Skip to content

💾 A stack to create a basic network drive using S3, while enabling all the useful features to make the experience complete.

License

Notifications You must be signed in to change notification settings

0x4447/0x4447_product_s3_drive_private

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

💾 0x4447 S3 Private Drive

This stack was created just speed up the process of creating a S3 bucket as a network storage with versioning configured, and a 30 day window to recover the deleted or older versions of the file. Since this is something we do over and over for our clients, we decided to describe the configuration once, and just within minutes be on our way.

The stack will also create a special IAM Group with a in-line policy that gives any user that is attach to this group the correct rights to interact with the S3 objects. This policy takes in account the enabled versioning, to make it all work.

DISCLAIMER!

This stack is available to anyone at no cost, but on an as-is basis. 0x4447 LLC is not responsible for damages or costs of any kind that may occur when you use the stack. You take full responsibility when you use it.

How to deploy

All you need to do to deploy this stack is click the button to the left and follow the instructions that CloudFormation provides in your AWS Dashboard. Alternatively you can download the CF file from here.

What will deploy?

The stack takes advantage of AWS S3 and AWS IAM Groups. You'll get:

  • 1x S3 Bucket
  • 1x IAM Group

Manual work

After the stack is deployed the only thing left is to create a IAM user or use a pre-existing one and attach to this user the IAM Group that was created with the bare minimum actions needed to work with the bucket.

How to recover deleted files in S3

When you have S3 versioning enabled there is no UI in the AWS Dashboard that can help you recover all the files at once – you can only recover individual files. To recover everything that was delete the command line bellow is going to recover those files for you.

AWS_ACCESS_KEY_ID=KEY \
AWS_SECRET_ACCESS_KEY=SECRET \
aws s3api list-object-versions --bucket BUCKET_NAME --output text | \
grep -E "^DELETEMARKERS" | \
awk '{FS = "[\t]+"; print "aws s3api delete-object --bucket BUCKET_NAME --key \42"$3"\42 --version-id "$5";"}' >> undelete_script.sh

Once the CLI finishes working, you'll end up with the undelete_script.sh file, which will contain in each line a separated action to remove the delete flag from the S3 object. Make sure to review this file, and then set the it to be executable chmod +x undelete_script.sh and run it.

How to work with this project

When you want to deploy the stack, the only file you should be interested in is the CloudFormation.json file. If you'd like to modify the stack, we recommend that you use the Grapes framework, which was designed to make it easier to work with the CloudFormation file. If you'd like to keep your sanity, never edit the main CF file 🤪.

The End

If you enjoyed this project, please consider giving it a 🌟. And check out our 0x4447 GitHub account, where you'll find additional resources you might find useful or interesting.

Sponsor 🎊

This project is brought to you by 0x4447 LLC, a software company specializing in building custom solutions on top of AWS. Follow this link to learn more: https://0x4447.com. Alternatively, send an email to [email protected].

About

💾 A stack to create a basic network drive using S3, while enabling all the useful features to make the experience complete.

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published