Our support site has moved to https://support.intuiface.com

Creating an Amazon S3 account for use with Management Console

If you want to use the Amazon Web Services (AWS) S3 connector in the Share and Deploy console to share experiences with other users or to deploy them remotely, it is highly recommended that you create a dedicated user on AWS.

For security reasons this dedicated user should only have the right to read, write and delete the content of one AWS/S3 bucket. You (or someone from your IT Department) should be comfortable with AWS principles and you should already have an AWS account.

They are many ways to create such a user with the correct rights. A simple way is the following:

  • in AWS/S3 create a dedicated bucket, named for example myBucket, in the nearest AWS region.
  • in AWS/IAM create a new dedicated user, named for example mcUser. Record this new account's ID and Access Key credentials, which look like very long random strings. Example :
    • Access Key ID: AKIAI6ZYK6YWFLMEGELA
    • Secret Access Key: R7tA7fKzVb+fHe9WEDZQC9VVxjWvDf3e2halu3qt
  • in AWS/IAM create a new dedicated group, named for example mcGroup. Give this group the rights to "DeleteObject", "GetObject", "ListBucket", and "PutObject".
    • This can be done in AWS/IAM by using the Policy Generator when creating the new group. In the Policy Generator, select the service "AWS S3", select the actions mentioned above, and apply them to two Amazon Resource Names: arn:aws:s3:::myBucket and arn:aws:s3:::myBucket/*.
    • You can also do it by typing the following policy in the editor available in "Inline Policies" -> "Create Group policy" -> "edit Policy":
{
   "Version": "2012-10-17",
   "Statement": [
    {
      "Sid": "Stmt1396513442000",
      "Effect": "Allow",
      "Action": [
        "s3:DeleteObject",
        "s3:GetObject",
        "s3:ListBucket",
        "s3:PutObject"
      ],
      "Resource": [
        "arn:aws:s3:::myBucket/*", "arn:aws:s3:::myBucket"
      ]
    }
  ]
}
  • then in AWS/IAM, add the user ( mcUser in this example ) to the newly created group ( mcGroup in this example ).

Enter these user credentials and the bucket in the Storage Settings panel of the Share and Deploy console as illustrated in the following figure. Your settings will be different from what you see below.

AWS-S3-config.png