Configuring AWS Cloud Storage
The following guide walks you through configuring AWS Cloud Storage so that it can be used with CloudBerry Online Backup.
Some of what’s outlined may also be in the AWS Management Console documentation.
If you’re looking for our full guide that provides end to end configuration steps; it can be downloaded from here.
Before we start…
This guide assumes you’ve already signed up for an AWS account. If not; sign up now.
Amazon also provide a price calculator so it’s easy to get an estimate of costs for storing your backups.
While CloudBerry supports both Amazon S3 and Amazon S3 Glacier; it’s recommended to run backups to S3 only. The reason for this is:
- Glacier price rates for data access is extremely high
- Amazon shapes the download speeds from Glacier making it extremely slow to recover.
- Use Glacier storage when archiving data that’s no longer needed on a regular basis but needs to be kept for compliance reasons.
Any S3 bucket that’s used for storing backups from CloudBerry should be used for that purpose only. Having multiple applications or tasks using the same bucket could cause data corruption or accidental deletion.
Configuring a AWS S3 Storage Bucket
1. Login to your AWS Management Console.
2. On the top navigation menu click Services then under Storage click S3.
3. On the Amazon S3 page, click Create Bucket.
4. On the Name and Region screen, provide the following:
The only restrictions on naming convention within AWS S3 are:
- The bucket name needs to be unique within AWS.
- Lower case characters and numbers.
- Be between 3 and 63 characters long.
This is the location of the data centre where your data will be stored. For compliance based reasons, most people in Australia and New Zealand will select Asia Pacific (Sydney).
Copy settings from an existing bucket
This is an optional section. If there is another bucket already configured; then the wizard can replicate the settings of that bucket by selecting it within the drop down box. Otherwise leave blank.
5. Configure Options screen, the following options are available:
Versioning: Allows for multiple versions of files/folders to be stored within the bucket. It’s recommended to keep this disabled as the CloudBerry retention options allow for management of this from the software.
Having versioning enabled in both the software and AWS management console could cause conflicts which result in backup data being lost or corrupted.
Server access logging: Will create an log file that logs all requests made to the bucket. While this doesn’t attract additional charges, storing and accessing the log file(s) will.
Tags: This allows a user to associate the S3 bucket to a project or client. By doing this; you’ll be able to generate AWS cost reporting around projects or clients specifically.
This is an optional step for the purpose of this guide.
Object-level logging: Allows for logging around API calls that use the bucket. This is an optional setting and isn’t required to configure the S3 bucket successfully. Using this setting may attract additional costs.
Default encryption: Will encrypt the contents of the bucket. This can also be disabled as encryption is a setting within the backup plan within CloudBerry Online Backup.
6. On the Set Permissions screen, select the level of public access you wish to provide to the bucket. It’s recommended to configure Block all public access and then configure permissions to specific user accounts for better security.
7. Review the settings of the bucket. If all is correct, click Create bucket.
Once the S3 bucket is created; it’ll be shown in the bucket list on the Amazon S3 page as shown below.
Creating Access Keys for your AWS Account
For the Managed Backup Services Console to authenticate with the AWS S3 bucket you’ve created; a set of access keys needs to be created within the AWS Management Console.
1. Click on the Username (account) dropdown and select My Security Credentials.
2. On the Your Security Credentials screen; click on Access Keys > Create New Access Key.
3. A new set of access keys will be generated. Be sure to download and save these keys in a safe area as once this window is closed; the secret access key can’t be recovered.
The access key will now be shown in the list as seen below and everything is now prepared to configure CloudBerry to use the Amazon S3 bucket as backup storage.