Overview
Site Manager can automatically synchronize all backups stored in a repository to Amazon S3 or other compatible stores like Wasabi or Backblaze. This article covers key aspects specific to S3 that should be understood and managed before remote synchronization with S3 can operate. For an overview of remote synchronization and how to configure it (including S3 configuration) see this article.
S3 Store Configuration
Buckets
A bucket is the first layer of storing file objects within an S3 store, it must be created and configured before attempting to connect Site Manager to S3. This can generally be done in the S3 service provider's user console. Some of the possible options include region selection, object versioning/retention policies, and storage encryption.
Regions
Regions select the specific servers that will be used to store the file objects and are entirely subjective to the user.
Authorization
IAM
IAM users and groups are a fundamental part of Amazon S3 that can be used to produce managed access to an S3 bucket, the IAM user assigned to remote synchronization must have a valid access key and secret key to establish a connection with Site Manager. Other compatible stores may not use the same exact key terms but should provide a similar interface to acquire the access key and secret key to the user account.
Policies
Policies are another fundamental part of Amazon S3 that allow specific S3 actions to be bundled together and applied to an IAM user/group account. Other compatible stores may not use the same exact key terms and in most cases, the service provider will have similar policy options, but some may be limited with this level of policy selection. The minimum required policy actions for remote synchronization to operate with S3 are included below:
| Category | Permission |
|---|---|
| List | ListAllMyBuckets, ListBucket, ListBucketMultipartUploads, ListBucketVersions and ListMultipartUploadParts |
| Read | GetObject |
| Write | AbortMultipartUpload, DeleteObject, DeleteObjectVersion, and PutObject DeleteObjectVersion is optional if bucket versioning is not used |
Amazon S3 Example:
Service Billing
S3 object storage services generally incorporate a billing policy based on various forms of usage like disk space, transfers, server-side operations, and deletion to name but a few. Billing policies vary greatly between different service providers and should be closely reviewed to avoid unexpected costs from your selected provider.
Where possible, remote synchronization to an S3 store will be performed in an as efficient manner as possible, but due to some necessary remote synchronization procedures, temporary objects and temporary server-side object duplication is often required and may result in additional charges depending on the service provider's billing policies.