Scheduled reports can be sent by email or saved into an AWS S3 bucket for the purpose of
integrating with 3rd party tools or for archiving reasons,
Cloudyn uses the AWS account authentication principle (User or Role as provided by the user)
to try and save the reports to the desired bucket, in order to do so we try to save a simple text
file to the bucket (file name: “check-bucket- permission.txt”).
This means that you will need to provide the Role or User used by Cloudyn the PutObject
permission to the desired bucket.
You may use an existing bucket or create a new one for the purpose of saving Cloudyn reports,
please keep in mind that it is up to you to manage the storage class, setting lifecycle rules or
removing any unnecessary files, using S3 will occur additional costs
Assigning appropriate permissions to your AWS User or Role
- Create New Policy.
First you will have to create a policy with the exact permissions needed to save a report to a S3
1. Login to your AWS console and select “Services” at the top of the screen.
2. Then select IAM from the list of services.
3. Select “Policies” from the left side of the console and then “Create Policy”.
4. Select “Create Your Own Policy”, give it a name (for example “CloudynSaveReport2S3”)
5. Copy and paste the policy attached for creating one policy that allows saving a report to a S3 bucket, please make sure to replace <bucketname> with your bucket name.
2. Attaching the Policy to Cloudyn Role or User in Your Account
To attach the new policy, you will need to enter your AWS console and
Edit the Role or User that is used by Cloudyn.
- Login to your AWS console and select “Services” at the top of the screen
- Select IAM from the list of services
- Select either role or users from the left side of the console
a. For Role:
i. Click on the Cloudyn Role
ii. Under the permission tab click on “Attach Policy”
iii. Search for the policy you have created above and mark the
checkbox, then click “Attach Policy”
b. For User:
i. Click on the Cloudyn User
ii. Under the permission tab click on Add Permission
iii. Under the “Grant Permission” section, select “Attach existing
iv. Search for the policy you have created above and mark the
checkbox, then click “Next: Review”
v. Click “Add Permission”
For Role, the result should look like this:
For User, result should look like this:
3. Optional – Bucket Policy Approach
Alternatively, you can set the permission to create reports on your S3 bucket using a bucket policy,
In the classic S3 UI:
- Create or select an existing bucket
- Select properties and expend the Permission tab
- Click Add bucket policy
- Copy and paste the policy attached (optional_bucket_policy.txt) and replace <bucket_name> and <Cloudyn_principle> with the ARN of your bucket and the ARN of either the Role or User used by Cloudyn