diff options
| -rw-r--r-- | config/gitlab.yml.example | 1 | ||||
| -rw-r--r-- | doc/raketasks/backup_restore.md | 37 |
2 files changed, 13 insertions, 25 deletions
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index ad1db4b4f43..93510356208 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -216,6 +216,7 @@ production: &base # # Fog storage connection settings, see http://fog.io/storage/ . # connection: # provider: AWS + # region: eu-west-1 # aws_access_key_id: AKIAKIAKI # aws_secret_access_key: 'secret123' # # The remote 'directory' to store your backups. For S3, this would be the bucket name. diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md index 06ec88c3d58..9318f0390f8 100644 --- a/doc/raketasks/backup_restore.md +++ b/doc/raketasks/backup_restore.md @@ -58,6 +58,7 @@ For omnibus packages: ```ruby gitlab_rails['backup_upload_connection'] = { 'provider' => 'AWS', + 'region' => 'eu-west-1', 'aws_access_key_id' => 'AKIAKIAKI', 'aws_secret_access_key' => 'secret123' } @@ -73,6 +74,7 @@ For installations from source: # Fog storage connection settings, see http://fog.io/storage/ . connection: provider: AWS + region: eu-west-1 aws_access_key_id: AKIAKIAKI aws_secret_access_key: 'secret123' # The remote 'directory' to store your backups. For S3, this would be the bucket name. @@ -81,15 +83,15 @@ For installations from source: If you are uploading your backups to S3 you will probably want to create a new IAM user with restricted access rights. To give the upload user access only for -uploading backups create the following three profiles, replacing `my.s3.bucket` +uploading backups create the following IAM profile, replacing `my.s3.bucket` with the name of your bucket: ```json { - "Version": "2014-09-29", + "Version": "2012-10-17", "Statement": [ { - "Sid": "Stmt1411994999", + "Sid": "Stmt1412062044000", "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", @@ -97,42 +99,27 @@ with the name of your bucket: "s3:GetBucketLocation", "s3:GetObject", "s3:GetObjectAcl", - "s3:ListMultipartUploadParts", + "s3:ListBucketMultipartUploads", "s3:PutObject", "s3:PutObjectAcl" ], "Resource": [ "arn:aws:s3:::my.s3.bucket/*" ] - } - ] -} -``` - -```json -{ - "Version": "2014-09-29", - "Statement": [ + }, { - "Sid": "Stmt1411995081", + "Sid": "Stmt1412062097000", "Effect": "Allow", "Action": [ - "s3:ListAllMyBuckets", "s3:GetBucketLocation" + "s3:GetBucketLocation", + "s3:ListAllMyBuckets" ], "Resource": [ "*" ] - } - ] -} -``` - -```json -{ - "Version": "2014-09-29", - "Statement": [ + }, { - "Sid": "Stmt1411995608", + "Sid": "Stmt1412062128000", "Effect": "Allow", "Action": [ "s3:ListBucket" |