To back up S3 buckets in different AWS accounts, or if you need cross AWS accounts, add the Amazon (S3) virtual client with security token service (STS) assume role.
Procedure
-
From the CommCell Browser, right-click Client Computers, and then click New Client > Cloud Storage > Amazon S3.
The New Amazon S3 Client dialog box appears.
-
On the General tab, provide the following details:
-
In the Client Name box, type a name for the new virtual client.
-
In the Instance Name box, type a name for the instance.
-
In the Access Node box, select the EC2 VM with Cloud Apps Package installed on the source account that can assume the role of cross account to back up the bucket.
-
In the Storage Policy box, select a storage policy for the backup and restore operations.
-
In the Number of Data Backup Streams box, type the number of data streams to use for backups. The maximum value is 99.
Note: The number of streams must not exceed the maximum number configured in the subclient storage policy. The CommServe allocates streams depending on the availability of resources.
-
-
On the Connection Details tab, enter the following details:
-
In the Host URL box, type the Amazon S3 service account URL (s3.amazonaws.com).
-
From the Authentication Type list, select AWS STS assume role with IAM role policy.
-
Enter credentials:
What
Steps
Existing credential
From the Credential list, select the credential that you want to use.
New credential
-
From the Credential list, click Create New.
The Create user credential dialog box appears.
-
In the Credential name box, enter a name for the credentials.
-
In the Role ARN box, enter the full IAM role Amazon resource name (ARN) of the cross account whose bucket will be backed up.
-
Click OK.
-
-
-
Click OK.
Results
The Commvault software creates an Amazon S3 virtual client that contains a default instance.