A quick walkthrough demonstrating the configuration of an S3 custom policy and an S3 Bucket.
- Log into the AWS console and navigate to the S3 Service.
- Identify an existing bucket to use for backup purposes or generate a new bucket. To generate a new bucket, click the + Create bucket button at the top of the S3 landing page. Enter a DNS-compliant bucket name and select a region where you want to provision the bucket. You have the option to apply custom configurations and permissions, however these are not required by Kaleido. Click the Create bucket button at the bottom of the screen to provision the resource.
- Check your IAM Users and ensure you have an identity to provision S3 write permissions against. If you do not have a user or wish to create a new one for backup purposes, do so now. Be sure to save the API Secret if you elect to create a new user. This key will not be redisplayed.
- Click Policies in the lefthand navigation panel and click the “Create policy” button at the top of the screen.
- Click “Choose a service” and search for S3.
- Click the box next to Write to apply all write permissions for this policy.
- Enter a compliant name for the policy and optionally input a description. Click “Create policy” to finalize.
- Click Users in the lefthand navigation panel and select a user to apply this policy against.
- Click the “Add Permissions” button and select the “Attach existing policies directly” option at the top of the screen. Search for the newly created S3 backup policy. Select the policy and click “Review”.
- Click “Add Permissions” at the bottom of the screen to apply this policy to the selected user.
- Proceed to configure a backup config object within Kaleido using the appropriate IAM User credentials and S3 Bucket name.