Registering Amazon S3 cloud account in Replication Manager

You must have valid Amazon S3 credentials to register the cloud account with Replication Manager.

Consider the following requirements before you register an Amazon S3 cloud account in Replication Manager:
  • You need a cloud bucket with user credentials that you can enter in Replication Manager, so Replication Manager can access the bucket.
  • The bucket has to have enough space for the replicated data, and write permissions to copy the data.
  • The bucket needs to support cloud storage encryption types supported by Replication Manager (SSE-S3 & SSE-KMS).

When you add cloud credentials for your Amazon S3 account, you can choose one of the following authentication methods:

  • Access secret key. To use this authentication type, you require an AWS Access Key and an AWS Secret key that you obtain from Amazon. Cloudera Manager stores these values securely and does not store them in world-readable locations. The credentials are masked and encrypted in the configurations passed to processes managed by Cloudera Manager, and redacted from the logs.
  • IAM role. Amazon Identity and Access Management (IAM) can be used to create users, groups, and roles for use with Amazon Web Services, such as EC2 and Amazon S3. IAM role-based access provides the same level of access to all clients that use the role.

    For information about configuring AWS credentials, see Introduction to role based provisioning credential in AWS.

  1. Go to Replication Manager > Cloud Credentials page, and click Add.
  2. In the Add Cloud Credential window, perform the following steps:
    1. Select the Cluster.
    2. Select S3 as the Cloud Storage Type.
    3. Name - Provide a unique cloud credential name.
    4. Authentication Type - Select one of the following authentication type:
      • Select the authentication type as Access Secret Key from the drop-down.
        • Access Key - Enter the valid access key.
        • Secret Key - Enter the valid secret key.
      • Select IAM Role if the conditions mentioned in the IAM Role conditions section are met, and click Save.
  3. Click Validate.
Verify whether the credentials are listed on the Cloud Credentials page.