[SoftNAS KB]: Changing/Rotating S3 Keys

Owned by Former user (Deleted)
Last updated: Oct 15, 2021 by Tom Sheffield (Unlicensed)
1 min read

Symptoms

 Your organization requires that you change your S3 keys on a regular basis in order to ensure security. 

Purpose

This article provides the steps required to switch your S3 keys for a new set. These instructions will be performed on a recurring basis. This article assumes you know how to create/obtain/deactivate S3 keys in the AWS console.

Resolution

  • 1. Log into your instance using SSH.
    • For guidance on how to connect to your Linux instance, click here.
    • For Guidance on how to connect to your Windows Instance, click here.
  • 2. Log into AWS, and create new keys via the Amazon AWS console, under IAM Management. Deactivate the old keys.
  • 3. Encrypt the new key using the cmd_encrypt.php utility in your command shell.


php /var/www/softnas/snserver/cmd_encrypt.php encrypt AKIAXXXXXXXXSPZ5XxXA

php /var/www/softnas/snserver/cmd_encrypt.php encrypt aXj46XcPjSKXxXxXxszZAx2xXxxXqdXxxxQbxM0n


  • 4. Insert the output into /var/www/softnas/config/s3config.ini instead of the old awsAccessKey and awsSecretKey entries.

[global]


awsAccessKey = "BkZWXXXxxXXxSlEMVFBfXXXXXxVUDgcXXxxbCwZfXzQKMVENU1cAQQ=="

awsSecretKey= "VjXXXXX+XXXXXlEEBzAHV1RqAw1XXXXXB3XXXXX9VHpdFwF0UXoEXlXXXXX5UN1NvCV0CfVtgVxEEIVJrUAoXXXX7B2QHVQc7XXXXXlc2DWM="


  • 5. Reboot the instance.
  • 6. Confirm that the S3-backed volumes remain accessible and operational.

Outage required:

None.