Created
October 12, 2017 21:43
-
-
Save mahemoff/f828acf69bd00d8db06b085221c92b3e to your computer and use it in GitHub Desktop.
AWS backup folder from command-line with compression and encryption
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Install Python and aws | |
[pip install awscli](https://docs.aws.amazon.com/cli/latest/userguide/installing.html) | |
You may need to add it to your path, e.g. export PATH="$PATH:/home/player/.local/bin" | |
### Setup AWS S3 bucket | |
* In S3, create a new backup bucket. You may wish to set it up with versioning and lifecycle management rules so that you can just keep pushing to the same object and old versions will be deleted and/or moved to Glacier. Also recommended to establish tags and logging if cost is likely to be significant and therefore should be tracked. | |
* In IAM, create a programmatic user and ensure it has an access key and secret access key | |
* In IAM, give this user "ALLOW" access to the S3 bucket | |
* In S3, under policies, set a policy to give this user write-only access | |
### Configure the client | |
> aws configure | |
Enter credentials from above | |
### Make a gpg password | |
Add a long random string to /home/me/gpg_pass | |
### Pipe to S3! | |
> tar c data | gpg --no-use-agent -c --passphrase=/home/me/gpg_pass | aws s3 cp - s3://backups/backup.txt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment