Configure the STS Assume role details before configuring the storage library using the Amazon S3 - AWS STS Assume Role authentication access.
Procedure
-
Create a STS Assume Role with STS Policy with AssumeRole. (Sample json file.)
For links to JSON files for various AWS data types and use cases, see IAM Policies for Protecting AWS Services with Commvault.
-
Create a S3 Role (For example: DemoS3Role) with S3 Policy with the necessary permissions shown in the json file.(Sample json file.)
For links to JSON files for various AWS data types and use cases, see IAM Policies for Protecting AWS Services with Commvault.
-
From the S3 Role, Trust Relationship tab, click Edit Trust relationship, provide the STS ARN as shown in the json file: (Sample json file.)
For links to JSON files for various AWS data types and use cases, see IAM Policies for Protecting AWS Services with Commvault.
-
Copy the S3 Role ARN and provide this role as the ARN input during library configuration.
For example:
arn:aws:iam::XXXXXXXXXXXXXXXX:role/STSAssumeRole