> Essential > Object Storage > Amazon S3 > Getting Started > Add the Object Storage Repository

Add the Amazon S3 Object Storage Repository with an AWS STS Assume Role with IAM Role Policy

To back up S3 buckets in different AWS accounts using an EC2 VM, add the Amazon S3 object storage repository with a security token service (STS) assume role. Use the EC2 VM on source account which has the STS assume role permission on the second AWS account.

Procedure

  1. From the navigation pane, go to Protect > Object storage.

    The Object storage page appears.

  2. In the upper-right area of the page, click Add object storage.

    The Add object storage dialog box appears.

  3. Click Amazon S3.

    The Add Amazon S3 Storage dialog box appears.

    The Configure Amazon S3 wizard appears.

  4. On the Access Node tab of the wizard, select one or more EC2 VMs or the server group of EC2 VMs where the Cloud Apps package is installed, and then click Next.

    Note

    • The access nodes must be of similar operating system type.

    • All servers in the server group must be reachable through network routes.

  5. On the Plan tab of the wizard, select the backup plan that you want to use for the object storage repository, and then click Next.

  6. On the Add object storage tab of the wizard, complete the following steps:

    1. In theObject storage name box, enter a name for the repository.

    2. In the Host URL box, enter the Amazon S3 account URL, s3.amazonaws.com.

      To back up region-based data, enter the AWS service endpoint URL for the region in the format: s3.{region}.amazonaws.com.

    3. From the Authentication list, select STS assume role with IAM role.

    4. Do one of the following:

      • From theCredentials dialog box, select the credentials that you are going to use, and then click Next.

      • To add credentials to the Credential Manager, click the plus button (+).

        TheAdd Credential dialog box appears.

      • Enter the following information:

      • Credential name: Enter a name for the credentials that you are creating.

      • Role ARN: Enter the full IAM role Amazon Resource Name (ARN) of the cross account that includes the bucket that you want to back up.

      • Description: Enter a description of the credentials.

      • Click Save.

  7. On the Backup Content tab of the wizard, complete the following steps:

    1. Click Add, and do one of the following:

      • To enter a custom path, click Custom path, and then enter the path for the content.

      • To browse for content, click Browse, and then select the content.

    2. To exclude some of the content you selected, move the Specify exclusion toggle key to the right, and then add the exclusion.

    3. To back up ACLs, move the Backup ACL toggle key to the right.

    4. Click Next.

  8. On the Summary tab of the wizard, review the options, and then clickFinish.

Loading...