM service
- Click on “Users” in the left navigation panel
- Click on the "Add users" button
- Enter a user name for the new user
- Select "Programmatic access" as the type of access you want to grant the user - Already selected as default
Note: Use the default access type and don't choose console access - Click on the next button
- Choose "Attach policies directly"
- Select the related policy you created for accessing the S3 bucket
- Click on the "next" button
- Click on the "Create user" button to create the user
For a step-by-step guide on creating an IAM user in AWS, the AWS documentation .
Create an Access Key for the IAM User
- Go to the IAM service
- Click on “Users” in the left navigation panel
- Find and choose the desired user whom you want to create an access key and click on the user's name
NOTE: The DataLoop user you created - Click on the “Security credentials” tab
- In the “Access keys” section, click on “Create access key”
- Under “Access key best practices & alternatives” choose “Application running outside AWS”
- Click “Next”
- Add an informative and meaningful description that include DataLoop in it
- Click on “Create access key”
- Copy and save the access key ID and secret access key in a secure location OR download the CSV file containing the keys
NOTE: You’ll need the access key ID and secret access key for the integration phase - Click on “Done” button
For a step-by-step guide including screenshots on setting up a policy in AWS, read here.
Create an AWS S3 Integration on DataLoop platform
- On the Dataloop platform navigate to the left-side panel and choose integrations
- Click on the “CREATE NEW INTEGRATION” button
- Enter a meaningful name for the integration
- Under Type, choose “AWS S3”
- Under Key, enter the IAM user’s access key ID from earlier
- Under Secret, enter the IAM user’s secret access key from earlier
- Click on Create
Create an AWS S3 Storage Driver on DataLoop platform
- On the Dataloop platform navigate to the left-side panel, choose “Data Management” and then click on “Cloud Storage”
- Click on the “CREATE DRIVER” button
- Enter a meaningful name for the storage driver
- Under Integration choose your relevant AWS S3 Integration
- Enter your AWS Bucket name (The one that is relevant to the integration)
- Select the region your S3 bucket is located in
- (Optional) Allow delete items
- Click “TEST” to test if the connection is successful
- Click “Create”