Amazon S3
Step 1: Create a bucket
-
Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.
-
Click Create bucket
-
In Bucket name, enter a bucket name.
Write down the the bucket name. You'll need it at step 4.
-
In Region, choose the AWS Region where you want the bucket to reside.
-
In Bucket settings for Block Public Access, make sure Block all public access is selected.
-
In Bucket Versioning, select "Enable".
-
In Default encryption, select "Enable" for "Server-side encryption", and "Amazon S3 key (SSE-S3)" for "Encryption key type".
-
Click Create bucket.
Step 2: Create a policy
-
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.
-
Click Policies
-
Click Create Policy
-
Open the JSON tab.
-
Copy the following content in the text area, but replace
backup-6b3d8c22
with the name of your bucket:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::backup-6b3d8c22/*",
"arn:aws:s3:::backup-6b3d8c22"
]
}
]
}
-
Click Next: Tags, and Next: Review.
-
In Name, enter OakBackup.
-
Click Create policy.
Step 3: Create the AWS credentials for Oak Backup
-
Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/
-
In the navigation pane, click Users and then click Add users.
-
Type "oakbackup" as the user name for the new user.
-
Select Programmatic access.
-
Click Next: Permissions.
-
Click Attach existing policies directly.
-
In the search input, enter "OakBackup".
-
Select the "OakBackup" policy.
-
Click Next: Tags, then Next: Review, and finally Create user.
Download the Access key ID and the Secret access key. You'll need them in the next step.
Step 4: Configure Oak Backup
-
Open Oak Backup and go the the Storage location tab.
-
Enter the bucket name, access key id and secret access key from the previous steps.
Step 5: Configure retention for deleted files (optional)
By default, Amazon S3 keeps deleted files forever. You can configure this with these steps.
-
Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.
-
In the Buckets list, choose the name of the bucket that you want to create a lifecycle rule for (the one you created at step 1).
-
Choose the Management tab, and choose Create lifecycle rule.
-
In Lifecycle rule name, enter "Delete expired objects".
-
Under Choose a rule scope, select Apply to all objects in the bucket, and select I acknowledge that this rule applies to all objects in the bucket.
-
Under Lifecycle rule actions, select Permanently delete noncurrent versions of objects and Delete expired object delete markers or incomplete multipart upload.
-
Under Permanently delete noncurrent versions of objects, in Days after objects become noncurrent, enter the number of days to keep deleted files. Recommended value: 365.
-
Under Delete expired object delete markers or incomplete multipart uploads, select Delete expired object delete markers and Delete incomplete multipart uploads. Then, in Number of days, enter 7.
-
Click Create rule.