By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Backup Service

0

I have initiated a backup plan using the Backup service back in late June. I am noticing a pattern of failed S3 backup jobs, although I attached a manual inline policy:

"Action": [ "s3:ListBucket", "s3:GetBucketVersioning", "s3:GetObject", "s3:GetObjectVersion", "s3:GetBucketLocation", "backup:StartBackupJob", "backup:StartRestoreJob" ], "Resource": "arn:aws:s3:::*"

Topics
StorageSecurity, Identity, & Compliance
Tags
Amazon Simple Storage ServiceAWS Identity and Access ManagementAWS Backup
Language
English
profile picture
Mohamad El Bohsaly
asked 9 months ago243 views
2 Answers
1

I’d check to see if there’s any deny policies on the S3 bucket policies.

Versioning is a prerequisite too

profile picture
EXPERT
Gary Mclean
answered 9 months ago
0

Hi Mohamad,

If the error is access denied, it will come down to either the role associated with the backup job does not have the necessary permissions to access the S3 bucket or the S3 bucket has a policy that denies access.

  1. Check if there is an S3 bucket policy defined in the bucket and whether there is a deny blocking access to this bucket from the backup role.
  2. On the role associated with AWS backups, try attaching the AWS managed policy (AWS Backup For Amazon S3 Backup Policy)
profile picture
Bisina
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content