Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Unable to copy Elasticache for redis backup

2

I have followed those instructions step by step: https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/backups-exporting.html

However I have the following error:

An error occurred (InvalidParameterValue) when calling the CopySnapshot operation: Elasticache was unable to validate the authenticated user has access on the S3 bucket ...

The bucket is in the same region of the backup.

This is my bucket configuration:

{
    "LocationConstraint": "eu-central-1"
}


{
    "Version": "2012-10-17",
    "Id": "xxxxxxxx",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "eu-central-1.elasticache-snapshot.amazonaws.com"
            },
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucket",
                "s3:GetBucketAcl",
                "s3:ListMultipartUploadParts",
                "s3:ListBucketMultipartUploads"
            ],
            "Resource": [
                "arn:aws:s3:::my-bucket-name/*",
                "arn:aws:s3:::my-bucket-name"
            ]
        }
    ]
}

This is the snapshot

{
    "Snapshots": [
        {
            "SnapshotName": "my-snapshot-name",
            "CacheClusterId": "xxxxxxxx-xxx",
            "SnapshotStatus": "available",
            "SnapshotSource": "manual",
            "CacheNodeType": "cache.t2.micro",
            "Engine": "redis",
            "EngineVersion": "5.0.3",
            "NumCacheNodes": 1,
            "PreferredAvailabilityZone": "eu-central-1c",
            "CacheClusterCreateTime": "xxxxxxx",
            "PreferredMaintenanceWindow": "mon:02:30-mon:03:30",
            "Port": 6379,
            "CacheParameterGroupName": "default.redis5.0",
            "CacheSubnetGroupName": "internal",
            "VpcId": "xxxxx",
            "AutoMinorVersionUpgrade": true,
            "SnapshotRetentionLimit": 7,
            "SnapshotWindow": "00:00-02:00",
            "NodeSnapshots": [
                {
                    "CacheNodeId": "0001",
                    "CacheSize": "33 MB",
                    "CacheNodeCreateTime": "xxxxxx",
                    "SnapshotCreateTime": "xxxxxx"
                }
            ],
            "ARN": "arn:aws:elasticache:eu-central-1:000000000:snapshot:my-snapshot-name",
            "DataTiering": "disabled"
        }
    ]
}
Themen
SpeicherDatenbank
Tags
Amazon Simple Storage ServiceAmazon ElastiCache für Redis
Sprache
English
AWS-User-7081016
gefragt vor 2 Jahren1746 Aufrufe
2 Antworten
1

Hi AWS-User-7081016,

Just thought of checking if the step 3(Step 3: Export an ElastiCache backup) of the documentation is adhered. AWS expects the user who performs the operation to have the below permission. I'm assuming you have the below set of permission to your IAM user through which the export operation is attempted.

{
	"Version": "2012-10-17",
	"Statement": [{
		"Effect": "Allow",
		"Action": [
			"s3:GetBucketLocation",
			"s3:ListAllMyBuckets",
			"s3:PutObject",
			"s3:GetObject",
			"s3:DeleteObject",
			"s3:ListBucket"
		],
		"Resource": "arn:aws:s3:::*"
	}]
}
Karthikeyan Venkatraman
beantwortet vor 2 Jahren
1

Have you tried to enable the ACL to grant Elasticache access right according to the documentation?

blacktulip11
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt