Creating Commvault Credentials That Use the AWS STS AssumeRole Authentication Method

The AWS STS AssumeRole authentication method allows the Commvault software to assume an IAM role in order to access to your AWS account and perform data protection operations.

Procedure

  1. From the Command Center navigation pane, go to Manage > Security.

    The Security page appears.

  2. Click Credential vault.

    The Manage credentials page appears.

  3. In the upper-right area of the page, click Add.

    The Add credential dialog box appears.

  4. For Account type, select Cloud account.

  5. For Vendor type, select Amazon Web Services.

  6. For Authentication type, select STS Assume Role with IAM Policy.

  7. For Credential name, enter a name for these credentials.

  8. For Role ARN, enter the ARN of the specified IAM role.

  9. For External ID, enter the external ID that is specified in the trust policy of your AWS account.

    If your trust policy specifies an external ID, then you must enter the external ID to allow the Commvault software to assume the specified IAM role. (If your trust policy doesn't specify an external ID, then leave External ID blank.)

    For more information, see Using an External ID with the AWS STS AssumeRole Authentication Method.

  10. For Description, enter a description for these credentials.

  11. Click Save.

Loading...