diff options
author | Geoff Webster <gwebster@juniper.net> | 2016-08-19 18:09:38 +0000 |
---|---|---|
committer | Geoff Webster <gwebster@juniper.net> | 2016-08-19 18:09:38 +0000 |
commit | cb767d87c6835cbba631fd4eb68d0b0b905d0e23 (patch) | |
tree | 22d4a8029064f70ce242881a6a367eaf32daddd0 /doc/raketasks | |
parent | 2e34e5f1b75673d853822cfad827f48c48ed1353 (diff) | |
download | gitlab-ce-cb767d87c6835cbba631fd4eb68d0b0b905d0e23.tar.gz |
Document IAM Profile AWS S3 configuration key.
Diffstat (limited to 'doc/raketasks')
-rw-r--r-- | doc/raketasks/backup_restore.md | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md index 835af5443a3..68d946cfc63 100644 --- a/doc/raketasks/backup_restore.md +++ b/doc/raketasks/backup_restore.md @@ -79,6 +79,9 @@ gitlab_rails['backup_upload_connection'] = { 'region' => 'eu-west-1', 'aws_access_key_id' => 'AKIAKIAKI', 'aws_secret_access_key' => 'secret123' + # If using an IAM Profile, leave aws_access_key_id & aws_secret_access_key empty + # ie. 'aws_access_key_id' => '', + # 'use_iam_profile' => 'true' } gitlab_rails['backup_upload_remote_directory'] = 'my.s3.bucket' ``` @@ -95,12 +98,16 @@ For installations from source: region: eu-west-1 aws_access_key_id: AKIAKIAKI aws_secret_access_key: 'secret123' + # If using an IAM Profile, leave aws_access_key_id & aws_secret_access_key empty + # ie. aws_access_key_id: '' + # use_iam_profile: 'true' # The remote 'directory' to store your backups. For S3, this would be the bucket name. remote_directory: 'my.s3.bucket' # Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for backups, this is optional # encryption: 'AES256' ``` + If you are uploading your backups to S3 you will probably want to create a new IAM user with restricted access rights. To give the upload user access only for uploading backups create the following IAM profile, replacing `my.s3.bucket` |