Skip to content

The module does not work with S3 buckets #88

New issue
New issue
Open
Open
The module does not work with S3 buckets#88
Labels
bug🐛 An issue with the system
@obervinov

Description

@obervinov
obervinov
opened on Aug 14, 2024

Describe the Bug

The IAM role uses the AWSBackupServiceRolePolicyForBackup policy, this policy does not contain the necessary permissions to back up s3 buckets.
A different built-in AWSBackupServiceRolePolicyForS3Backup policy should be used for s3 backups.
https://github.com/cloudposse/terraform-aws-backup/blob/v1/main.tf#L129

Expected Behavior

The created IAM role also contains arn policies
policy_arn = “arn:${data.aws_partition.current.partition}:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForS3Backup”

Steps to Reproduce

module "aws_backup" {
  source  = "cloudposse/backup/aws"
  version = "1.0.1"

  name             = "backup"
  plan_name_suffix = "backup-plan"
  vault_enabled    = true
  iam_role_enabled = true
  plan_enabled     = true
  backup_resources = [
    arn:aws:s3:::bucket-1,
    arn:aws:s3:::bucket-2,
    arn:aws:s3:::bucket-3
  ]
  rules = [
    {
      name      = "backup-rule"
      schedule  = "cron(0 6 * * ? *)"
      lifecycle = { delete_after = 7 }
    }
  ]
}

Screenshots

Снимок экрана 2024-08-14 в 17 45 38

Environment

  • OS: OSX
  • Version: 14.5
  • Module version: 1.0.1
  • Terraform version: 1.9.3

Additional Context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug🐛 An issue with the system

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions