StorReduce Single-Server Amazon Deployment Guide 1/3

Step 1 of 3: Create an S3 bucket and IAM Role

The StorReduce server requires access to an S3 bucket to store its data. Using IAM policies and roles is Amazon’s recommended way to give EC2 instances access to an S3 bucket.

Create an S3 Bucket

  1. In your Amazon S3 Management Console click on Create Bucket.

  2. Give the bucket a suitable name, e.g. ‘storreduce-test-bucket’

  3. Select the region in which you intend to run the StorReduce server. This will optimize the speed of your StorReduce server.

    Create Bucket Screenshot

Create an IAM Policy giving access to the bucket

  1. Bring up your Amazon IAM Management Console. Click on Policies, then click on Create Policy

    Create Bucket Screenshot

  2. Select Create Your Own Policy, and give the policy a suitable name (e.g. ‘storreduce-test-bucket-access’)

  3. Paste and edit the following policy document, changing the text ‘storreduce-test-bucket’ to the actual name of your bucket in the two Resource sections:

    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "s3:ListBucket",
            "s3:ListBucketMultipartUploads"
          ],
          "Resource": [ "arn:aws:s3:::storreduce-test-bucket" ]
        },
        {
          "Effect": "Allow",
          "Action": [
            "s3:PutObject",
            "s3:GetObject",
            "s3:DeleteObject",
            "s3:ListMultipartUploadParts",
            "s3:AbortMultipartUpload"
          ],
          "Resource": [ "arn:aws:s3:::storreduce-test-bucket/*" ]
        }
      ]
    }
    
  4. Click on Create Policy

Create an IAM Role using the policy

  1. In your Amazon IAM Management Console. Click on Roles, then click on Create New Role

    Create New Role Screenshot

  2. On the Set Role Name screen, give the role a suitable name, e.g. ‘storreduce-server-role’.

  3. On the Select Role Type screen, go to the AWS Service Roles section and select the Amazon EC2 role type. This will configure the role to allow EC2 instances to access AWS services.

    Role Type Screenshot

  4. On the Attach Policy screen, find and select the Policy you just set up. Changing the filter dropdown to “Customer Managed Policies” can help you find it.

    Role Policy Screenshot

  5. Review the role information and then click on Create Role

The new IAM role can now be used when creating EC2 instances, and will supply those instances with credentials giving them the permissions specified in the role’s policy - in this case access to a single bucket.


Step 2: Create a StorReduce Server on EC2 >>