Configure an Amazon S3 (Amazon Simple Storage Service) target for archive or backup
Export to Amazon S3 is not enabled by default. After you enable Amazon S3, you can configure it for archives and backup. Learn how to enable the service, and understand the configuration parameters that are used in the archive and backup pages.
Before you begin
- An Amazon account and registration for the S3 service.
- Amazon S3 credentials:
- Access Key ID: identifies user as the party responsible for service requests. It needs to be included it in each request. It is not confidential and does not need to be encrypted. (20-character, alphanumeric sequence).
- Secret Access Key: The Secret Access Key (40-character sequence) is associated with Access Key ID calculating a digital signature that is included in the request. The Secret Access Key is a secret, for use only by AWS and the user. This key is just a long string of characters (and not a file) that is used to calculate the digital signature that needs to be included in the request. The Secret Access Key is encrypted when saved into the database.
- S3 Bucket Name: Every object that is stored in Amazon S3 is contained in a bucket. Buckets partition the namespace of objects that are stored in Amazon S3. Within a bucket, you can use any names for your objects, but bucket names must be unique across all of Amazon S3.
- The clock time of Guardium system must be correct (within 15 minutes). Otherwise, requests are
not accepted. If the Guardium system time is not correct, set the correct time by using the
following CLI commands:
show system ntp server store system ntp server (An example is ntp server: ntp.swg.usma.ibm.com) store system ntp state on