The way that you add the Amazon S3 object storage repository depends on the authentication method that you use.
-
To back up S3 buckets using access and secret keys, add the repository using an access key and a secret key.
-
If you have an Amazon Web Service (AWS) account that is attached to an Amazon Elastic Compute Cloud (EC2) virtual machine and you need to back up buckets in the same account, then add the repository using the Identity and Access Management (IAM) role policy authentication method.
-
If you have S3 buckets in different AWS accounts, or if you need cross AWS accounts, then add the repository with the security token service (STS) assume role.
To back up Amazon S3 Express One Zone directory buckets, you need the AWS service endpoint URL for Amazon S3 Express One Zone and an IAM role with minimal permissions to perform backups.