AWS S3
Connect your own Amazon S3 bucket to store GitSec backups.
Prerequisites
- An AWS account with access to S3.
- An S3 bucket created in your desired region.
- An IAM user or role with read/write access to the bucket.
- The Access Key ID and Secret Access Key for the IAM user.
Setup Steps
- Navigate to Storage in the sidebar.
- Click Add Storage Provider.
- Select the AWS S3 card.
- Fill in the connection form:
| Field | Description |
|---|---|
| Connection Name | A label to identify this storage connection (e.g., "Production S3 Backup"). |
| Bucket Name | The name of your S3 bucket. |
| Region | The AWS region where the bucket is located (e.g., eu-west-1). |
| Access Key ID | The AWS access key for authentication. |
| Secret Access Key | The AWS secret key for authentication. |
- Click Test Connection to verify GitSec can access the bucket.
- If the test succeeds, click Save to complete the setup.
tip
Click Show Instructions on the form for detailed guidance on creating the required IAM policy and bucket configuration.
Required IAM Permissions
Your IAM user or role needs the following S3 permissions on the target bucket:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::your-bucket-name",
"arn:aws:s3:::your-bucket-name/*"
]
}
]
}
Replace your-bucket-name with your actual bucket name.
Security Recommendations
- Use a dedicated IAM user with only the permissions listed above.
- Enable bucket versioning for additional protection.
- Consider enabling server-side encryption (SSE-S3 or SSE-KMS) on the bucket.
- Restrict bucket access to only the GitSec IAM user.