Support » Plugin: BackWPup - WordPress Backup Plugin » S3 Permissions Required?

  • Resolved smartyp

    (@smartyp)


    Hi,

    Can anyone confirm the minimum specific S3 permissions required for backups via BackWPup? (Or is there a recommended S3 policy… ). Would have thought this would be in the FAQ section but couldn’t find it stated anywhere in the docs.

    Thanks.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support duongcuong96

    (@duongcuong96)

    Hi @smartyp
    From what I understand now, BackWPUp uses the following S3 permissions:

    read
    Buckets: s3:ListBucket, s3:ListBucketVersions, and s3:ListBucketMultipartUploads
    
    write:
    Buckets: s3:PutObject and s3:DeleteObject

    Hope that may help you 🙂

    smartyp

    (@smartyp)

    Thanks, that did the trick – was missing ListBucketVersions.

    I recommend you guys put this in the FAQ 🙂

    Plugin Support duongcuong96

    (@duongcuong96)

    Hi @smartyp
    Great to hear that, but could you please describe more detail about your issue?
    I would like to know more about your case before I can suggest our team add S3 permissions to FAQ.
    Thank you 😀

    smartyp

    (@smartyp)

    Not really sure what you mean. Anyone using S3 for backups needs to know what permissions they need to allow at the Amazon S3 end. So rather than have people guess until it works (or grant more permissions than necessary) it would help to publish what is required 🙂

    Plugin Support duongcuong96

    (@duongcuong96)

    @smartyp
    Actually, I never got this kind of issue before with AWS S3, so I was curious how you can get the issue? is there a way to reproduce it?
    Thank you!

    smartyp

    (@smartyp)

    How did you set up permissions at the S3 end? A lot of people just add permissions for ‘everything’ which is really not wise for security (or worse, are still using root access keys instead of IAM users).

    So to reproduce, just remove some of the required permissions from the S3 policy. For example (as I experienced) if ListBucketVersions hasn’t been granted then the backup runs, but then fails at the end when it accesses S3.

Viewing 6 replies - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.