Storing Into AWS S3
Overview
With PortSIP PBX, you can write your Video Recordings and Compositions to your own AWS (Amazon Web Services) S3 bucket, rather than a local disk. This guide explains how you can set up your own account or project to use this capability.
Note: Once you activate external S3 storage, PortSIP PBX will stop storing uploaded files (voice prompts, profile pictures, audio/video recordings) into the local disk. It will be your responsibility to manage the security and lifecycle of your recorded content.
Use this feature when you need to meet compliance requirements that exclude reliance on third-party storage.
Warning: Once you configure the PBX to store recording files using Amazon S3, please be aware of the following:
The historical recordings stored on the PBX server’s local disk will no longer be accessible. Therefore, it is recommended to set up Amazon S3 storage before you start making and receiving calls.
Do not turn off the Store to S3 option once it is activated. This would prevent PBX from accessing historical recordings and interrupt the process of storing new recordings in Amazon S3.
Prerequisites
Debian 11/12, Ubuntu 20.04/22.04/24.04, 64-bit
PortSIP PBX is deployed on AWS EC2
AWS EC2 instance(s) located within the same region as S3
Step 1: Create an IAM group and user
Navigate to the Identity and Access Management (IAM) menu, select Access Management, and then click on the Add User button.
Input a name for the user, such as s3store, select Programmatic Access, and then click Next.
3. Click on the Create group button to create a new group.
You can choose to add this user to an existing group rather than create a new group but must grant AmazonS3FullAccess permission to this existing group.
4. Enter a name for the group, for example, portsip-pbx-s3, Choose AmazonS3FullAccess Policy name, and click the Create group button.
Once the group is successfully created, select it and click the Next button. You have the option to add tags to this user, or you can simply skip this step by clicking the Next button.
After the user is successfully added, make sure to note down the Access Key ID and Secret Access Key as shown.
Step 2: Create an S3 bucket
Navigate to the Amazon S3 menu and click on the Create Bucket button to establish the S3 service that PortSIP PBX will utilize for storing recording files. Please pay attention to the Buket name, AWS Region, and the Object Ownership as the below screenshot.
The AWS Region must be chosen as the same region with your PBX installed. Remember to make note of the following, which you will need later:
The bucket-name.
The bucket-region. This is the AWS region where your S3 bucket is located.
Click on the Create button then the S3 bucket will be created.
Step 3: Modify the PortSIP PBX settings
Open the settings file:
On Linux is
/var/lib/portsip/pbx/system.ini
On Windows is
c:/programdata/portsip/pbx/system.ini
In the section apigateway, modify the value of the key storage to s3 as shown below.
Edit the section storage.s3 as shown below.
endpoint: This is an HTTP URL, replace the region-code with the actual region name. For example, if the EC2 and S3 region name is us-west-1, then it will be http://s3.us-west-1.amazonaws.com.
Region names can be found via this page: https://docs.aws.amazon.com/general/latest/gr/rande.html
If your EC2 and S3 are in the China region, in the endpoint URL the amazonaws.com should be amazonaws.com.cn.
cred_id: It's the Access key ID of the IAM user noted whilst creating the IAM user.
cred_secret: It's the Secret access key of the IAM user noted whilst creating the IAM user.
region: The region name (region code) of the EC2 instance and S3. For example, if the region is us-west-2 then use the actual region name to replace it.
bucket: The bucket name of S3. In this example, it's portsip-pbx-storage.
After modifying the parameters for AWS S3, save the changes made to system.ini. You will then need to restart the PortSIP PBX for the changes to take effect.
Step 4: Restart the PortSIP PBX
Linux
Restart the PBX by performing the following commands:
Windows
Restart the Windows Server directly.
Last updated