S3 object storage workflow

Manage S3 access keys

Log in to the YoYotta Server as an admin user.
Then select Admin, Objects in the sidebar.
All the S3 access keys will be listed.

Here is an example of minimum AWS S3 IAM Permissions
To disable downloads remove s3:GetObject
To disable uploads remove s3:PutObject

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetBucketLocation"
            ],
            "Resource": "arn:aws:s3:::your-bucket-name"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject"
            ],
            "Resource": "arn:aws:s3:::your-bucket-name/*"
        }
    ]
}

Or leave the AWS IAM settings as shown above and adjust the Mode options in the YoYotta Server Keys table, choose between Upload+Download, Upload only or Download only.
The mode can also be set to list only, handy to allow a user to check the bucket contents but not have any upload/download access.
For added security limit use of the S3 key to a specific YoYotta Server user, IP address and computer MAC address.
Set an expiry for the key from today or from first use.

Add a new key

Enter a name as a reference
Enter the access and secret keys.
For Backblaze and Wasabi enter the bucket endpoint. This is not needed for AWS S3 storage.
If the key allows access to multiple buckets you can limit which ones can be accesed by adding one or more bucket names.
Also the prefix can limit access just to certain folders inside the bucket.

Activate required keys

There are two ways to toggle the key's Active flag.

• Alt click in the cell
• Select the cell and click the edit button in the table toolbar

The YoYotta Mac client has to log into the server and will only see active keys.
Keys are secure, as they are never stored and cannot be viewed on the Mac.

Choose the upload bucket

Here the active buckets are listed.
Choose a bucket

Check the paths

Click on Edit Path... to set the required destination paths.

Set the Upload speed

Open the Server setup panel and click the S3 button.
Set the maximum transfer speed. Limiting the speed is a good idea if the internet connection is shared.

Start the upload

The upload progress is shown. The speeds are bits per second. Divide by 8 to get bytes per second.

Upload completed

When viewing a storage bucket in the Source Browser the storage class for each object is listed in the S3 Class column.
The Restore column shows if an object can be downloaded. If there is a red status then this means that the object must be restored from Glacier storage before it can be downloaded.
Use the AWS S3 Console to initiate the restore. Whilst this is in progress the Restore status will be orange.
YoYotta will automatically skip objects that are not available for download.

• S3 Standard
General purpose storage for frequently accessed data
• S3 Standard IA
Infrequently accessed data that needs millisecond access
• S3 One Zone IA
Re-creatable infrequently accessed data
• S3 Glacier Instant Retrieval
Long-lived data that is accessed a few times per year with instant retrievals
• S3 Glacier Flexible Retrieval
Backup and archive data that is rarely accessed and low cost
• S3 Glacier Deep Archive
Archive data that is very rarely accessed and very low cost

Select a bucket

Click the + button above the job table.
The active buckets that have been setup on the YoYotta Server will appear.
Select S3 Buckets in the dropdown in the bottom left.
Select the bucket.
Click Add Selected

View bucket contents in Source Browser

Note that thumbnails will only be shown if this Mac was used to index and create thumbnails of the content before uuploading to S3 storage.

Select and add a source bucket as shown above.
Add a destination.

Start the download

All files downloaded