Differences

This shows you the differences between two versions of the page.


amazon_s3 [2015/06/01 21:28] (current) – created - external edit 127.0.0.1
Line 1: Line 1:
 +====== Amazon S3 ======
  
 +  * [[s3cmd]]
 +
 +  * [[http://aws.amazon.com/s3/pricing/|Pricing]]
 +
 +
 +Any data uploaded to Amazon S3 should be first encrypted using [[GPG]].
 +
 +Here's an IAM policy for a new user to upload files to an S3 bucket.
 +
 +<code>
 +{
 +  "Statement": [ {
 +    "Effect": "Allow",
 +    "Action": "s3:ListBucket",
 +    "Resource": "arn:aws:s3:::steve-backups", 
 +    "Condition": {
 +    }
 +  }, {
 +    "Effect": "Allow",
 +    "Action":
 +      "s3:PutObject",
 +      "s3:GetObject",
 +      "s3:DeleteObject"
 +    ],
 +    "Resource": "arn:aws:s3:::steve-backups/*", 
 +    "Condition": {}
 +  } ]
 +}
 +
 +</code>
 +
 +=== Creating a Backups Bucket ===
 +
 +  * [[https://console.aws.amazon.com/iam/home#s=Users|Amazon IAM Users]]
 +
 +This is to setup a single bucket and a single user for backups for one server.
 +
 +First, create an Amazon S3 bucket.
 +
 +Second, create a new IAM user.  Name syntax should be: ''backups-<server>''  Generate a user Access Key ID and Secret Access Key and download them.  Add the user to the ''Backups'' group (no real reason, other than to keep users organized).
 +
 +Third, select the user, change the permissions, and create a user policy.  Name the policy the same as the username.
 +
 +Create a custom policy, and use the example above, renaming the bucket.  The permissions will let you upload, download, and delete files on the bucket.
 +
 +Once that's done, setup either [[backup-manager]] or [[s3cmd]] to transfer files.

Navigation
QR Code
QR Code amazon_s3 (generated for current page)