Amazon S3 - AWS STS Assume Role with IAM Role Policy

Use the following information to add or modify an Amazon S3 cloud storage library with AWS STS Assume Role with IAM Role Policy authentication in the Add / Edit Cloud Storage (General) dialog box in CommCell Console.

Configure the EC2 IAM role details before configuring the storage library. For more information, see Configuring EC2 IAM Role Details for STS Assume IAM Role.

Authentication

AWS STS Assume Role with IAM Role Policy - For more information on this role, refer to the following links:

• http://docs.aws.amazon.com/STS/latest/APIReference/Welcome.html

• http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html

  Note

  For AWS STS Assume Role with IAM Role Policy the selected MediaAgent must reside in the EC2 instance and an STS Assume Role with IAM Role must be associated with the EC2 instance. Make sure to select the specific MediaAgent from the drop-down list during library configuration. (For more information about installing the MediaAgent on the EC2 instance, see MediaAgent Installations.)

Service Host

A valid endpoint name for the Amazon S3 region provided by the agency.

Default: s3.[region].amazonaws.com. For example, s3.us-west-1.amazonaws.com.

To find the region, see https://docs.aws.amazon.com/general/latest/gr/rande.html.

IAM Role:

Name of the IAMRole.

Role ARN

Name of the ARN role.

Bucket

To recall data from Amazon Glacier Glacier/Deep Archive or Combined Tier Storage Classes, make sure that the user associated with the bucket has the RestoreObject permission. For more information on POST Object restore, see https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPOSTrestore.html.

Storage Class

The following Amazon S3 storage classes are supported for Commvault Cloud Storage libraries:

• Standard

• Standard - Infrequent Access

• One Zone - Infrequent Access

• Intelligent - Tiering

• Standard/Glacier (Combined Storage Tiers)

• Standard-IA/Glacier (Combined Storage Tiers)

• One Zone-IA/Glacier (Combined Storage Tiers)

• Intelligent-Tiering/Glacier (Combined Storage Tiers)

• Standard/Deep Archive (Combined Storage Tiers)

• Standard-IA/Deep Archive (Combined Storage Tiers)

• One Zone-IA/Deep Archive (Combined Storage Tiers)

• Intelligent-Tiering/Deep Archive (Combined Storage Tiers)

• Glacier

• Deep Archive

• Reduced Redundancy Storage

Reference https://aws.amazon.com/s3/storage-classes/ for more information.

Related Topics

• Migrating Data to Amazon S3 Using Snowball

• Configuring AWS Tape Gateway

• Enabling Server-Side Encryption with Amazon S3-Managed Keys

• Disabling Object Tagging in Amazon S3 Storage

• How is Data Stored and Managed in the Various Amazon S3 Archive Storage Classes