AWS S3

Steps to connect your S3 storage to SimpleBackups

How to connect your AWS S3 to SimpleBackups

1. Create your AWS S3 Bucket

Skip this step if you already have an AWS S3 bucket.

  • Go to your AWS S3 bucket list and create a new bucket
    • Keep default options for (2) Configure options, (3) Set Permission, review and create your bucket.

Information you'll need in step 3:

  • Your "Bucket" name, in this case "myacme-backups"
  • Your "Bucket" Region, in this case "US West - N. California"

2. Create your AWS credentials

In order to give access to your newly created bucket, you'll need to provide credentials to SimpleBackups.

Creating an access key and a secret key for your Amazon S3 account requires some little work. SimpleBackups needs S3 keys that allow both, read and write permissions to be able to store and retrieve backups under your S3 account.

 

Step 1. Log in to your AWS Console and go to https://console.aws.amazon.com/iam/home

Step 2. Click Users from the left side bar then click Add user

Step 3. Type in a user name and choose Programmatic access as shown then proceed

Step 4. Click Attach existing policies directly then filter by S3 as shown and choose AmazonS3FullAccess (this is discouraged, and not recommended actually, so please check at the end of this article for the minimum permissions needed).

Step 5. Confirm you can see the highlighted policy and click Create user

Step 6. Finally you will see the newly created Access Key and Secret Key that allow full read and write to S3. Please use these two values when adding your storage to SimpleBackups

Information you'll need in step 3:

  • Access Key
  • Secret

3. Connect your S3 bucket to SimpleBackups

  • In the storage provider list select "Amazon S3 Storage", and fill in the form with your AWS credentials and newly created bucket information

You'll have to input :

  • Key: Access Key described in (step 2)
  • Secret: Secret described in (step 2)
  • Region: Bucket Region described in (step 1)
  • Bucket: Bucket name described in (step 1)
  • Give your storage a name (the bucket name is usually a good pick, but you can be creative) and click on "Save new storage".
 

Limit S3 Access / Scope via IAM policy

S3 IAM Policy, S3 Permissions, Limit S3 Scope, Only grant limited access.

To create an S3 storage user for SimpleBackups, the following minimum permissions are required to be available on the backup bucket of your choice:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:DeleteObject",
                "s3:GetObject",
                "s3:PutObject",
                "s3:PutObjectAcl",
                "s3:AbortMultipartUpload",
                "s3:ListMultipartUploadParts",
                "s3:ListBucketMultipartUploads"
            ],
            "Resource": [
                "arn:aws:s3:::MY_BACKUPS_BUCKET/*",
                "arn:aws:s3:::MY_BACKUPS_BUCKET"
            ]
        }
    ]
}

The policy above can be used to only allow SimpleBackups to work on the backups bucket of your choice.

Don't forget to change MY_BACKUPS_BUCKET to the actual buckets you create for backups.

 

Note:

The following permissions are needed for cleaning up uncompleted uploads and save storage space.

  • s3:AbortMultipartUpload
  • s3:ListMultipartUploadParts
  • s3:ListBucketMultipartUploads
 
Did this answer your question?
😞
😐
🤩

Last updated on July 22, 2024