Skip to content

Amazon S3

Step 1: Create a bucket

  1. Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. Click Create bucket

  3. In Bucket name, enter a bucket name.

    Write down the the bucket name. You'll need it at step 4.

  4. In Region, choose the AWS Region where you want the bucket to reside.

  5. In Bucket settings for Block Public Access, make sure Block all public access is selected.

  6. In Bucket Versioning, select "Enable".

  7. In Default encryption, select "Enable" for "Server-side encryption", and "Amazon S3 key (SSE-S3)" for "Encryption key type".

  8. Click Create bucket.

Step 2: Create a policy

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  2. Click Policies

  3. Click Create Policy

  4. Open the JSON tab.

  5. Copy the following content in the text area, but replace backup-6b3d8c22 with the name of your bucket:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucket",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::backup-6b3d8c22/*",
                "arn:aws:s3:::backup-6b3d8c22"
            ]
        }
    ]
}

  1. Click Next: Tags, and Next: Review.

  2. In Name, enter OakBackup.

  3. Click Create policy.

Step 3: Create the AWS credentials for Oak Backup

  1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/

  2. In the navigation pane, click Users and then click Add users.

  3. Type "oakbackup" as the user name for the new user.

  4. Select Programmatic access.

  5. Click Next: Permissions.

  6. Click Attach existing policies directly.

  7. In the search input, enter "OakBackup".

  8. Select the "OakBackup" policy.

  9. Click Next: Tags, then Next: Review, and finally Create user.

    Download the Access key ID and the Secret access key. You'll need them in the next step.

Step 4: Configure Oak Backup

  1. Open Oak Backup and go the the Storage location tab.

  2. Enter the bucket name, access key id and secret access key from the previous steps.

Step 5: Configure retention for deleted files (optional)

By default, Amazon S3 keeps deleted files forever. You can configure this with these steps.

  1. Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. In the Buckets list, choose the name of the bucket that you want to create a lifecycle rule for (the one you created at step 1).

  3. Choose the Management tab, and choose Create lifecycle rule.

  4. In Lifecycle rule name, enter "Delete expired objects".

  5. Under Choose a rule scope, select Apply to all objects in the bucket, and select I acknowledge that this rule applies to all objects in the bucket.

  6. Under Lifecycle rule actions, select Permanently delete noncurrent versions of objects and Delete expired object delete markers or incomplete multipart upload.

  7. Under Permanently delete noncurrent versions of objects, in Days after objects become noncurrent, enter the number of days to keep deleted files. Recommended value: 365.

  8. Under Delete expired object delete markers or incomplete multipart uploads, select Delete expired object delete markers and Delete incomplete multipart uploads. Then, in Number of days, enter 7.

  9. Click Create rule.