Configuring STS Assume IAM Role

Configure the STS Assume role details before configuring the storage library using the Amazon S3 - AWS STS Assume Role authentication access.

Procedure

  1. Create a STS Assume Role with STS Policy with AssumeRole. (Sample json file.)

  2. Create a S3 Role (For example: DemoS3Role) with S3 Policy with the necessary permissions shown in the json file.(Sample json file.)

  3. From the S3 Role, Trust Relationship tab, click Edit Trust relationship, provide the STS ARN as shown in the json file: (Sample json file.)

  4. Copy the S3 Role ARN and provide this role as the ARN input during library configuration.

    For example:arn:aws:iam::XXXXXXXXXXXXXXXX:role/STSAssumeRole

For links to JSON files for AWS services, see IAM Policies for Protecting AWS Services with Commvault.

Loading...