Cloud storage, Cloud computing Wasabi cloud storage tutorial | Creating buckets, users, policies, and practical usage example
If you are looking for an alternative to amazon s3 it’s, a good option i have already created an account with waspi signing up with wasabi is a fairly simple process. I have written about all that in my detailed review on my blog. I will include the link to that in the description below next. I am going to log into my account for that. There is a sign in button at the top click on that which takes me to the address console.wasabisis.com from there. I can login to my account with my root account, email and password click sign in, and i am logged into the dashboard. If you have used s3 in the past, you can see that this dashboard is comparatively less complex and much easier to use. On the left side, you can see the main navigation menu, which is divided into three sections and data access, users and groups, and your account under the first section that is, data access. You can create packets policies and access keys and and under users and groups. You can create users and assign them to groups and give them roles and permissions, and in the accounts area, you can manage your billing details and also view the root account details by the way. Currently, we are logged in with the root account to view the details of the root account. You can go to the settings section and at the top you can see the root user details which includes the arn account id account name and user id, but most of the time you might want to create sub users, which we will discuss soon.
So now. Let me go to the buckets page and in this video we are going to discuss three main things: how to create a bucket, how to create a sub user and create a policy that is a bucket policy to give the user access to the bucket. We have created, and finally i will also show you how i integrated the bucket with my wordpress backup plugin, so that i can store my backup files to this was remote storage. So now, let’s move on to the first part that is create a bucket click create bucket, and the first thing is to name your bucket. For now i am giving the name as coral nodes 1 and then select a region. You see 5 options here, four from the us and one from europe. Wasabi also supports asia pacific, but for some unknown reason, it’s not being shown here now for now. Let me select the first option that is us west one, then click next and here you can optionally, set bucket versioning and bucket login. If you enable bucket versioning, you can revert to previous object versions if you want, but bucket versioning can increase the data storage costs. So we are keeping it disabled for now and click next review the settings and then click create bucket. Now the bucket has been successfully created. If you want to see the details of the package, click the bucket name and you can see the objects. Currently, we have no objects, that is, we haven’t uploaded any files to this bucket.
Yet so the simple way to upload files to a bucket is to use this interface. As an example, i will show you how you can upload a file, click upload files and then browse files. I want to upload this image so select it and click open. Then click start upload. Okay. Now the object is uploaded and clicking on that on the right side, you can see the object details right now. Our file is private. That means no one can publicly view or access the file, and here is the link to the file. If i open it in a new tab, i should get a. I should get an access denied message and if i make the file public, then refresh the page and i can view the file, let me toggle it back to private, okay, so that’s, basically how you can upload files to a wasabi bucket. Now let us move on to the other settings of the bucket click on the cog wheel, icon at the top and at the top you can see five tabs properties policies combines access, control and utilization, and if i go to policies, this is where you add your Bucket policies and compliance compliance modes prevents the deletion of any objects, but what the disadvantage is? It increases the data, storage costs, access control, the bucket supports four settings, private public reach, public, read or write and authenticate a trip. All buckets are private by default. In short, an access control sets how users can access a bucket, but most often you don’t need to change any of these settings.
As policy is the preferred way to set permissions on a bucket and under utilization. You can see the bucket size information. Currently, it is unavailable, as we have just only created the bucket. Now i will show you how you can create a sub user, go to the usage section, then click create user and then give user a name. I want to integrate my bucket with my web application. That is a wordpress website, so i am creating a user for that purpose, so name the user accordingly and below that you can set the type of access. There are two types: programmatic access and console access. Since i want to integrate it with my web application, i am selecting the first option that is programmatic access, so i check that option and then click next in the next step, you can optionally create a new group and add the user to that group. For now i’m leaving it like that and click next and on the third page, you can attach policies. There are some built in policies here, but for now i’m, not selecting any of this later. I will create a custom bucket policy and attach it to the bucket. So click next and click create user. So here is the access key and secret key. You can download it as a csv file or copy the keys to clipboard. For now i am copying the keys to clipboard. Here i have my code. Editor opened so click a so create a new file here and just paste the keys here and save it somewhere safely.
Okay, so this is the access key and secret key for the user we have just created, but now the user does not have any access to our buckets so to give access. We want to create a new bucket policy and add that user to the policy. So next go to the bucket section: open the bucket go to settings policies, and here we want to add the policy in a json file format, and for that i am going to use amazon’s s3 policy generator search for s3 policy generator, and here it is aws Policy generator by the way wasabi is compatible with s3 that’s. Why we can do the all these things? First select the type of policy here i am going to create an s3 bucket policy. Choose that option then below that. I want to add statements so in this policy. I want to give the user read and write permissions only and no delete capability, as i have mentioned before, i want to integrate my bucket with my wordpress sites, backup plugin here i am using updraftplus, so i don’t want the user to have delete permissions, even if My wordpress website get compromised the person who access it won’t be able to delete my backups from the remote storage that is my wasabi bucket so that’s. Why? I want to give only read and write permissions without delete permission. So the next thing is under the principle name principle is a user. We want to find the user’s arn go to users, and here is a user we have just created, and this is the principle paste.
It select actions so read, permission is get object, get object and write is put, object, put object, okay and next give the amazon resource name. The source name is the name of our bucket. That is this copy. It and paste it also reading and writing happens inside the bucket. So at the end of the amazon resource name, add a slash and add a star symbol. Then click add statement. So here is the first statement. We also want to grant the user the ability to list the buckets, so we want to add one more statement again. The principal name is the same action list bucket. Where is it list bucket and for a iron? It happens on the bucket, not inside that. So we want to select this without the slash star copy it and paste. It then add statement, read, write and list click generate policy, and here is our policy. Json text copy it to clipboard paste it into somewhere safely new file, paste it and then paste it into the policy editor on wasabi. So our policy is valid. Then click save so here you can see that our policy basically consists of statements. Here we have two statements: the first statement grants the user with read and write permissions that is shown here with the action array that is get object and put object, and the user is specified here under principle. In the second statement, the principle is the same. That is our user web app one and the action granted is list bucket i’m going to my wordpress dashboard, and i want to integrate it with a draft plus go to the settings tab, and here you can see the remote storage options available.
You can see s3. Google cloud, backplace etc, but wasabi is not listed by default, so we will choose s3 compatible generic option and then mention the s3 access key and secret key. Remember the keys we have already copied. So let me grab the keys from here access key and paste. It here same with the secret key, and now we want to give s3 location s3 generic – that is s3. Generic, is the protocol and give the bucket name here. So what was my bucket name? Coral notes? 1 and lastly, we want to provide the s3 endpoint. I want to find the endpoint, so endpoint is the url of the bucket so open this file, and here you can see this is the url of the file. So the endpoint is https s3 dot uswest one dot, wasabicis.com copy. This link address and paste. It here delete the last parts. Okay. Now, if i click test s3 settings, i am getting some error here and i have figured it out. The error happens because i should not have given this https part so remove https. You don’t need to specify the protocol so for the s3 endpoint field just give the address of the endpoint that’s it. Now. If i click test s3 settings, i can see that the s3 settings test result resist success. We accessed the bucket and were able to create files within it, but delete failed. That means our application was able to access the bucket, read the files and write files into it, but it was not able to delete the file.
That means our bucket policy is working. Fine that’s exactly what we required. Click, ok, save the changes. Select this option as well send this back to remote storage and click, backup, now uploading files to remote storage. The backup is finished successfully, and here it is. I will show you one more way to access your bucket and use it to store your files, so for that we are going to use this application. Wasabi explorer for cloud storage, it’s a desktop application that you can use on windows and other operating systems. I have installed it here already. Let me open it. I can add a new wasabi account for that. I am going to use the same access key and secret key. We have created and also give a display name. You can give any name my bucket and test connection connection success. So click, ok and we have successfully connected to the package close it, and this is the interface on the left side. You can see the local storage, that is my desktop computer and on the right side, i want to select the remote storage select source, as my bucket and in the address bar enter your bucket name and it’s retrieving data right there. You can also see the backup files we have just uploaded from our wordpress website and suppose i want to upload another file from my computer to the remote storage. I can just drag it and drop it click. Yes, and here is the file we have just uploaded.
So that’s another way to manage the files on your buckets that’s, the basics of how you can use wasabi buckets.