Configuring S3 for Bulk Delivery
Introduction
Regrid can deliver bulk data files to clients' AWS S3 Buckets with the steps outlined below. The client provide S3 Bucket will be managed by Regrid's AWS Delivery process and should be used for nothing other than accepting delivery of licensed data from Regrid.
All deliveries are a push process with older files being overwritten by new county files and outdated files being removed by Regrid.
Prerequisites
- Familiarity with AWS S3 Storage Buckets
- Access to your organization's AWS Console or other tools to create and configure an S3 Bucket for delivery
Step-by-Step
- Log in to the AWS Console and view the S3 Service Dashboard
- On the S3 Dashboard, click the orange "Create bucket" button in the top right of the "Buckets" list
- Choose the name for the bucket. This is the name that will need to be put in the Permissions Policy JSON below
- Select a region for the bucket
- Leave "Block all public access" checked. Make sure it is checked if it is not
- Default Encryption settings can be left as default: 'Server-side encryption with Amazon S3 managed keys (SSE-S3)' and Bucket Key 'Enabled'
- Scroll to the bottom, no other options need adjustment
- Click "Create bucket" at the bottom of the screen. If your bucket is successfully created you will be returned to the main S3 Dashboard, and your new bucket will be in the "Buckets" list.
- Click your newly created bucket to configure the Permissions.
- Click on the 'Permissions' tab on your new bucket overview page
- Leave "Block all public access" checked. Make sure it is checked if it is not
- In the "Bucket policy" section, click on the "Edit" button.
- Copy and paste the Permissions Policy JSON below into the "Policy" text field.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "Regrid Bucket Permissions", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::384525388851:user/loveland-data-delivery" }, "Action": "s3:*", "Resource": "arn:aws:s3:::replace_with_bucket_name" }, { "Sid": "Regrid Object Permissions", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::384525388851:user/loveland-data-delivery" }, "Action": "s3:*", "Resource": "arn:aws:s3:::replace_with_bucket_name/*" } ] }
- Make sure the placeholder text 'replace_with_bucket_name' has been replaced in the two (2) places it appears in the text above
- Click the "Save changes" button below the "Policy" box
Email tech@regrid.com with:
- Your bucket's name
- Your bucket's AWS Region
- The format or formats you would like delivered