LastBackupLastBackup
Storage

AWS S3

Configure Amazon S3 for database backups

AWS S3

Amazon S3 is the most widely used object storage service.

Configuration

FieldValue
Endpointhttps://s3.amazonaws.com or https://s3.<region>.amazonaws.com
RegionYour bucket region (e.g., us-east-1, eu-west-1)
BucketYour S3 bucket name
Access KeyIAM access key ID
Secret KeyIAM secret access key

IAM Policy

Create an IAM user with the following minimum permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:GetObject",
        "s3:DeleteObject",
        "s3:ListBucket"
      ],
      "Resource": [
        "arn:aws:s3:::your-bucket-name",
        "arn:aws:s3:::your-bucket-name/*"
      ]
    }
  ]
}

Best Practices

  • Enable versioning for additional protection
  • Configure lifecycle rules to transition old backups to Glacier
  • Use server-side encryption (SSE-S3 or SSE-KMS)
  • Use VPC endpoints for private network access

Storage Configuration

Configure S3-compatible storage for your database backups

Cloudflare R2

Configure Cloudflare R2 for database backups

On this page

AWS S3ConfigurationIAM PolicyBest Practices
AWS S3 | LastBackup