To back up S3 buckets in different AWS accounts, or if you need cross AWS accounts, add the Amazon S3 object storage repository with a security token service (STS) assume role.
Procedure
-
From the navigation pane, go to Protect > Object storage.
The Object storage page appears.
-
In the upper-right area of the page, click Add object storage.
The Add object storage dialog box appears.
-
Click Amazon S3.
The Add Amazon S3 Storage dialog box appears.
-
In the Object storage name box, enter a name for the repository.
-
In the Host URL box, enter the Amazon S3 account URL, s3.amazonaws.com.
To back up region-based data, enter the AWS service endpoint URL for the region in the format: s3.{region}.amazonaws.com.
-
From the Authentication list, select AWS STS Assume Role with IAM Role Policy.
-
For Credentials, click the Create new button (
).The Add Credential dialog box appears.
-
In the Credential name box, enter a name for the credentials.
-
In the Role ARN box, enter the full IAM role Amazon resource name (ARN) of the cross account that includes the bucket that you want to back up.
-
Click Save.
-
Enter the following information:
-
From the Access node list, select the access node to use for the repository.
-
From the Plan list, select the server plan to use for the repository.
-
Click Save.