Before you can create a snapshot, you must provide an Amazon S3 bucket with the necessary permissions. For information on creating a bucket, see Creating a bucket. We recommend enabling bucket versioning and server access logging. These settings can be enabled from the bucket's Properties tab after provisioning.
Note
This Amazon S3 bucket's lifecycle will not be managed within the product. You will need to manage the bucket lifecycle from the console.
To add permissions to the bucket:
-
Select the bucket you created from the Buckets list.
-
Select the Permissions tab.
-
Under Bucket policy, choose Edit.
-
Add the following statement to the bucket policy. Replace these values with your own:
-
AWS_ACCOUNT_ID
-
RES_ENVIRONMENT_NAME
-
AWS_REGION
-
S3_BUCKET_NAME
Important
There are limited version strings supported by AWS. For more information, see https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_version.html.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "Export-Snapshot-Policy", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::{AWS_ACCOUNT_ID}:role/{RES_ENVIRONMENT_NAME}-cluster-manager-role-{AWS_REGION}}" }, "Action": [ "s3:GetObject", "s3:ListBucket", "s3:AbortMultipartUpload", "s3:PutObject", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::{S3_BUCKET_NAME}", "arn:aws:s3:::{S3_BUCKET_NAME}/*" ] }, { "Sid": "AllowSSLRequestsOnly", "Action": "s3:*", "Effect": "Deny", "Resource": [ "arn:aws:s3:::{S3_BUCKET_NAME}", "arn:aws:s3:::{S3_BUCKET_NAME}/*" ], "Condition": { "Bool": { "aws:SecureTransport": "false" } }, "Principal": "*" } ] } -
To create the snapshot:
-
Choose Create Snapshot.
-
Enter the name of the Amazon S3 bucket you created.
-
Enter the path where you would like the snapshot stored within the bucket. For example,
october2023/23. -
Choose Submit.
-
After five to ten minutes, choose Refresh on the Snapshots page to check the status. A snapshot will not be valid until the status changes from IN_PROGRESS to COMPLETED.
