WordPress Backwpup to S3 and AWS permissions

Escrito na categoria "DevOps" por Alex Benfica.

If you have a WordPress blog, it makes sense to use an automatic way of backing up your data to some cloud storage solution. AWS S3 is the most popular and many WordPress plugins allow you to automatic schedule your backups to be uploaded to it. One plugin that does a very good job is the Backwpup. Even using the free version you can still have your backups saved to the cloud very easily.

When using S3 or any other cloud solutions you must provide some sort of authentication. It is a good practice to provide only the required permissions and nothing more.

For Backwpup when uploading to S3 this plugin, the minimum permissions you will need are listed bellow.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucketMultipartUploads",
                "s3:AbortMultipartUpload",
                "s3:ListBucketVersions",
                "s3:ListBucket",
                "s3:DeleteObject",
                "s3:GetBucketLocation",
                "s3:ListMultipartUploadParts"            ],
            "Resource": [
                "arn:aws:s3:::your-bucket-name",
                "arn:aws:s3:::your-bucket-name/*"
            ]
        }
    ]
}

How to secure backup your WordPress site?

If you ara using the plugin to upload backups to S3, you should make your S3 key very specific for this task.

Sobre o autor

Autor Alex Benfica

IT professional with over 20 years of experience in industry. BSc in Computational Mathematics, always learning and enthusiastic about software development and automation. Full stack developer proficient in Javascript, Node, React, Python, Docker, API design and many more!

Leave a Reply