Make an S3 bucket (Create S3 bucket)
- Remember the bucket name and region
Make an IAM Policy (Create policy)
- Select JSON
- Paste this code, replace my-sql-backups with the S3 bucket name
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject", "s3:ListBucket", "s3:AbortMultipartUpload" ], "Resource": [ "arn:aws:s3:::my-sql-backups", "arn:aws:s3:::my-sql-backups/*" ] } ] }
Make an IAM Role (Create role)
- AWS service
- RDS service
- RDS - Add Role to Database
- Add Permissions
- Check the box of the policy that you created above
- Remember the ARN of the role
Make an Option Group (RDS Option Groups)
- Give a name, select the engine and version
- Add the option SQLSERVER_BACKUP_RESTORE and select the IAM role you created above
Attach IAM Role to RDS Instance (RDS Databases)
- Select the SQL Server instance
- Modify
- Change the option group to the one made above
Make an IAM User (Create User)
- Enter username
- No need to access console
Create credentials for the IAM User (Users)
- Open the user
- Security credentials
- Create access key
- CLI
- Add permissions
- Inline policy
- Paste this JSON, changing the bucket name
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowReadSpecificBucket", "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:GetObject", "s3:GetBucketLocation" ], "Resource": [ "arn:aws:s3:::YOUR-BUCKET-NAME", "arn:aws:s3:::YOUR-BUCKET-NAME/*" ] } ] }
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article