Internet of Things — Part I

Secure file storage with Raspberry Pi and AWS, by an AWS Solutions Architect

Since its release in March 2012, the Raspberry Pi has become a popular device for builders to create interesting Internet-connected projects. Powered by a cell phone processor and costing less than USD $50 on with case and power adaptor, it is easy to set up and runs Linux and Python. Things become even more interesting when you install the AWS Command Line Interface (CLI) and then access the cloud capabilities of AWS.

In this example I set up a Raspberry Pi (RPi), install the AWS CLI and SAMBA (an open source SMB/CIFS server), and describe how to create a home file share that automatically syncs files to Amazon S3. The result is a secure, offsite, inexpensive data storage solution that is pay-per-use and has no up-front commitment. And you don’t even have to install an agent.

Here’s the parts list:

The first thing to do is to set up the Raspberry Pi, which takes less than an hour. Just follow the quick start guide from the home page. Installing and configuring the SAMBA package was also straightforward; I followed the instructions located here .

In this setup I used a single drive only as Amazon S3 acts as the redundant storage (to say the least). It is also important to note that the current crop of external drives draw quite a bit of power from the USB connection, so I recommend using one with its own power supply.

At this point, you should be able to mount shares from both Windows and OS X computers. In my case, I kept it simple and created a single volume with a login for each family member. Family members can share files on the home network as well as safeguard important files by just dragging them over to the file share folder. This comes in handy when helping the kids with their homework!

Enabling this setup for the cloud is as easy as installing the AWS CLI and creating an IAM user just for the RPi so that it has limited privileges in your AWS account. The AWS CLI is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts (more details at the CLI product info page). As the AWS CLI only requires Python 2.6 or higher, you can install it on the RPi by issuing the shell command pip install awscli.

The next step is to create an AWS Identity and Access Management (IAM) user and associated privileges that will be stored on the RPi. In my case, I created an IAM user for the RPi that is permitted to store and describe files in a specific S3 bucket only. Access to everything else in my AWS account is denied by default.

For the final step, create a shell script that calls an AWS CLI command aptly named sync and set up cron to execute it hourly (For details, see the AWS CLI reference. For details on cron, visit here.) Here’s an example command:

aws s3 sync . s3://mybucket

Amazon S3 storage is designed for 99.999999999% durability and 99.99% availability of objects over a given year. Each file can be as small as one byte or as large as 5 terabytes. I used the AWS us-west-2 region (Oregon) which currently has an S3 standard storage rate of 3 cents per gigabyte per month. My first month storage bill for 100 gigabytes will be a whopping $3.00.

With this solution in place, I have the peace of mind that the many family pictures we have taken are securely stored in AWS in an easy-to-manage, easy-to-use, and cost-effective solution. And it has the added benefit of avoiding lost thumb drives and the classic excuse of “the dog ate my homework”!

Todd Varland
AWS Solutions Architect