I started this blog/website years ago, I never really thought I would publish much in it. It was supposed to be more or less a front page but I started realising I enjoy writing, not only about my point of view but also explaining tech subjects and small tutorials. So when I found out that a couple of months ago my website got somehow corrupted and I lost all the posts I had written over the years I was pretty bummed about it. Because I had only posted every couple of months I didn’t really bother making backups. It didn’t seem like I needed to. Well, one way or another my Godaddy WordPress got messed up and after failing to get adequate support from their engineers I decided to start over on a Vultr server but this time with fortnightly backups to an s3 bucket.
I found a thorough tutorial here:
https://wpbuffs.com/wordpress-backup-to-s3/
Great thorough tutorial but there it tells you to use your AWS root key and secret with the backup tool, which for those who are not into tech, you should never do, it gives access to your entire AWS account. If someone got a hold of the credentials they could run a bill of tens of thousands overnight.
The plug-in I’m using for backup is updraftplus , it supports all these backend backup solutions
On the Updraftplus website, it give you the correct AWS policy with the correct permissions
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads"
],
"Resource": "arn:aws:s3:::mybucket",
"Condition": {}
},
{
"Effect": "Allow",
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:DeleteObjectVersion",
"s3:GetObject",
"s3:GetObjectAcl",
"s3:GetObjectVersion",
"s3:GetObjectVersionAcl",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:PutObjectVersionAcl"
],
"Resource": "arn:aws:s3:::mybucket/*",
"Condition": {}
},
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*",
"Condition": {}
}
]
}
Website: https://updraftplus.com/faqs/what-settings-should-i-use-for-amazon-s3-and-how-should-i-configure-my-amazon-s3-account/
Once you have the correct policy and have created the bucket, it was ready. Updraftplus worked like a charm.