AWS S3 (Simple Storage Service) is a versatile and scalable platform for storing and accessing data in the cloud , designed for high durability, enhanced security, and superior performance. With a variety of storage options ( Standard, Intelligent-Tiering, Standard-IA, One Zone-IA, Glacier, and Glacier Deep Archive ), AWS S3 adapts to different access and budget needs, providing flexibility for your projects.
Below is the step-by-step guide to integrating this solution into your Cloud8 account.
Integrating AWS S3 into Cloud8 #
- Find the “ Integrations ” option in the side menu;
- Create a new integration of the “ Bucket S3 “ Type;
- Enter the name of the S3 Bucket defined in AWS in the “ Bucket” field ;
- Configure the access pair, IAM Role ARN and External ID, provided by AWS. This credential must have permissions to create and update files in your Bucket;
- Fill in the remaining information and click Save.
- This integration also works in Best Practices and in “ Reports ” – you can create the report to be exported
IAM Role #
An IAM role is an entity in AWS IAM that defines a set of permissions for making requests to AWS services. Unlike an IAM user, which is associated with a person, an IAM role is intended to be assumed by any trusted entity, such as an AWS service, an application, or an IAM user. Roles are useful for granting temporary permissions and can be assumed by different entities as needed.
ARN (Amazon Resource Name) #
An ARN is an identifier that follows a standard and unique format for identifying resources within AWS. It is used to uniquely specify the role in policies and permissions.
Role ARN Example #
arn:aws:iam::NUMERIC-ID-AWS:role/ROLE-NAMEUsing IAM Role ARN in S3 #
When you use an IAM role with S3, you can grant specific permissions to access S3 buckets and objects . For example, you can create an IAM role with permissions to access a specific S3 bucket, and then configure an AWS service (such as EC2) or IAM user to assume that role. This is useful for managing and controlling access to S3 resources in a secure and scalable way.
Why use IAM Role ARN? #
- Security: Allows you to grant temporary permissions, minimizing risks.
- Flexibility: It can be assumed by several entities, facilitating permission management.
- Scalability: Ideal for large environments where different services and users need controlled access.
Exports #
- FinOps – Reports => Pivot Table: export all fields of a saved report in CSV format. Use the “My Dashboards” -> “Save New” button
- Best Practices : In “Reports” you can export all data in JSON format. If you choose “Immediately”, we will export every time a new item enters or leaves the rule. Within the JSON, there is an “identifier” that can be used to reconcile an item that was opened and then closed (either because the rule was changed or the client/partner fixed it and so it can be used to close automatically).
- Inventory: Contact Support to set it up.
