You can create an Amazon S3 instance with security token service (STS) assume role.
Procedure
-
From the CommCell Browser, go to Client Computers > Amazon S3 client.
-
Right-click Cloud Apps, and then point to All Tasks > Create New Instance.
The New Amazon S3 Instance dialog box appears.
-
On the General tab, provide the following details:
-
In the Instance Name box, type a name for the instance.
-
In the Access Node box,select one or more EC2 VMs or the client group of EC2 VMs with Cloud Apps Package installed on the source account that can assume the role of cross account to back up the bucket.
Note
-
The proxy client computers must be of similar operating system type.
-
All clients in the client group must be reachable through network routes.
-
-
In the Storage Policy box, select a storage policy for the backup and restore operations.
-
In the Number of Data Backup Streams box, type the number of data streams to use for backups. The maximum value is 99.
Note
The number of streams must not exceed the maximum number configured in the subclient storage policy. The CommServe allocates streams depending on the availability of resources.
-
-
On the Connection Details tab, enter the following details:
-
In the Host URL box, type the Amazon S3 service account URL (s3.amazonaws.com).
-
From the Authentication Type list, select AWS STS assume role with IAM role policy.
-
Enter the credential:
What
Steps
Existing credential
From the Credential list, select a credential that you want to use.
New credential
-
From the Credential list, click Create New.
The Create user credential dialog box appears.
-
In the Credential name box, enter a name for the credentials.
-
In the Role ARN box, enter the full IAM role Amazon resource name (ARN) of the cross account whose bucket will be backed up.
-
Click OK.
-
-
-
Click OK.
Results
The Commvault software creates a default instance and a default subclient.