Sunday, September 13, 2020

S3 Permissions to mail-in-a-box backup

 To backup mail-in-a-box to AWS S3 you need:

  1. Have a AWS account
  2. Create a S3 bucket to store the backups (you will need to note the region)
  3. Create a group, e.g. backup-email-group, with the single policy shown bellow
  4. Create a IAM user with programmatic access as a member of the backup-email-group. Note down the Access key and Secret Access Key
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::my-bucket-name"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::my-bucket-name/*"
        }
    ]
}
This policy was posted in the mail-in-a-box forums.
Posted by at 08:29 0 comments
Subscribe to: Posts ( Atom )