fbpx

Setting up Amazon S3 AWS Access

dt logo 1.5inchAll of Drastic's version 6 or greater software supports authenticating directly with Amazon via AWSAccessKeyId/SecretKey through an https transport. This is most useful for Net-X-Code's partial file restore system, but can also be used from videoQC, MediaNXS or MediaReactor.  Accessing these resources requires a second level of setup, beyond the basic software setup, and this article provides an overview on that process.

Amazon S3 Cloud File Access

Drastic software supports direct access to cloud resources using http, http2, ftp, s3 and other file sharing methods.  For cloud providers like Amazon, an authentication system is also required to access the stored files. 

As an example, this section will go over the steps required to set up access to an Amazon S3 Cloud 'bucket' from Drastic software. The steps are operating system independent, other than the directories in which the access files are stored.  With the access file, they should be set up to be read only by the Drastic software, as they will contain sensitive information that could be used to access your cloud files.  For the purposes of this article, you will need to use one of the following directories:

S3 Bucket Access Setup

Windows:
C:\ProgramData\Drastic\
Alt - C:\Documents and Settings\<username>\Drastic\

Linux:
/etc/Drastic/
Alt - /Home/<username>/Drastic/

OS-X:
/Library/Applications Support/Drastic/
Alt - /Home/<username>/Drastic/

In order to access Amazon automatically, you will need to generate a <bucketname>.csv (note, for version 6 this was called rootkey.csv and there was only one) with the AWSAccessKeyId and AWSSecretKey, and save it in the OS specific directory above.  The file should look something like this:

AWSAccessKeyId=MEOWJDSIONGFSUIGNWCAT*
AWSSecretKey=djJFASTjfowljgwowf8473sdjhH*
AWSRegion=us-east-2

* - please note, this are not real access/secret keys. Please replace with your own.

s3://s3.amanzonaws.com/netxcode-pft

would have the file

netxcode-pft.csv

in the directory with the AWSAccessKeyId/AWSSecretKey/AWSRegion valus in it.

And the naming would be just your bucket name with a csv extension.  For example:

You can also setup a different default region, for csv files that do not specify one.  If one is not specified and a default is not set, the default is 'us-east-1'.  To change this to your region, either edit the config.xml file, or run DDRConfig and change the value on the Advanced page under MediaReactor/Default - AWSRegion

DDRConfig AWSRegion config

Once that files are present, Drastic software will use it whenever accesses to Amazon S3 AWS is attempted.  If you need to access public S3 data, then simply do not make a <bucketname>.csv and make sure you do not have a rootkey.csv file.  Please note, you can also specifiy the ID/Secret on the URL request instead.  To do this you must provide the id and  separated by a colon (:) and the site name must be separated with an at sign (@):  https://<id>:<secret>@s3.amazon.com/<bucket>/<file>.  There is an example of this access at the bottom of this article.

To generate the key, log into aws.amazon.com. 

https://console.aws.amazon.com/iam/home#/security_credential

Under your username at the top right, select 'My Security Credentials'. 

UserCredentialsAccess

 

On that page, expand the 'Access keys (access key ID and secret access key)'. 

AmazonAccessKeys

There you can create new access key(s) and save them to rootkey.csv on your server in the format above.

Adobe PFR Bucket Searching

If you are using our Adobe PFR to partially restore files from S3 and rebuild Adobe projects to use them, then you may have more then one bucket you need searched.  To set this, create a <bucketname>.csv with the credentials for each bucket you are going to search.  To let NetXCode know what buckets and their search order, you will make a list of them, seperated by '*' like this

s3://s3.amazonaws.com/netxcode-pft*s3://s3.amazonaws.com/drastic-public*s3://s3.amazonaws.com/drastic-private

This string can be placed in the HTML UI, or if you are not going to change it a lot, it can be added to the NetXCode.conf or registry area under the main area using the searchDir key

Windows (regedit):

Computer\HKEY_CURRENT_USER\Software\Drastic\NetXBase

netxbase registry searchDirs

Linux (conf)

~/.config/Drastic/NetXBase.conf

[general]
searchDirs=s3://s3.amazonaws.com/drastic-pfr-mezz*s3://s3.amazonaws.com/drastic-public

Access Strings

With rootkey.csv Or Public Access

https://s3.amazonaws.com/drasticpublic/matrox_proxy0.m4v

https://drasticpublic.s3.amazonaws.com/matrox_proxy0.m4v

s3://s3.amazonaws.com/netxcode-pft/sourceABR.mp4

With Direct Id/Key

Direct access without a rootkey.csv is also supported by providing the ID:SecretKey on the URL before the site.  The two parts must be separated by a colon (:) and the site name must be separated with an at sign (@):  https://<id>:<secret>@s3.amazon.com/<bucket>/<file>.

https://MEOWJDNGFSUIGNWCAT:This email address is being protected from spambots. You need JavaScript enabled to view it./netxcode-pft/sourceABR.mp4

https://MEOWJDSIONUIGNWCAT:This email address is being protected from spambots. You need JavaScript enabled to view it./sourceABR.mp4