We'll cover some basics of the S3 Sync Service we provide as part of SmartUpgrade's EXPERT-MODE menu system. This service will allow you to sync a copy of your Call Recordings, VoiceMail boxes, and even other custom directories to an AWS S3 Bucket. An AWS S3 Bucket is a container that can grow to unlimited size and can be priced cheaper than EC2 Volume storage. This provides an convenient unlimited archive to meet legal retention requirements for your business while also allowing you to keep your AWS FreePBX instance tidy by using our Auto File Deletion Service to remove old files after they have been synced to your S3 Bucket. Because S3 Sync needs full access to the AWS S3 Service to manage buckets and files, you will need an Access Key ID and Secret Access Key for your AWS account. This is NOT the same as the .pem/.ppk keyfile you use to connect via SSH; these keys are used to manage and access your AWS account and services directly. You can create/manage your AWS Access Keys here: https://console.aws.amazon.com/iam/home?#/users On this page, you will click Add User. Enter a Username like "S3_Sync" (this is for your reference only) and choose the Programmatic Access option. Then select the Attach Existing Policies Directly tab and search for the AmazonS3FullAccess permission. Once you click the Create User button on the last page, you MUST save the Access Key ID and Secret Access Key (click the 'show' link) for use during the S3 Sync setup. You can also download this information in csv format for your records. EITHER WAY, YOU MUST BE CERTAIN TO SAFEGUARD THIS INFORMATION AS IT GRANTS FULL ACCESS TO YOUR AWS S3 BUCKETS AND WOULD BE VERY DANGEROUS IN THE WRONG HANDS!!! If this information does become compromised in the future, you can return to this page, delete the user, create a new one, and reconfigure S3 Sync with the new keys.
IMPORTANT: We strongly recommend that you ensure your S3 Bucket has the "Remove public access granted through public ACLs" option set via the AWS S3 Console so that your files are never accidentally made public, even in cases of user error or bugs in the s3cmd utility. Think of this as a 'master override' for denying Public access to a bucket and all files contained in it. We recommend against using the other "Block..." options here, especially the "...cross-account access..." option, on S3 Sync Buckets, otherwise an error or bug in s3cmd could result in files not syncing properly.
Now you can connect to your instance via SSH and run the following command to access our SmartUpgrade menu system:
smartupgrade EXPERT-MODE
("EXPERT-MODE" is CaSe SeNsItIvE)
Once in the menu, select S3 Sync. You will then choose the 1st option (install-s3cmd) on the S3 Sync menu to install the service.
It will also prompt you to supply the setup information at this time. First, provide the AWS Key credentials you created on the AWS Console.
If your S3 Bucket is/will be located in one of the US regions, you can accept the defaults (in [brackets]) for the remainder of the settings.
US Regions:
However, if your S3 Bucket is/will be in ANY OTHER REGION, you must manually supply the correct Default Region Code, Region-specific S3 Endpoint, and proper Bucket Template. Use this page to identify the correct Region-specific information for your S3 Bucket:
https://docs.aws.amazon.com/general/latest/gr/s3.html
All Other Regions (we use Asia Pacific-Seoul in this example):
After you Test and Save your settings, you will be presented a list of your existing Buckets. You can choose to use one of them or enter the name of a new Bucket to be created.
Once this initial configuration is entered, you will be taken back to the S3 Sync menu. You can then choose option #3 (S3 Sync Configuration). This is where you will specify which items you want synced (Recordings, Voicemail, or both), how frequently you want the sync to run, and even custom folders to sync to S3 along with your Recordings and/or VMs. As you alter the configuration, you will see this reflected on screen. All changes take effect immediately and/or with the next sync cycle.
If you plan to also utilize the Auto File Deletion Service, you will want to allow a couple hours (up to a full day) to ensure everything has synced to S3 properly before setting up Auto File Deletion.