SkyDoc FAQ’s
Product questions and troubleshooting
Contents of this page:
- How can a role be given access to the AWS record?
- How can roles other than administrator access SkyDoc?
- How can SkyDoc actions be restricted based on role?
- How can access to SkyDoc be customized by role?
- How can I learn more about SkyDoc and how to customize it?
- Can external app data be transferred to SkyDoc?
- What is the blue question mark/status column in the SkyDoc list?
- What is the difference between SkyDoc Folders and SkyDoc Folders List?
- Is the AWS subscription cost included in my SkyDoc purchase?
- Is there a benefit to turning off the “Block Public Access” feature?
- What is involved in the process of moving files to SkyDoc?
- What happens to files in SkyDoc when two records are merged?
- Why aren’t new employees added by saved search not seeing folder access in the “Access to Folders” field?
- Can SkyDoc files attached to records be retrieved through saved search?
- Can users be given view-only access to folders?
- How do I view files in SkyDoc?
- What is versioning in SkyDoc?
- Why is the SkyDoc tab not visible when I create a new record?
- How do I create an AWS S3 account for SkyDoc?
- How do I make an AWS S3 bucket private?
- How do I create a new bucket with existing AWS S3 credentials?
How can a role be given access to the AWS record?
- Navigate to Customizations > Lists,Records & Fields > Record Types
- Click on AWS S3 file record
- Go to the permissions tab, select and add the required roles by selecting level
- Select Access Type as “Use Permission List“
- Save the record
How can roles other than administrator access SkyDoc?
Select the required roles in Setup > SkyDoc > SkyDoc Roles to access SkyDoc for other roles.
How can SkyDoc actions be restricted based on role?
To add additional roles, navigate to Setup > SkyDoc > SkyDoc Roles and select roles.
Roles can be granted permission to perform various actions such as upload, delete, view, attach files, move/copy,etc.
Click on the checkbox to give permissions for all roles, or select desired roles one by one.
Access to AWS records can be granted as follows:
- Navigate to Customizations > Lists,Records & Fields > Record Types
- Click on AWS S3 file record
- Go to the Permissions tab, select and add the desired roles by selecting level
- Select Access Type as Use Permission List
- Save the record
How can access to SkyDoc folders be customized by role?
Folder access for users can be restricted in the following ways:
- Giving access to all employees by clicking on the Access to All Employees checkbox.
- Using a saved search in the Saved Search Employee Access field, which filters users from saved search results and allows them folder access
- Manually select users to whom you would like to grant folder access in the Access to Folder field
Access to folders can only be restricted for certain roles, but not their functionalities.
View our tutorial video on SkyDoc Folders for more information by following the link below:
How can I learn more about SkyDoc and how to customize it?
Visit the Tvarana YouTube page for additional resources on SkyDoc. We also offer a one-time training session on SkyDoc after signup.
Can external app data be transferred to SkyDoc?
Once the Tvarana dev team has the AWS S3 details, your external app data can be transferred to SkyDoc.
What is the blue question mark/status column in the SkyDoc list?
The blue question mark/status column is part of the Approval process for SkyDoc files. The uploaded files are approved either by Supervisor, Expense Approver (or) Purchase Approver for Purchase Orders, Expense Reports and Employee records.
What is the difference between SkyDoc Folders and SkyDoc Folders List?
New folders can be created and viewed in the SkyDoc Folders List. On the SkyDoc Folders page, however, only the folders and files in that folder which the current user has access to can be viewed. Users selected from the SkyDoc Folder Record can be given access to SkyDoc Folders in any of the following ways:
- Access To Folder Field: Users can be selected in the Access to Folder Field to grant them access to SkyDoc Folder
- Saved Search Employee Access Field: Access can be granted to multiple users by creating a search entity and selecting the search in Saved Search Employee Access Field
- Access To All Employees Field: This allows all employees to access the SkyDoc Folder
Is the AWS subscription cost included in my SkyDoc purchase?
No, you will be billed directly by AWS for the storage that you use.
Is there a benefit to turning off the “Block Public Access” feature?
Files can be made either private or public according to your need by toggling the “Block Public Access” feature and clicking on the public/private URL button in AWS record.
What is involved in the process of moving files to SkyDoc?
Files attached to NetSuite records are moved to SkyDoc as the first step. Once you are comfortable with using SkyDoc, these files will be deleted from NetSuite and will exist solely in Amazon S3. Every file uploaded to SkyDoc is stored in the AWS account and can be accessed easily.
What happens to files in SkyDoc when two records are merged?
All SkyDoc files attached to the duplicate record will be moved to the merged record.
Why aren’t new employees added by saved search not seeing folder access in the Access to Folders field?
When a new employee is added to the saved search, Access To Folder field on Folder record will not immediately update for the new employee. A scheduled script that runs every hour updates the Folder Access for new employees added in the search.
1.Navigate to Setup > SkyDoc Setup > SkyDoc External Links. You can use the SkyDoc External Link for users outside of NetSuite
2.You can restrict SkyDoc external access by updating IP addresses in Setup > SkyDoc Roles > IP restriction Field. Make sure to separate multiple IPs by commas
Can SkyDoc files attached to records be retrieved through saved search?
Yes, files attached to item, transaction and entity records can be retrieved using a saved search, and can also be viewed in the saved search results page.
Can users be given view-only access to folders?
View permissions can be granted to desired roles for folders/documents by updating roles and permissions under the Permissions tab on the custom records below.
AWS S3 file record: For Documents
SkyDoc Folders: For Folders
To restrict any role to view/upload files only, go to Setup > SkyDoc > Setup Roles
On this page, you can select the roles and permissions.
How do I view files in SkyDoc?
Files can be viewed in any of the following ways:
- Preview by hovering the mouse over the file name
- By clicking on the View link in the SkyDoc display list in the records
- By clicking on the View button in the AWS record related to the file
What is versioning in SkyDoc?
SkyDoc automatically increments the version number of a file attached to a record with each subsequent upload.
Why is the SkyDoc tab not visible when I create a new record?
The SkyDoc tab does not appear in the record in Create mode. It can be accessed after saving, in View and Edit modes.
How do I create an AWS S3 account for SkyDoc?
- Create an AWS Login
- Provide these credentials to connect SkyDoc to Amazon S3
- You’ll receive a confirmation email welcoming you to Amazon Web Services
- Enter Contact Information
- Enter Payment Information
- Only Credit Card Accepted
- Identify Verification
- Enter a phone number where Amazon can call you and enter the PIN number displayed on your browser
- Support Plan
- Select Basic (Free)
- You’ll receive a confirmation email stating AWS Support (Basic) was selected.
- Confirmation
- You’ll receive a confirmation email stating your AWS Account is Ready
Create a User:
- In amazon console Go to Services -> Security, Identity, & Compliance -> IAM.
- Click the Users link under “IAM Resources”.
- Click the Add User button.
- Enter any name for the user.
- Check “Programmatic access” and click on Next: permissions.
- Click on Attach Existing policies directly and search for “AmazonS3FullAccess” and select the policy and click on Next Tags.
- Then click on Next: review without entering any information.
- Click on create user.
- After clicking on create user, you will be navigated to another page where you will be able to see a csv file (Contains public and private key Information).Make sure you download the file and click on close.
Create a bucket:
- Go to Services -> Storage -> S3 -> Click on the create bucket button.
- Enter the bucket name and select the region near to you.
- Click on Next.
- Enable the Versioning check box and click on Next.
- If you want to use public/private files option for your aws records, please disable “Block all public access” checkbox, also check (I acknowledge that the current settings may result in this bucket and the objects within becoming public) and click on Next.
- Review the details and click on the create bucket button.
- After creating a bucket, open the bucket and navigate to permissions -> CORS Configuration and copy and paste the below code and click on save.
<?xml version=”1.0″ encoding=”UTF-8″?>
<CORSConfiguration xmlns=”http://s3.amazonaws.com/doc/2006-03-01/“>
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<ExposeHeader>x-amz-meta-param</ExposeHeader>
<ExposeHeader>ETag</ExposeHeader>
<ExposeHeader>x-amz-version-id</ExposeHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
Create a security policy:
- Go to Services -> Security, Identity & Compliance -> IAM -> Click on policies present under Access Management
- Click the Create Policy button and select JSON in Create Policy page and remove the code which is already present.
- Copy and paste the policy defined on this page in the policy document Area.
- Make sure to replace ##BUCKETNAME## with the name of your bucket. Then click Review Policy, give a Unique name to the policy in Review Policy Page
- Then click on create policy.
To assign policy to the user:
- Go to Services -> Security, Identity & Compliance -> IAM -> users.
- select the user which you created for SkyDoc.
- Click on the Add Permissions button.
- Go to Attach existing policies directly -> select the policy you created and click on Next: review.
- Click on Add Permissions.
- ii) To migrate NetSuite Files to SkyDoc, we are using lambda function in Amazon Web Services.
Please check the below steps to create lambda function.
To create lambda function in AWS account we need user access with below permissions:
Please navigate to Permissions >> Add Permissions >> Attach existing policies directly, search for the below permissions and add them.
- AWSLambdaFullAccess
- IAMFullAccess
- AmazonS3FullAccess.
- AmazonAPIGatewayAdministrator
- AWSLambdaBasicExecutionRole
- AWSLambdaRole
- Click on the next review.
- Review the details and click on Add Permissions.
- Navigate to security credentials in the user and click on manage (Beside Console password).
- Check the enable option for Console Access and select auto generated password option for set password, click on apply and download the csv file (It contains username and password for this user) and please forward the file to us as we need to create a lambda function in your AWS account.
How do I make an AWS S3 bucket private?
In order to make a bucket private, please follow the steps below:
- Login to AWS console.
- Go to S3
- Click on the bucket which you want to make private.
- Go to Permissions > Access Control List > Access for Other AWS Accounts > Public Access
- Click on Everyone, uncheck all the permissions in the pop up screen and save
- Check if the bucket is now private
- If not, please check if there is any policy mentioned in Permissions > Bucket Policy
How do I create a new bucket with existing AWS S3 credentials?
. To create a new bucket, follow the below steps:
- Login to your AWS account
- Go to AWS S3
- Click on the Create Bucket button
- Enter the name as CompanyName-skydoc-production and select your region
- If you want to use public/private option for your aws records,please disable Block all public access checkbox.
- Review the details and click on create bucket button.
- After creating a bucket,open the bucket and go to permissions -> CORS Configuration and copy and paste the below code and click on save
<?xml version=”1.0″ encoding=”UTF-8″?>
<CORSConfiguration xmlns=”http://s3.amazonaws.com/doc/2006-03-01/“>
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<ExposeHeader>x-amz-meta-param</ExposeHeader>
<ExposeHeader>ETag</ExposeHeader>
<ExposeHeader>x-amz-version-id</ExposeHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
- Go to properties and enable the versioning property
2. Create a security policy for the bucket:
- Click the Policies link.
- Click the Create Policy button and select JSON in Create Policy page.
- Copy and paste the policy defined on this page in the Policy Document area
- Make sure to replace ##BUCKETNAME## with the name of your bucket. Click Review Policy and give a unique name to the policy in the Review Policy Page
- Click Create Policy and add the created policy to the user
