Amazon OutPosts

Use the following information to add or modify an Amazon S3 cloud storage library with AWS Outposts Support.

Review the following requirements:

Verify and ensure that both the CommServe and MediaAgent in which you plan to configure the library, are in Feature Release 11.21, or later. For more information on viewing the feature release version see, Viewing the Service Pack Details for One or More Clients.
Verify that the Commvault packages are deployed on AWS Outposts, see Deploying Commvault to AWS Outposts.

Authentication

The following authentication methods are supported for configuring a cloud library for AWS Outposts:

• Access & Secret Access Keys

• AWS IAM Role Policy

For AWS IAM Role Policy the selected MediaAgent must reside in the EC2 instance and an IAM Role must be associated with the EC2 instance. Make sure to select the specific MediaAgent from the drop-down list during library configuration. (For more information about installing the MediaAgent on the EC2 instance, see MediaAgent Installations.)

The IAM Role must have the following actions enabled in the Amazon S3 account: (sample json file with these actions)

"s3-outposts:GetObject"
"s3-outposts:PutObject"
"s3-outposts:PutObjectTagging"
"s3-outposts:ListBucket"
"s3-outposts:ListRegionalBuckets"
"s3-outposts:DeleteObject"
"s3-outposts:GetAccessPoint"
"s3-outposts:ListRegionalBuckets"
"s3-outposts:ListAccessPoints"

• AWS STS Assume Role Policy

For more information on Amazon STS (Security Token Service), see the following pages in AWS documentation:

http://docs.aws.amazon.com/STS/latest/APIReference/Welcome.html
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html.

• AWS STS Assume Role with IAM Role Policy

Configure the EC2 IAM role details before configuring the storage library. For instructions, see Configuring EC2 IAM Role Details for STS Assume IAM Role.

Service Host

A valid endpoint for the AWS Outposts region, in the format, outpostID.s3-outposts.region.amazonaws.com.

For example, op-1f121e54d0a908a0t.s3-outposts.us-east-1.amazonaws.com.

Credentials

For Access & Secret Key or AWS STS Assume Role Policy authentication, select a pre-defined credential from the drop-down list.

To define a new credential, click Add New, enter the following information:

Credential Name: A user-defined name for the credential.
Access Key ID: Access key ID for the account.
Secret Access Key: Secret access key for the account.

Bucket

Click the Detect button to detect an existing bucket.

A bucket with access point on AWS OutPosts must be created manually. Bucket creation might take up to 20 minutes.

Storage Class

AWS Outposts supports only the Outposts storage class by default even when the Standard storage class is selected from the Storage Class list.

Note

The other storage classes in the Storage Class list are not honored.