Amazon S3 Bucket via Access Point
Last updated
Was this helpful?
Last updated
Was this helpful?
Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics.
s3:PutObject - required, for backup archive upload to Amazon S3 bucket
s3:GetObject - optional, for backup restore and instant download from Amazon S3 bucket
s3:DeleteObject - optional, for retention policy, automatic removal of outdated backups from Amazon S3 bucket
s3:PutObjectRetention - optional, required for the S3 Object Lock header x-amz-object-lock-mode
s3:PutObjectLegalHold - optional, required for the S3 Object Lock header x-amz-object-lock-legal-hold
s3:PutObjectTagging - optional, required for the S3 Object Tagging header x-amz-tagging
To set up Amazon S3 Bucket Access Point as a storage for your backups, follow the steps below.
Type a storage name in the Storage name field. Use a name that will help you identify this storage in the future.
Select Amazon S3 AccessPoint from a Storage Provider dropdown:
Choose the settings for the storage:
Deduplication type - enable or disable data deduplication. For more details, please refer to the Deduplication documentation
Archive type - enable or disable archive password protection. For more details, please refer to the Password-Protected Archives documentation
Archive name pattern - configure the archive name pattern, which is used to generate the name of the backup archive. For more details, please refer to the Archive Name Pattern documentation
To upload backups to Amazon S3 Bucket, you need to create a bucket. You can skip this step if you already have a bucket. You can find more information on how to create a bucket in the Amazon S3 documentation.
Cloudback needs the ARN of the bucket to access it. To find the ARN, click on the name of your bucket in the S3 console and open the Properties tab. Copy the ARN and paste it in the Step 1 field on the Cloudback site.
After you type a bucket ARN in the Step 1 field, Cloudback will generate a bucket policy for you. The generated policy document is available in the Step 2 field. You need to apply this policy to the bucket to allow Cloudback to access it. For more information on how to apply the bucket policy, please refer to the corresponding Amazon S3 documentation page.
Cloudback accesses your Amazon S3 bucket using an Amazon S3 Access Point. You need to create a new Access Point in the AWS Management Console, and then paste the Access Point ARN in the Step 3 field. You can find more information on how to create an Access Point in the Amazon S3 documentation.
After you type an Access Point ARN in the Step 3 field, Cloudback will generate an access point policy for you. The generated policy document is available in the Step 4 field. You need to apply this policy to the access point to allow Cloudback to access it. For more information on how to apply the access point policy, please refer to the corresponding Amazon S3 documentation page.
In the Step 5 field, you can provide additional HTTP headers to be used when uploading backups to the Amazon S3 bucket. The headers can be used to set the S3 Object Lock or S3 Object Tagging headers.
Click on Save button to save the new storage. You can also use a Test button to check if the storage is configured correctly. After saving the storage, you can use it for storing backups of your repositories.
All storage settings can be changed later in the Storages page. To edit the storage settings, click on the Edit button next to the storage you want to edit.
You can change the storage for a particular repository in the Repository Details page. Also, you can assign it to multiple repositories through the Bulk Operations.
Open the Cloudback Dashboard
Navigate to the Storages page by clicking on the Storages link in the left-side navigation pane
Click on the + New storage button:
