This article refers to MSP360 Explorer 4.0.8, MSP360 Drive 1.4.3 and later.
Here in MSP360, we improve our products to help you build a more reliable, effective and secure environment. So here's the news for Amazon storage users:
- You can run MSP360 products on Microsoft Windows Server powered Amazon EC2 instances,
- And do it securely with Amazon Identity and Access Management (IAM) Roles.
The option is already available with MSP360 Explorer and MSP360 Drive.
Why is it important? Before now, you had to securely transfer your AWS access keys to the MSP360 products. You also had to track the key usage and implement security best practices on your own.
Now, when you launch an EC2 instance with MSP360 Explorer on board, and a proper IAM role assigned, the temporary AWS security credentials are securely provisioned to your instance and made available to MSP360 product . The temporary credentials are then automatically rotated for you multiple times per day to enhance security. Refer to this AWS blog post for details.
So, Amazon recommends using IAM roles in favor of AWS credentials or access keys. Once compromised or tampered, the latter can give access to your sensitive data, whilst IAM roles allow you to grant granular access to desired AWS resource.
Read the rest of this post for detailed instructions on installing and running MSP360 Explorer on Amazon EC2.
Running MSP360 Explorer on Amazon EC2
To start using MSP360 Explorer in the cloud, complete the following four steps:
Step 1: Create IAM Policy
- In the AWS Management Console, navigate to IAM | Roles.
- Click Create New Role.
- Supply a descriptive name for your role and click Next Step.
- Click Select next to the Amazon EC2 role type.
- Select the AmazonGlacierFullAccess and/or AmazonS3FullAccess policies and click Next Step.
- Review the settings and click Create Role.
Step 2: Start an EC2 instance
- In the AWS Management Console, navigate to Amazon EC2 | INSTANCES.
- Click Launch Instance.
- Browse to the machine you want and click Select.
Note: Amazon EC2 features a plenty of EC2 instance types. Refer to pricing as well to pick the proper machine. - Select the instance type and click Next: Configure Instance Details.
- Select the IAM role you have created and click Review and Launch.
Important: you will not be able to change the IAM role for your instance later on, so make sure have picked the proper one.
Step 3: Install MSP360 Explorer
- Start your instance and log on to it using the generated credentials and the RDP file. For details, see the AWS documentation: Connecting to Windows Instance.
- Download and install MSP360 Explorer
- From the File menu select New Amazon S3 Account or New Amazon Glacier Account
- Select Use AWS IAM Role Policy.
Step 4: Go!
Now your MSP360 Explorer is ready to work with your S3 or Glacier storage. You can grant access to the instance to particular users so that they can run it and work with MSP360 Explorer right in the cloud!
Do you like our products? Help us spread the word about them. Or make a blog post about us and get MSP360 Explorer Pro for free.
- Introduction to Amazon S3 access tools
- Writing IAM policies
- Mastering Amazon S3 identities
