AWS S3
Prerequisites
Before setting up the AWS S3 integration, ensure you have:
Setup an IAM user
An IAM user has permanent long-term credentials and is used to directly interact with AWS services like S3.
-
Sign in to the AWS Management Console and open the IAM console
-
In the navigation pane, choose Users, then click Create user
-
Enter a name for the user (e.g.,
dashx-s3-user) and click Next -
Choose Attach policies directly
-
Create a new policy by clicking Create policy:
- Choose the JSON tab
- Paste the following policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::YOUR-BUCKET-NAME/*",
"arn:aws:s3:::YOUR-BUCKET-NAME"
]
}
]
}- Replace
YOUR-BUCKET-NAMEwith your actual S3 bucket name and Click Next - Name the policy (e.g.,
DashXS3Policy) and provide a description - Click Create policy
-
Return to the user creation tab and refresh the policy list
-
Search for and select the policy you just created and Click Next
-
Review the user details and click Create user
-
After the user is created, click on the user name to go to their details page
-
Go to the Security credentials tab
-
Under Access keys, click Create access key
-
Choose Command Line Interface (CLI) as the use case
-
Click Next, then click Create access key
Make sure to securely store your Access key ID and Secret access key. For security reasons, you won't be able to retrieve the Secret access key again after leaving this page.
Setup S3 Bucket Policy
To ensure your S3 bucket has the correct permissions, you need to set up a bucket policy. Follow these steps:
- Open the S3 console.
- In the left navigation pane, choose General purpose buckets.
- In the Buckets list, choose the name of the bucket that you want to set the policy for.
- Choose the Permissions tab.
- In the Bucket policy section, choose Edit.
- Paste the following bucket policy into the editor:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::YOUR-BUCKET-NAME/*"
}
]
}
- Replace
YOUR-BUCKET-NAMEwith your actual S3 bucket name.
- Choose Save changes.
Note: This bucket policy allows public read access to the objects within your bucket. It is essential for enabling users to access the files stored in your S3 bucket via the web. However, be cautious with this setting as it makes your files publicly accessible. Adjust the policy according to your security requirements.
Setup S3 bucket CORS Configuration
- Next, set up CORS configuration for your bucket:
- In the Permissions tab, scroll down to the Cross-origin resource sharing (CORS) section.
- Choose Edit.
- Paste the following CORS configuration into the editor:
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"PUT"
],
"AllowedOrigins": [
"https://YOUR-WORKSPACE-DOMAIN.dashx.com"
],
"ExposeHeaders": [],
"MaxAgeSeconds": 3600
}
]
- Replace
YOUR-WORKSPACE-DOMAINwith your actual workspace domain.
- Choose Save changes to apply the CORS configuration.
Note: The CORS configuration is necessary to allow your web application, hosted on your workspace domain, to interact with the S3 bucket. This setting ensures that your application can perform operations like uploading files to the bucket from the specified domain.
Setup S3 bucket Event Notifications
Before setting up EventBridge rules, you need to enable event notifications on your S3 bucket:
- Open the S3 console.
- In the left navigation pane, choose General purpose buckets.
- In the buckets list, choose the name of the bucket that you want to enable events for.
- Choose Properties.
- Navigate to the Event Notifications section and find the Amazon EventBridge subsection. Choose Edit.
- Under "Send notifications to Amazon EventBridge for all events in this bucket" choose On.
- Save your changes.
Setup Webhooks on Amazon EventBridge
Since DashX performs client-side uploads, setting up webhooks is essential to handle events effectively. Follow these steps to configure webhooks using Amazon EventBridge:
- Navigate to the Amazon EventBridge console at https://console.aws.amazon.com/events/.
- In the navigation pane, select Rules.
- Click on Create rule.
- Provide a name and description for the rule, such as
DashXUploadRuleand click on Next. - Under Build event Pattern, select Use pattern form.
- Set Event source to AWS services.
- For AWS Service, select S3.
- For Event type, select Amazon S3 Event Notification.
- For Event Type Specification 1 select ObjectCreated.
- For Event Type Specification 2 select Specific bucket(s) by name.
- For Bucket name, add your bucket name.
- Click Next.
- Under Select targets, choose EventBridge API destination.
- For API destination, select Create a new API destination.
- Fill in the following details for the API destination:
- Name:
DashXClientAPIDestination - Description:
API destination for DashX client-side uploads - API endpoint:
https://api.dashx.com/webhooks/YOUR-UNIQUE-WEBHOOK-ID- To get the endpoint, log in to your DashX workspace, navigate to the Integrations section, and find the Webhook value for the desired environment. Copy the URL of the webhook you want to use.
- HTTP method:
POST
- Name:
- Set the Invocation rate limit according to your needs.
- Under Connection, choose Create a new connection.
- Fill in the following details for the connection:
- Connection name:
DashXConnection - Description:
Connection for DashX client-side uploads
- Connection name:
- Under Execution role, select Use existing role.
- Choose the appropriate role that has the necessary permissions to invoke the API destination.
- Click Next.
- Review your settings and click Create rule.
Note: This configuration enables forwarding of events from AWS S3 to DashX using EventBridge. Ensure the API endpoint and other settings align with your DashX workspace.