AWS S3 (Simple Storage Service) provides enterprise-grade cloud storage with virtually unlimited capacity, 99.999999999% (11 9's) durability, and comprehensive security features. This guide will help you configure S3 for storing screenshots, HTML archives, and other tracking data from your monitoring tasks.
๐ข Enterprise Benefits
AWS S3 is perfect for businesses requiring scalable, secure, and compliant cloud storage with advanced features like versioning, lifecycle management, and cross-region replication.
Prerequisites
Before setting up S3 integration, ensure you have:
- AWS Account: Active Amazon Web Services account
- S3 Bucket: Created and configured bucket for your files
- IAM User: User with appropriate S3 permissions
- Access Credentials: Access Key ID and Secret Access Key
Step 1: Create an S3 Bucket
Via AWS Console
- Navigate to S3: Go to AWS Console โ S3 service
- Create bucket: Click "Create bucket"
- Bucket name: Choose a unique name (e.g., trackr-bot-storage-yourname)
- Region: Select region closest to you for optimal performance
- Block public access: Keep enabled for security
- Versioning: Enable if you want file version history
- Encryption: Enable server-side encryption (recommended)
Step 2: Create IAM User with S3 Permissions
Create IAM User
- Go to IAM: AWS Console โ IAM service
- Create user: Users โ Create user
- Username: trackr-bot-s3-user (or similar)
- Access type: Programmatic access only
Attach S3 Policy
Create a custom policy with minimal required permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:PutObjectAcl",
"s3:GetObject",
"s3:DeleteObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::your-bucket-name/*",
"arn:aws:s3:::your-bucket-name"
]
}
]
}๐ Security Best Practices
- Never use root AWS credentials - always create dedicated IAM users
- Apply principle of least privilege - only grant necessary permissions
- Enable MFA on your AWS root account
- Regularly rotate access keys
- Monitor CloudTrail logs for unusual activity
Step 3: Configure S3 Upload Channel
In Trackr Dashboard
- Navigate to Upload Channels: Go to your Upload Channels
- Add New Channel: Click "Add New Channel"
- Select AWS S3: Choose "Amazon S3" from provider options
Required Configuration Fields
Basic Settings
- Channel Name: Descriptive name for your S3 storage
- Access Key ID: IAM user access key
- Secret Access Key: IAM user secret key
- Bucket Name: Your S3 bucket name
- Region: AWS region where bucket is located
Optional Settings
- Folder Path: Subfolder within bucket (e.g., trackr-bot/)
- File Naming: Custom file naming pattern
- Storage Class: Standard, IA, or Glacier
- Server-side Encryption: AES256 or KMS
Step 4: Test and Validate Configuration
- Test Upload: Click "Test Configuration" in the channel setup
- Verify in AWS: Check your S3 bucket for the test file
- Check Permissions: Ensure files uploaded successfully
- Save Configuration: If test successful, save the channel
Advanced S3 Features
Lifecycle Management
Automatically manage file storage costs:
- Transition Rules: Move older files to cheaper storage classes
- Expiration Rules: Automatically delete files after set period
- Incomplete Uploads: Clean up failed multipart uploads
Cross-Region Replication
- Disaster Recovery: Replicate files to different AWS regions
- Compliance: Meet data residency requirements
- Performance: Serve files from multiple locations
๐ก Cost Optimization Tips
- Use appropriate storage class for your access patterns
- Enable intelligent tiering for automatic cost optimization
- Set up lifecycle policies to transition or delete old files
- Monitor usage with AWS Cost Explorer
- Consider S3 Transfer Acceleration for faster uploads
File Organization and Naming
Trackr automatically organizes uploaded files with this structure:
your-bucket/
โโโ trackr-bot/
โโโ screenshots/
โ โโโ YYYY/MM/DD/task-{id}-{timestamp}.png
โโโ html-archives/
โ โโโ YYYY/MM/DD/task-{id}-{timestamp}.html
โโโ task-data/
โโโ YYYY/MM/DD/task-{id}-{timestamp}.json
Troubleshooting Common Issues
Access Denied Errors
- Check permissions: Verify IAM policy includes all required actions
- Bucket policy: Ensure bucket policy doesn't deny access
- Credentials: Confirm access key ID and secret are correct
- Region mismatch: Verify region matches your bucket location
Upload Failures
- File size limits: Check if files exceed 5GB (use multipart for larger files)
- Network issues: Temporary connectivity problems
- Bucket quotas: Verify account limits haven't been reached
โ ๏ธ Important Security Note
Keep your AWS credentials secure:
- Never share or commit credentials to version control
- Use IAM roles when possible instead of access keys
- Regularly rotate access keys
- Monitor AWS CloudTrail for unexpected API calls
Monitoring and Maintenance
AWS CloudWatch
- Storage metrics: Monitor bucket size and object count
- Request metrics: Track API calls and errors
- Billing alerts: Set up cost monitoring
Regular Maintenance
- Review access logs: Check for unusual activity
- Update lifecycle policies: Optimize storage costs
- Audit permissions: Ensure minimal necessary access
- Test backups: Verify data integrity regularly
AWS S3 provides enterprise-grade storage with advanced features for businesses requiring scalable, secure, and compliant cloud storage solutions. The comprehensive security model and rich feature set make it ideal for long-term data retention and business-critical applications.
Start Using Enterprise Cloud Storage
Configure AWS S3 integration to leverage enterprise-grade cloud storage for all your tracking data with advanced security and compliance features.
Set Up S3 Storage
