Bucket & IAM Permissions
This article contains minimal permissions for the Amazon AWS S3 bucket required to use the bucket as backup storage in the Xopero ONE service. The policies provided below allow you to add your own AWS S3 storage to Xopero ONE.
AWS bucket policy
The bucket that will be used to store the data must've assigned following policy(JSON):
Support for Immutable Storage
If you want to use the Immutable storage, the following permissions are required:
Remember, that the Immutable Storage configuration is available only when creating the new bucket - there is no option to enable Immutable Storage in an already existing bucket!
Retention and/or versioning enabled for the bucket may result in the storage of additional data. It is recommended that the retention in Xopero ONE be longer than the one set for storage. Otherwise, it may lead to storage being overloaded!
It must be added to the Action section, and after the changes, the section must look like the below:
More details about how to create or edit a bucket policy available on Amazon documentation: Adding a bucket policy using the Amazon S3 console.
To see more about S3 Immutable storage, visit https://docs.aws.amazon.com/whitepapers/latest/aws-security-incident-response-guide/use-immutable-storage.html
Last updated