Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Unable to copy Elasticache for redis backup

2

I have followed those instructions step by step: https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/backups-exporting.html

However I have the following error:

An error occurred (InvalidParameterValue) when calling the CopySnapshot operation: Elasticache was unable to validate the authenticated user has access on the S3 bucket ...

The bucket is in the same region of the backup.

This is my bucket configuration:

{
    "LocationConstraint": "eu-central-1"
}


{
    "Version": "2012-10-17",
    "Id": "xxxxxxxx",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "eu-central-1.elasticache-snapshot.amazonaws.com"
            },
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucket",
                "s3:GetBucketAcl",
                "s3:ListMultipartUploadParts",
                "s3:ListBucketMultipartUploads"
            ],
            "Resource": [
                "arn:aws:s3:::my-bucket-name/*",
                "arn:aws:s3:::my-bucket-name"
            ]
        }
    ]
}

This is the snapshot

{
    "Snapshots": [
        {
            "SnapshotName": "my-snapshot-name",
            "CacheClusterId": "xxxxxxxx-xxx",
            "SnapshotStatus": "available",
            "SnapshotSource": "manual",
            "CacheNodeType": "cache.t2.micro",
            "Engine": "redis",
            "EngineVersion": "5.0.3",
            "NumCacheNodes": 1,
            "PreferredAvailabilityZone": "eu-central-1c",
            "CacheClusterCreateTime": "xxxxxxx",
            "PreferredMaintenanceWindow": "mon:02:30-mon:03:30",
            "Port": 6379,
            "CacheParameterGroupName": "default.redis5.0",
            "CacheSubnetGroupName": "internal",
            "VpcId": "xxxxx",
            "AutoMinorVersionUpgrade": true,
            "SnapshotRetentionLimit": 7,
            "SnapshotWindow": "00:00-02:00",
            "NodeSnapshots": [
                {
                    "CacheNodeId": "0001",
                    "CacheSize": "33 MB",
                    "CacheNodeCreateTime": "xxxxxx",
                    "SnapshotCreateTime": "xxxxxx"
                }
            ],
            "ARN": "arn:aws:elasticache:eu-central-1:000000000:snapshot:my-snapshot-name",
            "DataTiering": "disabled"
        }
    ]
}
Argomenti
ArchiviazioneDatabase
Tag
Servizio di archiviazione semplice di AmazonAmazon ElastiCache per Redis
Lingua
English
AWS-User-7081016
posta 2 anni fa1742 visualizzazioni
2 Risposte
1

Hi AWS-User-7081016,

Just thought of checking if the step 3(Step 3: Export an ElastiCache backup) of the documentation is adhered. AWS expects the user who performs the operation to have the below permission. I'm assuming you have the below set of permission to your IAM user through which the export operation is attempted.

{
	"Version": "2012-10-17",
	"Statement": [{
		"Effect": "Allow",
		"Action": [
			"s3:GetBucketLocation",
			"s3:ListAllMyBuckets",
			"s3:PutObject",
			"s3:GetObject",
			"s3:DeleteObject",
			"s3:ListBucket"
		],
		"Resource": "arn:aws:s3:::*"
	}]
}
Karthikeyan Venkatraman
con risposta 2 anni fa
1

Have you tried to enable the ACL to grant Elasticache access right according to the documentation?

blacktulip11
con risposta 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente