Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Unable to copy Elasticache for redis backup

2

I have followed those instructions step by step: https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/backups-exporting.html

However I have the following error:

An error occurred (InvalidParameterValue) when calling the CopySnapshot operation: Elasticache was unable to validate the authenticated user has access on the S3 bucket ...

The bucket is in the same region of the backup.

This is my bucket configuration:

{
    "LocationConstraint": "eu-central-1"
}


{
    "Version": "2012-10-17",
    "Id": "xxxxxxxx",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "eu-central-1.elasticache-snapshot.amazonaws.com"
            },
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucket",
                "s3:GetBucketAcl",
                "s3:ListMultipartUploadParts",
                "s3:ListBucketMultipartUploads"
            ],
            "Resource": [
                "arn:aws:s3:::my-bucket-name/*",
                "arn:aws:s3:::my-bucket-name"
            ]
        }
    ]
}

This is the snapshot

{
    "Snapshots": [
        {
            "SnapshotName": "my-snapshot-name",
            "CacheClusterId": "xxxxxxxx-xxx",
            "SnapshotStatus": "available",
            "SnapshotSource": "manual",
            "CacheNodeType": "cache.t2.micro",
            "Engine": "redis",
            "EngineVersion": "5.0.3",
            "NumCacheNodes": 1,
            "PreferredAvailabilityZone": "eu-central-1c",
            "CacheClusterCreateTime": "xxxxxxx",
            "PreferredMaintenanceWindow": "mon:02:30-mon:03:30",
            "Port": 6379,
            "CacheParameterGroupName": "default.redis5.0",
            "CacheSubnetGroupName": "internal",
            "VpcId": "xxxxx",
            "AutoMinorVersionUpgrade": true,
            "SnapshotRetentionLimit": 7,
            "SnapshotWindow": "00:00-02:00",
            "NodeSnapshots": [
                {
                    "CacheNodeId": "0001",
                    "CacheSize": "33 MB",
                    "CacheNodeCreateTime": "xxxxxx",
                    "SnapshotCreateTime": "xxxxxx"
                }
            ],
            "ARN": "arn:aws:elasticache:eu-central-1:000000000:snapshot:my-snapshot-name",
            "DataTiering": "disabled"
        }
    ]
}
Tópicos
ArmazenamentoBanco de dados
Tags
Serviço de armazenamento simples da AmazonAmazon ElastiCache for Redis
Idioma
English
AWS-User-7081016
feita há 2 anos1742 visualizações
2 Respostas
1

Hi AWS-User-7081016,

Just thought of checking if the step 3(Step 3: Export an ElastiCache backup) of the documentation is adhered. AWS expects the user who performs the operation to have the below permission. I'm assuming you have the below set of permission to your IAM user through which the export operation is attempted.

{
	"Version": "2012-10-17",
	"Statement": [{
		"Effect": "Allow",
		"Action": [
			"s3:GetBucketLocation",
			"s3:ListAllMyBuckets",
			"s3:PutObject",
			"s3:GetObject",
			"s3:DeleteObject",
			"s3:ListBucket"
		],
		"Resource": "arn:aws:s3:::*"
	}]
}
Karthikeyan Venkatraman
respondido há 2 anos
1

Have you tried to enable the ACL to grant Elasticache access right according to the documentation?

blacktulip11
respondido há 2 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante