Authenticate to S3 using an EC2 IAM Role

With the release of SQL Backup Master v6.1.586.0, users running SQL Backup Master within an Amazon EC2 instance can now authenticate to their S3 buckets using an IAM role.

Use of this authentication option eliminates the need to enter S3 credentials into SQL Backup Master. Instead, SQL Backup Master will use the IAM role assigned to the EC2 instance to access your S3 buckets.

Configuring the EC2 Environment

If you haven’t already, you’ll need to establish an IAM role within AWS. To do so, create an EC2 role within the AWS IAM console, and grant it the AmazonS3FullAccess permission.

Then attach this new role to the EC2 instance that will be hosting SQL Backup Master.

For details on using an IAM role to grant EC2 application permissions, please see the following article:

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html

Configuring SQL Backup Master

To verify that we’re using the credentials provided by the IAM role, install SQL Backup Master (v6.1.586.0 or later) on your EC2 instance.

Now, add an Amazon S3 backup destination and select the Authenticate using EC2 IAM role option. Leave the access key and secret key fields blank.

s3-iam-role-ec2

Finally, run your database backup job to ensure that backups to S3 are working as expected.

posted by SQL Backup Master at 5:39 pm