Use the following information to add or modify an Amazon S3 cloud storage library with Access & Secret Access Key authentication in the Add / Edit Cloud Storage (General) dialog box in CommCell Console.
Note
Refer to Amazon S3 documentation for additional information on the inputs required in this dialog box.
Authentication
Access & Secret Access Key - This is the default authentication. For more information about Amazon Access Points, see https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html.
Service Host
A valid endpoint name for the Amazon S3 region provided by the agency.
Default: s3.[region].amazonaws.com
. For example, s3.us-west-1.amazonaws.com
.
To find the region, see https://docs.aws.amazon.com/general/latest/gr/rande.html.
Note
For Amazon S3 Transfer Acceleration, service host provider name must be provided as s3-accelerate.amazonaws.com.
Access Key ID
Access key ID for the account.
Secret Access Key
Secret Access Key for the account.
Bucket
Enter the bucket/container with the access point as follows:
[accesspoint name]-[account id]
For example:
accesspointtest-999999999999
The following actions must be enabled for the bucket before configuring the library: (sample json file with these actions.)
"s3:CreateBucket",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectRetention",
"s3:ListBucket",
"s3:ListAllMyBuckets"
"s3:PutObjectTagging",
"s3:DeleteObject"
Notes
-
The
CreateBucket
permission is required only when the bucket must be created by the MediaAgent while configuring the cloud storage. (This permission can be skipped if an existing bucket is used for configuring the cloud storage.) -
The
ListAllMyBuckets
permissions request is required for the Detect button to work. -
To recall data from Amazon Glacier Glacier/Deep Archive or Combined Tier Storage Classes, make sure that the user associated with the bucket has the
RestoreObject
permission. For more information on POST Object restore, see https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPOSTrestore.html.
Storage Class
The following Amazon S3 storage classes are supported for Commvault Cloud Storage libraries:
-
Standard
-
Standard - Infrequent Access
-
One Zone - Infrequent Access
-
Intelligent - Tiering
-
Standard/Glacier (Combined Storage Tiers)
-
Standard-IA/Glacier (Combined Storage Tiers)
-
One Zone-IA/Glacier (Combined Storage Tiers)
-
Intelligent-Tiering/Glacier (Combined Storage Tiers)
-
Standard/Deep Archive (Combined Storage Tiers)
-
Standard-IA/Deep Archive (Combined Storage Tiers)
-
One Zone-IA/Deep Archive (Combined Storage Tiers)
-
Intelligent-Tiering/Deep Archive (Combined Storage Tiers)
-
Glacier
-
Deep Archive
-
Reduced Redundancy Storage
Reference https://aws.amazon.com/s3/storage-classes/ for more information.