The following steps are necessary to connect an AWS S3 bucket to DRACOON:
Settings in the AWS Console
- Log in to your AWS Console and click Services (1) > S3 (2).
- Click Create bucket (3) (figure below).
- Enter the name for your bucket (4) and assign the bucket to a region (5). The name must be written in lower case, must not contain any special characters (except "-") and must not end with a dash ("-").
- If you have already set up buckets from which you want to copy the settings, you can do this in the last item (6).
- Click Next to go to the configuration of the bucket.
- You must change the following settings to your requirements. To get more information about each item, click Learn more next to the corresponding item.
- After you have made the settings, click Next to go to the permissions. Here, too, you must adjust the settings or authorizations to suit your requirements.
- After you have clicked Next, you will be taken to a brief overview of your bucket settings. A final click on Create bucket will create the bucket.
- Next, the CORS (Cross-Origin Resource Sharing) configuration has to be specified to allow DRACOON to access your bucket. To get to the CORS Configuration, click your bucket, click Permissions (7), and then click CORS configuration (8).
- Enter the following configuration in the text field, replace YOUR_URL with the URL of your DRACOON instance, and then save it by clicking Save (9):
<CORSConfiguration> <CORSRule> <AllowedOrigin>https://YOUR_URL</AllowedOrigin> <AllowedMethod>PUT</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <AllowedMethod>GET</AllowedMethod> <AllowedMethod>DELETE</AllowedMethod> <AllowedHeader>*</AllowedHeader> <MaxAgeSeconds>3000</MaxAgeSeconds> </CORSRule> </CORSConfiguration>
The bucket settings are now complete.
- You need an access key and a secret key. Click Services, IAM (Identity and Access Management) (10), and then click Users (11).
- You can now decide whether you want to create a new user or assign the access/secret key to an existing user. In our case, we add the keys to an existing user.
- Click the relevant user, click Security Credentials (12), and add the keys to the user via the button Create access key (13).
- In the pop-up window that now opens, the access key and, after clicking Show (14), the secret key are displayed.
IMPORTANT: This is the only time when you can view the secret key. Therefore, copy both keys temporarily to a text file, as we'll still need them for the configuration in DRACOON.
The settings on the AWS Console are now finished and S3 can be configured in DRACOON.
Settings in DRACOON
You must own the Configuration Manager role to specify the following settings.
- Log on to the DRACOON Web App, in the Toolbox, click System Settings > Storage, and then select the Configure S3 checkbox.
- Your S3 endpoint for AWS depends on the region in which you created the bucket.
You can find out your endpoint on the following page:
The endpoint you need can be found in the table under "Amazon Simple Storage Service (Amazon S3)". For example, if you selected "EU (Frankfurt)" as your region, your endpoint would be: https://s3.eu-central-1.amazonaws.com
On this page you can also find out the correct name for your region. If we stick to the example "EU (Frankfurt)", then your region, which you have to specify in DRACOON, would be "eu-central-1".
- Enter the access key and the secret key, which you have previously stored in a text file (step 14 above).
- Enter the region of your bucket. In our example, as already mentioned, this would be "eu-central-1".
- Finally, enter the name of your bucket, and then click Save.
- After a short wait, you will be informed whether the configuration was successful or not by a notification in the upper right corner of the Web App:
AWS S3 is now successfully connected to your DRACOON.