How to move the Bold BI resources files from EFS to Amazon S3

Follow the below step-by-step instructions for transferring the Bold BI resource files from EFS to Amazon S3. This includes:

1. Modifying the config.json file,
2. Generating and encrypting S3 credentials using the Cryptography application,
3. Setting up an IIS site to execute the cryptography utility,
4. Updating database configurations,
5. Carrying out resource conversion (SYDJ), and
6. Restarting services within EKS.

• Full backup of the Bold BI app_data folder (mandatory).
• Access to the machine to run the Cryptography app (IIS will host the crypto UI).
• DB access (Site DB and UMS DB) with rights to run UPDATE commands.
• AWS S3 credentials (or IAM user that can access the target bucket).
• SYDJConversion tool (provided with Bold BI).
• kubectl access to the EKS cluster for restarting services.
• Note: Keep EFS mounted/available for Config.files and Log

Steps to move the Bold BI resource file from EFS to Amazon S3

Step 1: Backup app_data (mandatory)

1. Stop Bold BI application/services (or ensure safe backup while not in heavy use).
2. Make a copy of app_data from EFS: Source: D:\Boldservices\app_data\
3. Confirm backup integrity (list files, compare size).

Step 2: Prepare config.json (initial)

Open app_data\configuration\config.json (From the EFS) and note the existing StorageSettings/StorageType. You will replace StorageSettings with the encrypted S3 connection string and set StorageType to 3 (Amazon S3). Keep a copy of the original config.json as a backup.

Step 3: Create IIS site to host Cryptography app

1. Extract the Cryptography application folder (Attached with this Article).
2. In IIS Manager.
   • Create a new Site (e.g. Cryptography-Tool) pointing to that folder.
   • Configure bindings (hostname / port) or use default.
   • Ensure the application pool runs an appropriate .NET version (per cryptography app requirements).
3. Grant read/write permissions to the application folder for the app pool identity if the tool writes files.
   

Once created, open the ite in a browser to confirm the Cryptography UI loads.

Step 4: Generate Key / Encrypt S3 credentials using the Cryptography app

A. Get Decryption Key and Private Key (for record)

• Decryption key (plain) located at: {Deployed Location}\AppData\configuration\config.json — look for the DecryptionKey node and copy its value.
• Private key file: {Deployed Location}\AppData\configuration\privatekeys.dat — copy the full contents if needed (store securely).

B. Prepare Amazon S3 connection stringJSON

Create the below Amazon S3 connection string JSON by with your storage account details,

{

"Region": "ap-south-1",

"BucketName": "BucketName",

"AccessKeyId": "accessKeyId",

"AccessKeySecret": "exampleSecretValue1234",

"RootFolderName": "s3localtest",

"RegionEndpoint": {

"SystemName": "ap-south-1",

"OriginalSystemName": "ap-south-1",

"DisplayName": "Asia Pacific (Mumbai)",

"PartitionName": "aws",

"PartitionDnsSuffix": "amazonaws.com"

}

C. Encrypt the JSON with Cryptography app

1. Open the Cryptography site in browser. And go to Connection String page.
2. Use the UI to Encrypt the S3 connection string JSON (paste the Decryption Key, the Private Key and Amazon S3 credentials without any spaces as provided like in above screenshot).
3. Click the Encrypt Option, the Cryptography app returns an encrypted string (a long base64-like string).
4. Copy the encrypted string exactly.

Step 5: Update config.json

Open app_data\configuration\config.json (From the EFS) and update the below node values:

• Set StorageType to 3.
• Replace StorageSettings with the encrypted string you copied from the Cryptography tool.

Example snippet:

{

...

"StorageType": 3,

"StorageSettings": "gJlWFF6VJWV2IH8JYoVZSAR5ksJ7eFM7I8H057WN1/KAj3sH+G5rnOp+V8OJV3dCxfK..."

...

}

Step 6: Update DB entries

A. Site DB (boldbi_systemsettings table)

Run the following queries on all the BI tenant sites meta DB (adjust schema/table names if different)

-- Set StorageType = 3 --

MSSQL

UPDATE boldbi_systemsettings
SET Value = '3'
WHERE [Key] = 'StorageType';

PostgreSQL

UPDATE boldbi_systemsettings
SET "Value" = '3'
WHERE "Key" = 'StorageType';

MySQL

UPDATE boldbi_systemsettings
SET `Value` = '3'
WHERE `Key` = 'StorageType';

Oracle

UPDATE boldbi_systemsettings
SET "Value" = '3'
WHERE "Key" = 'StorageType';

Save the raw json value under AmazonS3ConnectionString

MSSQL

UPDATE boldbi_systemsettings
SET Value = 'AmazonS3ConnectionString_raw'
WHERE [Key] = 'AmazonS3ConnectionString';

PostgreSQL

UPDATE boldbi_systemsettings
SET "Value" = 'AmazonS3ConnectionString_raw'
WHERE "Key" = 'AmazonS3ConnectionString';

MySQL

UPDATE boldbi_systemsettings
SET `Value` = 'AmazonS3ConnectionString_raw'
WHERE `Key` = 'AmazonS3ConnectionString';

Oracle

UPDATE boldbi_systemsettings
SET "Value" = 'AmazonS3ConnectionString_raw'
WHERE "Key" = 'AmazonS3ConnectionString';

B. UMS DB (boldtc_systemsettings table)

Run these queries in UMS DB

-- Set StorageType = 3

MSSQL

UPDATE boldtc_systemsettings
SET systemvalue = 3
WHERE systemkey = 'StorageType';

UPDATE public.boldtc_systemsettings
SET systemvalue = 3
WHERE systemkey = 'StorageType';

UPDATE boldtc_systemsettings
SET systemvalue = 3
WHERE systemkey = 'StorageType';

UPDATE boldtc_systemsettings
SET systemvalue = 3
WHERE systemkey = 'StorageType';

MSSQL

UPDATE boldtc_systemsettings
SET systemvalue = 'AmazonS3ConnectionString_encrypted'
WHERE systemkey = 'AmazonS3ConnectionString';

UPDATE public.boldtc_systemsettings
SET systemvalue = 'AmazonS3ConnectionString_encrypted'
WHERE systemkey = 'AmazonS3ConnectionString';

UPDATE boldtc_systemsettings
SET systemvalue = 'AmazonS3ConnectionString_encrypted'
WHERE systemkey = 'AmazonS3ConnectionString';

UPDATE boldtc_systemsettings
SET systemvalue = 'AmazonS3ConnectionString_encrypted'
WHERE systemkey = 'AmazonS3ConnectionString';

Or 

UPDATE YOURSCHEMA.boldtc_systemsettings
SET systemvalue = 'AmazonS3ConnectionString_encrypted'
WHERE systemkey = 'AmazonS3ConnectionString';

Step 7: Convert dashboard files to SYDJ (resource conversion)

A. Extract SYDJConversion tool

• Extract the SYDJConversion zip (Attached with this KB Article) to a folder, e.g. C:\SYDJConversion\.

B. Prepare app_data for conversion

• Copy the Exisitng app_data folder in the EFS and paste them inside the conversion tool. C:\SYDJConversion\appdata

C. Run the converter

• Launch SYDJConversion.exe (double-click or run from command prompt in the C:\SYDJConversion\ folder).
• If the tool has command line options, use them to point to the app_data folder. (If UI only—use UI).

• Wait for conversion completed message.

D. After conversion

• The tool will produce converted dashboard files (SYDJ) inside the same app_data folder for all the BI tenant sites.
• Confirm conversion log shows success and no errors.
  

Step 8: Replace / Deploy converted app_data

• Stop Bold BI services (or ensure services are not writing to app_data).
• Upload the converted app_data produced by the SYDJConversion tool to the Amazon S3 Bucket rootfolder location.
• Ensure config.json in the deployed app_data contains updated StorageType and StorageSettings.

Step 9: Restart services on EKS

• Restart the Bold BI deployment(s) in your EKS cluster so they pick up new config and resources.

Example commands (replace <deployment-name> and <namespace>):

kubectl rollout restart deployment/<deployment-name> -n <namespace>

kubectl rollout restart deployment/boldbi-deployment -n boldbi

kubectl get pods -n <namespace>

• Wait until pods are Running and Ready.

Validation & Post-migration checks

1. Open Bold BI UI — ensure dashboards and resources load.
2. Verify S3 bucket contents — new resource files should appear under RootFolderName specified.
3. Confirm logs are still writing to EFS (as expected).
4. Check application logs for any errors about missing files or permissions.
5. Validate upload/download actions to S3 from the app.

Rollback plan

1. If failures occur, restore backup app_data:
   • Stop Bold BI pods.
   • Copy {Backup_location}\Boldservices\app_data_backup_YYYYMMDD\ back to {deployed Location in the EFS}\Boldservices\app_data\.
2. Restore original config.json and DB values (you backed them up earlier).
3. Restart EKS deployment.
4. Verify operation.

Troubleshooting — common issues & fixes

• Cryptography web UI not loading
  • Check IIS site bindings and application pool status. Ensure required .NET runtime installed. Check IIS logs and Event Viewer.
• Encrypted string not accepted by application
  • Confirm you used the correct Cryptography tool instance (same keys that Bold BI expects). Ensure you copied the full encrypted string (no truncation or extra spaces/newlines).
• DB update didn't take effect
  • Confirm you updated the correct database/environment (prod vs staging). Check exact column names and casing.
• Resources not visible after conversion
  • Confirm that the conversion process has been completed successfully and that the converted files are present in the app_data folder.
    
    Additionally, you may verify the dashboard folder (app_data\bi\Site_ID\resources\Dashboard_ID\version) to ensure it contains .Sydj files as shown below.
    
    For example: (..\app_data\bi\xxe86911-xxxx-426d-9xe8-d5ab251d3cad\resources\5a0exxx2-b942-4492-93d8-73189624xxxxx\1)
    
    
  •  Also, check conversion logs for errors.
  • 
• EKS pods crash/Errors at startup
  • Inspect pod logs: kubectl logs <pod-name> -n <namespace>
  • Common causes: Invalid config.json JSON syntax, wrong encryption string, missing private key file, or permission issues.

Important Notes & Security

• Do not store plaintext AWS Access Keys in source control or shared locations. Only the encrypted form should live in config.json or DB.
• Securely store the private key and the decryption key — they are needed for future changes or troubleshooting.
• EFS is still required for Config.files and Logs. Do not remove EFS until you have verified system behaviour for an extended period.
• Rotate AWS keys after migration if the keys were used elsewhere or exposed.

Additional Reference

• How to Stop and Start the Bold BI Application on Different Environment
• How to migrate Bold BI instance and database