Applications and users frequently share data. Amazon S3 (S3) provides scalable, secure, and cost-effective cloud storage for file sharing and collaboration. While S3 is simple for developers and cloud experts, application end-users can find it daunting to configure and use. Cloud administrators are burdened with enabling secure file and data services for their users. In this blog, Ritu Periwal, Lead Platform Engineer at MontyCloud, explains how DAY2™ simplifies secure file storage and sharing for cloud administrators and users. Cloud Administrators can now enable storage and get continuous visibility into files, in the application’s context in just a few clicks.
– Sabrinath Rao
Applications and users often share files. Common scenarios include users sharing their application files for collaboration, or applications sharing outputs from one process as inputs for the next. AWS customers looking to enable simple and secure file sharing for such scenarios typically use the S3 service for their storage needs. However, S3 is not easy for end-users to use directly. To save and share a file/data set through S3, an application user must understand several options such as storage class, create life cycle rules, configure access controls, and manage object tags. This can be daunting for citizen developers and end-users. Common misconfigurations often lead to security issues such as data leaks.
With MontyCloud DAY2™, now IT teams can enable simple and secure file access to their users. This is a fully managed, hosted and agent less solution. There is no need to setup file servers, configure Amazon S3 or related permissions. Customers do not need to use a VPN either. IT teams can provision a secure S3 bucket at the time of deploying the application. This is transparent to users. End users can instantly store, manage, and collaborate on files with coworkers.
Files stored by users are securely stored in Amazon S3, and only visible to designated contributors. Other members of the organization cannot read or change files unless they are granted access. It is also easy to upload/download files from both local computers that the users are on, and from/to remote EC2 servers without any additional work. Customers can store any type of files (such as logs, media and image files or backups) exceeding 100GB in size. DAY2™ automatically enforces security boundaries, tagging, and captures meta-data for the managed files.
In this blog, let us see how DAY2™ simplifies file access. We will also review how our customer St. Louis University uses DAY2™ to enable file access and collaboration without the need for AWS expertise or having to deal with security requirements and overheads.
Researchers at Saint Louis University collaborate securely without managing S3
Saint Louis University uses DAY2™ Well-Managed Applications to set up operations-ready Jupyter and eLabsFTW intelligent application environments. The researchers use DAY2™ to handle setup of complex AWS infrastructure and cloud management without requiring help from their IT staff.
As different researchers worked together on Jupyter and eLabsFTW applications, they needed to share common files like Jupiter notebooks and research output reports/logs etc. efficiently and securely.
Before MontyCloud DAY2™, to share files between research jobs or with other researchers, they had to select an Amazon S3 storage class, create and manage bucket policies, configure encryption, set block public access, and create lifecycle rules among others. This required AWS expertise and took time away from research areas. Security and Compliance threats were also adding to the overall burden.
Now with MontyCloud DAY2™, intelligent cloud management platform, IT admins preconfigure Amazon S3 with the required permissions as well as governance and cost control policies. DAY2™ automatically creates and manages these buckets in the context and security boundaries of the end-user’s application. The S3 bucket is now available as a folder to the users through their application console. Users can now use the application storage like they would any other storage.
With DAY2™ Application Storage feature, a dedicated storage is created with every application. This includes security best practices that ensure that no-one outside the application boundary can access the application data. Teams can access these stored files that are available to them from within their own applications. Users also can easily and securely upload/download the files from/to other DAY2™ managed servers or the user’s laptop. The solution does not require any third party agents and users don’t have to perform any additional configuration of their servers or storage buckets.
Here’s how our customers use this feature:
Upon logging into DAY2™, application users have access to a dedicated ‘Files’ tab to manage their application storage.
User can organise the files in different folders using ‘Create folder’ link and can do all standard file management operations such as edit/delete etc.
File sharing and transfer
Researchers often need to process a previously saved application-specific file(s). For this they needed to download the file either to their computer or to a remote EC2 server to continue processing it.
From the ‘Files’ tab in their application now it is easy to select one or more files to transfer. The ‘Download’ button provides a choice of destination between their current computer (or) to a remote server that is available to them via DAY2™.
After selecting their file and specifying a target server that is available to them, researchers simply click the ‘Download button’ to transfer to their server and continue their work.
Researchers can also upload files from their local or remote server to their dedicated Application Storage. By navigating to the target folder and clicking on ‘Add Files’ button.
A notification with file transfer status is automatically sent via email and displayed within the DAY2™ application.