# AWS S3
AWS is the industry leader in cloud storage. Prices depend on region and usage.
# Creating a New Bucket
- Login to your AWS Console
- In the top menu, select Services
- Search for S3 and open it
- Press the Create bucket button
- Choose your a bucket name
- Choose your AWS Region
- You can choose a region close to your server to increase speed, or further away if you want to mitigate risk
- Leave
Block all public access
checked - You can leave all other options at default, or configure them manually
- Press Create bucket
# Creating a New IAM User
-
Leave S3 and find IAM from the top services menu
-
Press Users on left sidebar
-
Press the Add user button
- Give them a user name (e.g. snapshooter)
- Check Programmatic access
-
Ignore the Permissions section and press Next: Tags. We recommend you don't use the attach existing polices directly with AmazonS3FullAccess, as this will grant SnapShooter permission for every S3 bucket in your account and is unnecessary
-
You can optionally create tags for the user
-
Press Next: Review
-
Press Create user
-
View Details SAVE THE SECRET KEY, this will never be shown again
-
In IAM find the user list and click on your new user
-
Press Add inline policy
-
Paste the following:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:DeleteObject", "s3:GetObject", "s3:PutObject", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::BUCKET_NAME/*", "arn:aws:s3:::BUCKET_NAME" ] } ] }
Replace
BUCKET_NAME
with the newly created bucket name e.g.{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:DeleteObject", "s3:GetObject", "s3:PutObject", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::s3.snapshooter.com/*", "arn:aws:s3:::s3.snapshooter.com" ] } ] }
Press Create Policy (give it a useful name)
# Attaching S3 to SnapShooter
- Go back to SnapShooter
- https://snapshooter.com/dashboard/settings/storage/attach
- Choose a Friendly Name
- Select AWS Storage Provider
- Select the s3 region where you created your bucket
- Paste in the saved access keys
- Enter the correct bucket name
- Press Save
- We will check the API key is valid and works before allowing you to save. Once complete, you are ready to create a Backup Job that uses external storage