Destination Bucket requirements for s3 Ingestion

Destination Bucket requirements for s3 Ingestion

Uptycs expects the following permissions on the destination bucket

  1. Versioning: We allow  both enabled and disabled

  2. Encryption: We support Server Side Encryption enabled and disabled.

  3. Region:us-west-2

  4. Permissions:

    1. We expect the bucket to have the following permissions for the principal(938922273831)

 

  1. "s3:PutObject",
  2. ”s3:PutObjectAcl”
  3. "s3:GetObject",
  4. "s3:ListBucket",
  5. "s3:AbortMultipartUpload",
  6. "s3:ListBucketMultipartUploads"


         b. The Format of the bucket policy in json should be as follows

               

{

    "Version": "2008-10-17",

    "Statement": [

        {

            "Sid": "UptycsS3ExportPolicyStmt",

            "Effect": "Allow",

            "Principal": {

                "AWS": "arn:aws:iam::938922273831:root"

            },

            "Action": [

                "s3:PutObject",

                "s3:PutObjectAcl"

            ],

            "Resource": [

                "arn:aws:s3:::<bucket name>",

                "arn:aws:s3:::<bucket name>/*"

            ],

            "Condition": {

                "StringEquals": {

                    "s3:x-amz-acl": "bucket-owner-full-control"

                }

            }

        },

        {

            "Sid": "UptycsS3multipartuploadStmt",

            "Effect": "Allow",

            "Principal": {

                "AWS": "arn:aws:iam::938922273831:root"

            },

            "Action": [

                "s3:GetObject",

                "s3:ListBucket",

                "s3:AbortMultipartUpload",

                "s3:ListBucketMultipartUploads"

            ],

            "Resource": [

                "arn:aws:s3:::<bucket name>",

                "arn:aws:s3:::<bucket name>/*"

            ]

        }

    ]

}

    • Related Articles

    • Export/Import Event,Alert Rules or Saved Queries

      The attached python3 code can be used to export one, several, or all event rules, alert rules, or saved queries.  1. Download the attached zip, unzip it 2. Install requirements: python3 -m pip install requirements.txt 3. Export desired objects to ...
    • Okta Integration

      Overview This document outlines the procedure on how to integrate Okta with Uptycs Procedure Pre-requisite(s) Admin access to Okta Enabling and Adding new Application in Okta for Uptycs Following procedure outlines steps to create a new application ...
    • AWS Tag Creation From Uptycs Saved Queries

      aws_tag_from_query.py This script applies AWS tags to resources based on an Uptycs saved query. It uses the AWS Python SDK (boto3).  Usage:   python3 aws_tag_from_query.py <uptycs_apikey_file> [-q <"query name"> | --all] -k <key> [-v <value>] -ec2 ...