Enterprise Administration > File Vaulting and Replication > File Vaulting > Working with External File Vaults > Configuring Windchill File Vaults to Use Amazon S3
  
Configuring Windchill File Vaults to Use Amazon S3
This section explains the configuration to use Amazon S3 when Windchill is running in Amazon Web Services (AWS). You can configure the Amazon S3 using command line tool.
Before you begin
This command line tool consists of configuration fields. PressENTER to skip a specific configuration. The command line tool displays the existing configuration. The configuration is broadcasted to all the registered Fileservers that is, replica sites, automatically.
Run the following command at the Windchill shell to configure Amazon S3 cloud service:
windchill com.ptc.windchill.objectstorage.amazons3.tools.S3ConfigurationTool configure -u <username> -p <password>
* 
In case of a Windchill cluster environment, run the above command from every node in the cluster.
Perform the following steps to configure the account:
1. Authentication Strategy – Type the authentication strategy that will be used for making Amazon S3 requests. Options are SECURITY_CREDENTIALS and IAM_ROLE.
2. AWS Access Key ID — Type the access Key ID for your Amazon S3 account. Applicable if authentication strategy is SECURITY_CREDENTIALS.
3. AWS Secret Access Key — Type the secret access key for your Amazon S3 account. Applicable if authentication strategy is SECURITY_CREDENTIALS.
4. S3 Encryption Configurator Delegate Name — Type the delegate name to choose the encryption type. The encryption type is used to encrypt the content stored on Amazon S3.
5. SSEKMSKeyProvider Delegate Name —Type the delegate name to choose the KMS Key ID. The KMS Key ID is used to encrypt the content stored on Amazon S3.
6. SSECSecKeyGenerator Delegate Name — Type the delegate name to manage the Secret Keys. The Secret Key returned by the delegate is used for encrypting the content stored on Amazon S3.
For more details on encryption, refer to the section Encryption Customization for Amazon S3 Mounts
* 
If the configuration related to delegate names is changed, restart the master and replica servers, for the configuration to take effect.