Page last modified 22:04, 22 Jul 2014 by william

Documentation for versions 4 and higher is at docs.zmanda.com
Project:Amanda Enterprise 3.3 > Setting up an Amazon S3 Storage Account for Use with Amanda

Setting up an Amazon S3 Storage Account for Use with Amanda

Table of contents
No headers

This document describes the procedures outside of Amanda that must be completed before you can set up Amazon S3 storage as a device in the Zmanda Management Console.  Setting up the the device once you have an account is described in the Configuring Backup Devices section of the Zmanda Management Console User's Guide.

  • Login to Amazon.com

    Log in if you already have an account, or sign up for a new account.

  • Sign up for an Amazon Web Services Account

    Go to aws.amazon.com and sign up for an AWS Account.

  • Sign up for the Amazon Simple Storage Service (S3)

    After you have signed up, a page is displayed informing you that your account has been created and information has been sent to your email address.  Find Amazon Simple Storage Service under the list of Web Services, then click it.

    The Amazon S3 introduction page is displayed. Click Sign up For This Web Service. Enter your credit card details and and follow any other instructions to complete the account setup.

 

  • Create an IAM user for Amanda Enterprise backups in the Amazon Management Console.
     
  • Note your Amazon S3 Access Key ID and Secret Access Key for the IAM user.
    S3 identifiers are available under Your Account->Security Credentials->Access Credentials under your Amazon account. You will need them to set up the S3 storage device in the Zmanda Management console. Treat them as securely as you would any other username/password that gives access to your credit card.

 

Note: The Amanda Enterprise IAM user should have the following minimum set of permissions for backup and restore functionality. The minimum set is:

 {
   "Statement": [
     {
       "Sid": "AmandaEnterprise33",
       "Effect": "Allow",
       "Action": [
         "s3:AbortMultipartUpload",
         "s3:CreateBucket",
         "s3:DeleteBucket",
         "s3:DeleteObject",
         "s3:GetBucket*",
         "s3:GetBucketLocation",
         "s3:GetLifecycleConfiguration",
         "s3:GetObject*",
         "s3:GetObjectAcl",
         "s3:ListBucket*",
         "s3:ListBucketMultipartUploads",
         "s3:PutLifecycleConfiguration",
         "s3:PutObject*"
       ],
       "Resource": [
         "arn:aws:s3:::zmc-*",
         "arn:aws:s3:::zmc-*/*"
       ]
     },
     {
       "Sid": "AmandaEnterprise33ListAllMyBuckets",
       "Effect": "Allow",
       "Action": ["s3:ListAllMyBuckets"],
       "Resource": "arn:aws:s3:::*"
     }
   ]
 }

You can use AWS Management Console to set these policies and permissions.

Powered by MindTouch Deki Open Source Edition v.8.08.2