Configure the STS Assume role details before configuring the storage library using the Amazon S3 - AWS STS Assume Role authentication access.
Procedure
-
Create a STS Assume Role with STS Policy with AssumeRole. (Sample json file.)
-
Create a S3 Role (For example: DemoS3Role) with S3 Policy with the necessary permissions shown in the json file.(Sample json file.)
-
From the S3 Role, Trust Relationship tab, click Edit Trust relationship, provide the STS ARN as shown in the json file: (Sample json file.)
-
Copy the S3 Role ARN and provide this role as the ARN input during library configuration.
For example:
arn:aws:iam::XXXXXXXXXXXXXXXX:role/STSAssumeRole
Related Topics
For links to JSON files for AWS services, see IAM Policies for Protecting AWS Services with Commvault.