How do I export an ElastiCache for Redis backup to Amazon S3?
I want to export my Amazon ElastiCache for Redis backup to Amazon Simple Storage Service (Amazon S3).
Resolution
Create or use an Amazon S3 bucket that's in the same AWS Region as the ElastiCache cluster
To copy an ElastiCache snapshot (.rdb file) to an S3 bucket, either use an existing bucket or create a bucket in the same Region as the ElastiCache cluster.
Grant ElastiCache access to the Amazon S3 bucket
Complete the following steps:
- Open the Amazon S3 console.
- Select the name of the S3 bucket that you want to copy the backup to.
- Choose Permissions.
- Under Access control list (ACL), choose Edit.
- Choose Add grantee, and then enter the following canonical ID: 540804c33a284a299d2547575ce1010f2312ef3da9b3a053c8bc45bf233e4353.
- Select the following options:
For Objects, select List and Write.
For Bucket ACL, select Read and Write. - Choose Save.
Note: AWS GovCloud (US) Regions use the following ID: 40fa568277ad703bd160f66ae4f83fc9dfdfd06c2f1b5060ca22442ac3ef8be6.
Grant the necessary permissions to interact with the Amazon S3 bucket
To export the backup, the AWS Identity and Access Management user must have the necessary permissions.
The following is an example IAM policy that includes the necessary permissions to access the S3 bucket and copy the .rdb file:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:ListBucket" ], "Resource": "arn:aws:s3:::*" } ] }
Note: In the preceding example, the IAM policy gives access to all S3 buckets. You can also limit permissions to a specific bucket.
If the IAM policy is missing or denies the required permissions, then the export returns the following error: "The authenticated user does not have sufficient permissions to perform the desired activity."
Export an ElastiCache for Redis backup to an Amazon S3 bucket
Complete the following steps:
- Open the ElastiCache console.
- In the navigation pane, under Resources, choose Backups.
- From the list of backups, select the backup that you want to export, and then choose Export.
- Enter a name for your backup in New backup name. ElastiCache adds an instance identifier and the .rdb file name extension to the value that you enter. For example, if you enter my-exported-backup, then ElastiCache creates my-exported-backup-0001.rdb.
- From the Target S3 location dropdown list, select the name of the S3 bucket that you want to export your backup to.
- Choose Export.
Related information
Seeding a new self-designed cluster with an externally created backup
Can someone explain to me why we need to provide access to all s3 buckets ( "Resource": "arn:aws:s3:::*"), instead of giving access to the specific s3 bucket we want to export the snapshot to?
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetBucketLocation", "s3:ListAllMyBuckets", "s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:ListBucket" ], "Resource": "arn:aws:s3:::*" } ] }
Please note that any deny statement (bucket or IAM policy statement) to any of the above listed permissions will cause the Redis backup to return an error.
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
Small correction - In the "Export an ElastiCache for Redis backup to S3" section, point 3 states "and then choose Copy." which I believe should be "and then choose Export."
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
small correction:
The following is an example bucket policy that includes the necessary permissions to access the S3 bucket and copy the .rdb file:
it should be
The following is an example IAM policy that includes the necessary permissions to access the S3 bucket and copy the .rdb file:
Relevant content
- asked 3 years ago
- asked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 days ago
