AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Unable to copy Elasticache for redis backup

2

I have followed those instructions step by step: https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/backups-exporting.html

However I have the following error:

An error occurred (InvalidParameterValue) when calling the CopySnapshot operation: Elasticache was unable to validate the authenticated user has access on the S3 bucket ...

The bucket is in the same region of the backup.

This is my bucket configuration:

{
    "LocationConstraint": "eu-central-1"
}


{
    "Version": "2012-10-17",
    "Id": "xxxxxxxx",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "eu-central-1.elasticache-snapshot.amazonaws.com"
            },
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucket",
                "s3:GetBucketAcl",
                "s3:ListMultipartUploadParts",
                "s3:ListBucketMultipartUploads"
            ],
            "Resource": [
                "arn:aws:s3:::my-bucket-name/*",
                "arn:aws:s3:::my-bucket-name"
            ]
        }
    ]
}

This is the snapshot

{
    "Snapshots": [
        {
            "SnapshotName": "my-snapshot-name",
            "CacheClusterId": "xxxxxxxx-xxx",
            "SnapshotStatus": "available",
            "SnapshotSource": "manual",
            "CacheNodeType": "cache.t2.micro",
            "Engine": "redis",
            "EngineVersion": "5.0.3",
            "NumCacheNodes": 1,
            "PreferredAvailabilityZone": "eu-central-1c",
            "CacheClusterCreateTime": "xxxxxxx",
            "PreferredMaintenanceWindow": "mon:02:30-mon:03:30",
            "Port": 6379,
            "CacheParameterGroupName": "default.redis5.0",
            "CacheSubnetGroupName": "internal",
            "VpcId": "xxxxx",
            "AutoMinorVersionUpgrade": true,
            "SnapshotRetentionLimit": 7,
            "SnapshotWindow": "00:00-02:00",
            "NodeSnapshots": [
                {
                    "CacheNodeId": "0001",
                    "CacheSize": "33 MB",
                    "CacheNodeCreateTime": "xxxxxx",
                    "SnapshotCreateTime": "xxxxxx"
                }
            ],
            "ARN": "arn:aws:elasticache:eu-central-1:000000000:snapshot:my-snapshot-name",
            "DataTiering": "disabled"
        }
    ]
}
주제
스토리지데이터베이스
태그
아마존 심플 스토리지 서비스아마존 레디스용 엘라스티캐시
언어
English
AWS-User-7081016
질문됨 2년 전1742회 조회
2개 답변
1

Hi AWS-User-7081016,

Just thought of checking if the step 3(Step 3: Export an ElastiCache backup) of the documentation is adhered. AWS expects the user who performs the operation to have the below permission. I'm assuming you have the below set of permission to your IAM user through which the export operation is attempted.

{
	"Version": "2012-10-17",
	"Statement": [{
		"Effect": "Allow",
		"Action": [
			"s3:GetBucketLocation",
			"s3:ListAllMyBuckets",
			"s3:PutObject",
			"s3:GetObject",
			"s3:DeleteObject",
			"s3:ListBucket"
		],
		"Resource": "arn:aws:s3:::*"
	}]
}
Karthikeyan Venkatraman
답변함 2년 전
1

Have you tried to enable the ACL to grant Elasticache access right according to the documentation?

blacktulip11
답변함 2년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠