Amazon AWS NOP: Difference between revisions

From Prodigix Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
Adding Amazon S3 Bucket:<br/>
<b>Adding Amazon S3 Bucket:<b/><br/>
-Go to aws.amazon.com and log in using Amazon credentials.<br/>
-Go to aws.amazon.com and log in using Amazon credentials.<br/>
-Once logged in, go to "Services" and click "S3" under the "Storage" section.<br/>
-Once logged in, go to "Services" and click "S3" under the "Storage" section.<br/>
Line 65: Line 65:




Adding Amazon S3 IAM Users:<br/>
<b>Adding Amazon S3 IAM Users: <b/><br/>
-Go to aws.amazon.com and log in using Amazon credentials.<br/>
-Go to aws.amazon.com and log in using Amazon credentials.<br/>
-Once logged in, go to "Services" (top left next to the search bar) and Click "IAM" under the "Security, Identity, & Compliance" section.<br/>
-Once logged in, go to "Services" (top left next to the search bar) and Click "IAM" under the "Security, Identity, & Compliance" section.<br/>
Line 111: Line 111:


<br/><br/><br/>
<br/><br/><br/>
Adding Amazon CloudFront distributions:<br/>
<b>Adding Amazon CloudFront distributions:<b/><br/>
-Go to aws.amazon.com and log in using Amazon credentials.<br/>
-Go to aws.amazon.com and log in using Amazon credentials.<br/>
-Once logged in, go to "Services" (top left next to the search bar) and Click "CloudFront" under the "Networking & Content Delivery" section.<br/>
-Once logged in, go to "Services" (top left next to the search bar) and Click "CloudFront" under the "Networking & Content Delivery" section.<br/>

Revision as of 19:39, 31 January 2024

Adding Amazon S3 Bucket:

-Go to aws.amazon.com and log in using Amazon credentials.
-Once logged in, go to "Services" and click "S3" under the "Storage" section.
-Click "Create Bucket".
-Set "Bucket name" to "pdx-(companyname)-store-1". replace "(companyname").
-Under "Object Ownership" select "ACLs enabled" and "Bucket owner preferred".
-Disable "Block all public access".
-Click "Create Bucket".

-Select the new bucket.
-Create a new folder called "backofficemedia".

-Click the "Permissions" tab.
-Click the "Edit" button in the "Bucket Policy" section.
-Copy and paste the following policy. Replace "(companyname)".

NOTE: Make sure to include both { } brackets
{ 

   "Version": "2012-10-17",
   "Statement": [
       {
           "Sid": "PublicReadGetObject",
           "Effect": "Allow",
           "Principal": "*",
           "Action": [
               "s3:GetObject",
               "s3:ListBucket"
           ],
           "Resource": [
               "arn:aws:s3:::pdx-(companyname)-store-1/*",
               "arn:aws:s3:::pdx-(companyname)-store-1"
           ]
       }
   ]

}

-Save the new policy
-Click the "Edit" button in the "Cross-origin resource sharing (CORS)" section.
-Copy and paste the following CORS policy.

NOTE: Make sure to include both [ ] brackets
[ 

   {
       "AllowedHeaders": [
           "*"
       ],
       "AllowedMethods": [
           "GET",
           "PUT",
           "POST",
           "DELETE"
       ],
       "AllowedOrigins": [
           "*"
       ],
       "ExposeHeaders": [],
       "MaxAgeSeconds": 3000
   }

]

-Save the new CORS policy.



Adding Amazon S3 IAM Users:

-Go to aws.amazon.com and log in using Amazon credentials.
-Once logged in, go to "Services" (top left next to the search bar) and Click "IAM" under the "Security, Identity, & Compliance" section.
-Click "Users" on the left hand menu, then click "Add Users".
-Set the username as "nop-admin" and select the "Access key" AWS access type, then click the "Next: Permissions" button on the bottom.
-Click "Attach existing policies directly", then click "Create policy".
-Click the "JSON" tab and replace the default text with the following policy. Replace "(companyname)".

{ 

   "Version": "2012-10-17",
   "Statement": [
       {
           "Sid": "NopAdministratorAccessPolicy",
           "Effect": "Allow",
           "Action": [
               "s3:GetObject",
               "s3:ListBucket",
               "s3:PutObject"
           ],
           "Resource": [
               "arn:aws:s3:::pdx-(companyname)-store-1/*",
               "arn:aws:s3:::pdx-(companyname)-store-1"
           ]
       }
   ]

}

-Click "Next: Tags", then click "Next: Review".
-Set the name field as "NopAdministratorAccess" and click "Create Policy".
-Go back to the add user page, refresh the table, and search for the "NopAdministratorAccess" policy and select it.
-Click "Next: Tags", then click "Next: Review".
-Both the Access key and the Secret key should be viewable but if not you'll need to download the csv to get the keys.
-Go to the clients "Settings" sql server table.
-Execute the following queries after replacing "(accesskey)" and "(secretkey)" with their respective key values.

UPDATE Setting SET
Value = (accesskey)
WHERE Name = 'pdxbackofficesettings.adminaccesskey'
AND StoreId = 0

UPDATE Setting SET
Value = (secretkey)
WHERE Name = 'pdxbackofficesettings.adminsecretkey'
AND StoreId = 0




Adding Amazon CloudFront distributions:
-Go to aws.amazon.com and log in using Amazon credentials.
-Once logged in, go to "Services" (top left next to the search bar) and Click "CloudFront" under the "Networking & Content Delivery" section.
-Click "Create distribution".
-Set Origin domain to the bucket you are creating the distribution for. (this should automatically update the Name field to match but if it doesn't then copy the Origin domain value to Name)
-Set Viewer protocol policy to "Redirect HTTP to HTTPS".
-Click "Create Distribution".

Retrieved from "https://wiki.prodigix.com/index.php?title=Amazon_AWS_NOP&oldid=324"