summaryrefslogtreecommitdiff
path: root/doc/raketasks
diff options
context:
space:
mode:
authorGeoff Webster <gwebster@juniper.net>2016-08-19 18:09:38 +0000
committerGeoff Webster <gwebster@juniper.net>2016-08-19 18:09:38 +0000
commitcb767d87c6835cbba631fd4eb68d0b0b905d0e23 (patch)
tree22d4a8029064f70ce242881a6a367eaf32daddd0 /doc/raketasks
parent2e34e5f1b75673d853822cfad827f48c48ed1353 (diff)
downloadgitlab-ce-cb767d87c6835cbba631fd4eb68d0b0b905d0e23.tar.gz
Document IAM Profile AWS S3 configuration key.
Diffstat (limited to 'doc/raketasks')
-rw-r--r--doc/raketasks/backup_restore.md7
1 files changed, 7 insertions, 0 deletions
diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md
index 835af5443a3..68d946cfc63 100644
--- a/doc/raketasks/backup_restore.md
+++ b/doc/raketasks/backup_restore.md
@@ -79,6 +79,9 @@ gitlab_rails['backup_upload_connection'] = {
'region' => 'eu-west-1',
'aws_access_key_id' => 'AKIAKIAKI',
'aws_secret_access_key' => 'secret123'
+ # If using an IAM Profile, leave aws_access_key_id & aws_secret_access_key empty
+ # ie. 'aws_access_key_id' => '',
+ # 'use_iam_profile' => 'true'
}
gitlab_rails['backup_upload_remote_directory'] = 'my.s3.bucket'
```
@@ -95,12 +98,16 @@ For installations from source:
region: eu-west-1
aws_access_key_id: AKIAKIAKI
aws_secret_access_key: 'secret123'
+ # If using an IAM Profile, leave aws_access_key_id & aws_secret_access_key empty
+ # ie. aws_access_key_id: ''
+ # use_iam_profile: 'true'
# The remote 'directory' to store your backups. For S3, this would be the bucket name.
remote_directory: 'my.s3.bucket'
# Turns on AWS Server-Side Encryption with Amazon S3-Managed Keys for backups, this is optional
# encryption: 'AES256'
```
+
If you are uploading your backups to S3 you will probably want to create a new
IAM user with restricted access rights. To give the upload user access only for
uploading backups create the following IAM profile, replacing `my.s3.bucket`