Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How to setup Bi-Directional replication?

0

I am looking for information on how to set up Bi-Directional replication on S3.

Topics
Storage
Tags
StorageAmazon Simple Storage Service
Language
English
AWS
asked a year ago568 views
1 Answer
1
Accepted Answer

Here are the steps to set up bidirectional replication

  1. Creating an IAM role - the first step is to create an IAM role with a trust relationship that allows the S3 and Batch services to perform the replication. Another policy will be created and attached to the same role to allow access to the S3 buckets.
  • Trust Policy: second trust policy outlined in link [1].
  • Access Policy: third policy outlined in link [1].

  1. Granting permissions when the source and destination buckets are owned by different AWS accounts - if the source and destination buckets reside in different accounts, then a bucket policy for the destination bucket needs to be applied. -Bucket Policy: first trust policy outlined in link [2].

  2. Granting permissions for S3 Batch Operations - in the IAM role previously created, another policy to allow Batch Operations will have to be attached. The policy chosen depends on whether the manifest is generated by S3 or supplied by a user.

  • Policy if using and storing an S3 generated manifest: this is the first policy outlined in link [3].
  • Policy if using a user supplied manifest: this is the second policy outlined in link [3].
  1. Changing replica ownership - if source and destination buckets are owned by separate accounts, you can tell Amazon S3 to change the ownership of the replica to the AWS account that owns the destination bucket.
  • To change the replica owner: please follow steps outlined in link [4].

Once the objects from the source bucket make it to the destination bucket you can enable the replication rule to go from source region to destination region to complete the bi-directional replication. To set this up, you will only need to follow steps 1, 2, and 4, because step 3 is for the batch replication.

Please note that replicas are not replicated, so once an object is replicated from the source or destination bucket it will not be replicated again.

References: [1] Same Account - https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html#setting-repl-config-same-acctowner [2] Cross Account - https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-repl-config-perm-overview.html#setting-repl-config-crossacct [3] Batch Operations - https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-batch-replication-policies.html [4] Change Replica Owner - https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-change-owner.html [5] Bidirectional replication - https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication.html#two-way-replication-scenario [6] Demo - https://catalog.workshops.aws/well-architected-reliability/en-US/4-failure-management/1-backup/20-bidirectional-replication-for-s3/2-configure-replication [7] What isn't replicated - https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-what-is-isnot-replicated.html#replication-what-is-not-replicated

AWS
answered a year ago
EXPERT
reviewed a year ago
EXPERT
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content