# Step 6: Use 3rd party softwares to action on vStorage

## Basic use cases

Below are instructions for some common use cases you can perform on S3 Browser:

### **Create / Delete bucket**

* Create and delete a bucket by selecting the **New bucket** button . Now enter **the Bucket name** and select **Create new bucket.**

### **Upload / Download file**

* After creating a bucket, select the bucket you want to upload/download files to. Next, select **Upload/Download** depending on your upload/download needs.

### **Create / Delete Folder**

* You can also create/delete folders by selecting **New Folder** or **Delete**.

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-d7afabfd893344e7ead510631594f20899a040da%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

***

## Advanced use cases

Here are instructions for advanced features you can do on S3 Browser:

### **ACL**

**ACLs** are a feature on S3 that allows you to control access permissions for each object in your S3 bucket. They define which users or groups of users can access the object and what actions they can perform, such as downloading, uploading, deleting, or overwriting the object.

To set up ACL for a bucket using S3 Browser, right-click on the bucket, then select Edit Permission (ACL). In the permission section, check the permissions you want to grant to the user. For more details, see <https://s3browser.com/share-s3-bucket-edit-acls.aspx>

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-fbe1e03beefdc591669021e9f18e78e752c5b2d6%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
**Attention:**

* Unlike farm HCM03, on farm HAN02, if you want to share public access to a bucket – meaning allowing **everyone** to access (e.g. to download files, view photos, etc.) – you must use **Bucket Policy** to clearly define that access. For example, a Bucket policy to allow public **read object**:

```json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::your-bucket-name/*"
    }
  ]
}

```

Trong đó:

* `"Principal": "*"` means everyone (anyone).
* `"Action": "s3:GetObject"` means to allow the action getting the object (file).
* `"Resource": "arn:aws:s3:::your-bucket-name/*"` applies to all objects in the bucket.
  {% endhint %}

### **SSE-S3**

SSE-S3 (Server-Side Encryption with S3 Managed Keys) is a server-side data encryption feature provided by Amazon S3. With SSE-S3, your data is automatically encrypted when uploaded to S3 and automatically decrypted when you download it. **To implement this feature on S3 Browser, you need to use S3 Browser Pro version. If your application does not currently support the implementation of the feature, please submit a request to use the feature via a ticket to GreenNode.** For more details, please visit <https://s3browser.com/amazon-s3-server-side-encryption.aspx>

### **SSE-C**

**SSE-C** (Server-Side Encryption with Customer-Provided Keys) is a server-side data encryption feature provided by Amazon S3. Like SSE-S3, SSE-C encrypts your data automatically when it is uploaded to S3 and decrypts it automatically when you download it. However, with SSE-C, you provide and manage your own encryption keys, instead of using keys managed by AWS. **To implement this feature on S3 Browser, you need to use S3 Browser Pro. If your application does not currently support the implementation of the feature, please submit a request to use the feature via a ticket to GreenNode.** For more details, please visit <https://s3browser.com/amazon-s3-server-side-encryption.aspx>

### **Object Locked**

**Object Lock** is a feature that protects your data from being deleted or overwritten for a fixed period of time or indefinitely. It uses the **WORM** (Write Once, Read Many) model, which means that once an object is uploaded to S3 and locked, it cannot be deleted or changed by anyone, including the root user.

To set up Object Locked for a bucket using S3 Browser, when creating a new bucket, you need to select the **Enable S3 Objected Lock** optio&#x6E;**.**

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-4d4813d703970e23a88baa4608d3dda430471011%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

Next, when the bucket is successfully created, right-click on the bucket, then select **Object Locked** . You can set the object locked in both **Retention** and **Legal Hold** modes through S3 Browser. For more details, please visit <https://s3browser.com/amazon-s3-object-lock.aspx>

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-df0ff95d57559baff40285e6b0ddecf652d83b80%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

### **Versioning**

Versioning is a feature that supports storing multiple past versions of objects stored in a bucket. You can use versioning to save, retrieve, and restore any version of an object stored in your bucket. When versioning is enabled, when uploading/deleting an object, instead of deleting the object from the system, we will move the deleted or overwritten objects to the versioning version. From there, you can easily restore mistakenly deleted objects or download old versions of data when needed.

To set up Versioning for a bucket using S3 Browser, right-click on the bucket, then select **Edit Versioning Settings** . For more details, see <https://s3browser.com/amazon-s3-versioning.aspx>

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-e2c7378025888f3c11932ed376e4ff022bdf611c%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

### **Lifecycle rotation**

**Lifecycle rotation** is a feature that manages the lifecycle of objects in a bucket. This feature allows you to automate actions such as deleting objects after a certain period of time.

To set up Lifecycle rotation for a bucket using S3 Browser, right-click on the bucket, then select **Lifecycle Configuration** . For more details, see <https://s3browser.com/bucket-lifecycle-configuration.aspx>

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-e7bde1687803613ca3dc7857bd8594913828159a%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

### **Lifecycle transit**

**Lifecycle transit** is a feature that manages the lifecycle of objects in a bucket. This feature helps you store objects cost effectively throughout their **lifecycle** by **transitioning** them to lower-cost storage classes.

Supported transitions are displayed on a diagram below:

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-fb904cddcf4bb000a30fc311818dc0393e22dc84%2Ftransit_diagram.png?alt=media" alt=""><figcaption></figcaption></figure>

To set up Lifecycle transit for a bucket using S3 Browser, right-click on the bucket, then select **Lifecycle Configuration** . For more details, see <https://s3browser.com/bucket-lifecycle-configuration.aspx>

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-e7bde1687803613ca3dc7857bd8594913828159a%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

### **CORS**

CORS (Cross-Origin Resource Sharing) is a security mechanism that allows websites hosted on one domain to access resources from another domain. When you use S3 to host static content and want to access that content from a website hosted on another domain, you need to configure CORS for your S3 bucket.

To set up CORS for a bucket using S3 Browser, right-click on the bucket, then select **CORS Configuration** . For more details, see <https://s3browser.com/s3-bucket-cors-configuration.aspx>

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-55975439183a66b36234829880c65e4b1753acbf%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

### **Public/ Private bucket**

**Public buckets** are a feature that allows users to share buckets publicly in the cloud. Users from outside the internet can access the bucket through a URL without having to authenticate access to the system. Public access poses a security risk, so if your scenario does not require such access, we recommend that you do not enable public access to the bucket. At any point, if you no longer want the bucket to be public, you can make the bucket private.

To set a bucket to public using S3 Browser, right-click on the bucket, then select **Public Access block Configuration** . For more details, see <https://s3browser.com/amazon-s3-public-access-block-configuration.aspx>

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-71baaed2e095a1ce2843a9cf7c2111aaab4fc339%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

### **Bucket policy**

**A Bucket Policy** is a type of access policy used to control access to a specific S3 bucket. It allows you to define which users or groups can access the bucket and what operations they can perform, such as uploading, downloading, deleting, or listing objects in the bucket.

To set up a bucket policy using S3 Browser, right-click on the bucket, then select **Edit Bucket Policy** . For more details, see <https://s3browser.com/working-with-amazon-s3-bucket-policies.aspx?v=11.7.5&fam=x64#amazon-s3-bucket-policies-examples>

<figure><img src="https://1985221522-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F7rE7M1L7GYcwQzNGd0aB%2Fuploads%2Fgit-blob-6c179cf440134fddb4b7d92ec8c5709931db8ff3%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>