Configure AWS S3 Bucket-Based Network Folders
To edit an AWS S3 bucket-based Network Folder:
- Open a browser and log in to the admin portal.
- In the left navigation panel, select Network Folders.
- On the Manage Network Folders window, click the AWS S3 bucket-based network folder, and then click the edit icon (
). - On the S3 Network Folder Details window, set any of the following options:
| Option | Description |
|---|---|
| S3 Key | S3 access key |
| S3 Secret | S3 secret access key |
| Use IAM role | When checked, the S3 Key and S3 Secret fields disappear and the IAM role is used to connect to the S3 bucket. |
| Network Folder Name | Display name of network folder |
| Bucket Name | Name of bucket attached to network folder After September 2020, new AWS bucket names with a "." in them are invalid. However, bucket names with a "." in them created in September 2020 or earlier are still supported. To allow S3 buckets created after September 2020 to have a "." in the bucket name, include the flag TONIDOCLOUD_S3_USE_PATH_STYLE_ENDPOINT in the file amazons3storageconfig.php and set it to 1. |
| End Point | (Optional) AWS S3 endpoint URL. Leave empty if using Amazon's S3 service; the region string automatically selects the correct endpoint. This value cannot be changed once the bucket is created. |
| S3 Region | The geographical AWS region where the bucket is created. |
| Prefix | A prefix to add to the network share paths to create different paths within buckets |
| S3 Encryption Setting | No Encryption When this option is set the files in the S3 network share are not encrypted. Amazon S3-Managed Key encryption When this option is set the files are encrypted. Server-side encryption with Amazon S3-managed encryption keys (SSE-S3) employs strong multi-factor encryption. Amazon S3 encrypts each object with a unique key. As an additional safeguard, it encrypts the key itself with a master key that it regularly rotates. Amazon S3 server-side encryption uses one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256), to encrypt your data.
Amazon KMS-Managed Key Encryption When this option is set the files are encrypted using AWS KMS key. AWS KMS uses customer master keys (CMKs) to encrypt your Amazon S3 network share. You use AWS KMS via the Encryption Keys section in the IAM console or via AWS KMS APIs to centrally create encryption keys, define the policies that control how keys can be used, and audit key usage to prove they are being used correctly.
Note: Unlike S3 managed storage encryption, enabling encryption in Network Shares encrypts only newly added files and does not encrypt existing files. |
| Disable Offline Sync | Enabling this option will prevent this network share from being available for sync via FileCloud sync client |
| Disable Notifications | Disable some or all S3 Network Folder notifications for users with access to the folders. See Disable notifications for Amazon S3 bucket-based Network Folders, below. |
| Sharing | Sharing the content of the network share can be disabled or enabled using this option
|
Allow Remote Deletion of Files via Offline Sync | Enabling this function will allow deleting files in the S3 Bucket if the files are deleted in the synced client. By default deletes are not propagated to S3 bucket when deleted via Sync client. |
Disable notifications for Amazon S3 Network Folders
By default, notifications are enabled for network folders. This means that all users who have access to a network folder and have notifications enabled receive notifications about all actions on the folder.
However, since multiple users may have access to the same network folder, users may receive notifications about actions that don't interest or don't apply to them.
There are various ways you can limit their access to these notifications. First disable notifications for the folder, and then override the setting only for notifications that you want to permit.
- Disable notifications for the folder:
- Click Network Folders in the left navigation menu to display the list of network folders
- Click the Edit button for the network folder.
The Network Folder Details dialog box opens. - Check the Disable Notifications box.
- Click Update.
- Do one of the following:
- Leave all notifications about actions in the folder disabled.
By default, admins and users can override this setting. An admin can enable notifications about the folder for specific users, or users can enable their own notifications for the folder.
If you do not want users to be able to override this setting, you must disable file change notifications in Settings > Misc > Notifications. See Notifications for File Changes for help. - Enable notifications about the folder for specific users.
This is useful if you want to limit the users who receive notifications about a network folder to those you have shared it with.
See the various options for setting users' notifications in the section Managing User-Defined Notifications. Allow users to enable their own notifications about the folder.
See the options users have for setting their own notifications in the section Notifications.
- Leave all notifications about actions in the folder disabled.