storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/docs/bucket/replication/setup_replication.sh (about) 1 #!/bin/sh 2 3 # create buckets with versioning enabled 4 mc mb source/bucket --l # --l flag enables object locking.If not needed, uncomment the 'mc version enable' commands 5 mc mb dest/bucket --l 6 #mc version enable source/bucket 7 #mc version enable dest/bucket 8 9 #### Create a replication admin on source alias 10 # create a replication admin user : repladmin 11 mc admin user add source repladmin repladmin123 12 13 # create a replication policy for repladmin 14 cat > repladmin-policy-source.json <<EOF 15 { 16 "Version": "2012-10-17", 17 "Statement": [ 18 { 19 "Action": [ 20 "admin:SetBucketTarget", 21 "admin:GetBucketTarget" 22 ], 23 "Effect": "Allow", 24 "Sid": "" 25 }, 26 { 27 "Effect": "Allow", 28 "Action": [ 29 "s3:GetReplicationConfiguration", 30 "s3:PutReplicationConfiguration", 31 "s3:ListBucket", 32 "s3:ListBucketMultipartUploads", 33 "s3:GetBucketLocation", 34 "s3:GetBucketVersioning" 35 ], 36 "Resource": [ 37 "arn:aws:s3:::bucket" 38 ] 39 } 40 ] 41 } 42 EOF 43 mc admin policy add source repladmin-policy ./repladmin-policy-source.json 44 cat ./repladmin-policy-source.json 45 46 #assign this replication policy to repladmin 47 mc admin policy set source repladmin-policy user=repladmin 48 49 ### on dest alias 50 # Create a replication user : repluser on dest alias 51 mc admin user add dest repluser repluser123 52 53 # create a replication policy for repluser 54 # Remove "s3:GetBucketObjectLockConfiguration" if object locking is not enabled, i.e. bucket was not created with `mc mb --with-lock` option 55 # Remove "s3:ReplicateDelete" if delete marker replication is not required 56 cat > replpolicy.json <<EOF 57 { 58 "Version": "2012-10-17", 59 "Statement": [ 60 { 61 "Effect": "Allow", 62 "Action": [ 63 "s3:GetReplicationConfiguration", 64 "s3:ListBucket", 65 "s3:ListBucketMultipartUploads", 66 "s3:GetBucketLocation", 67 "s3:GetBucketVersioning", 68 "s3:GetBucketObjectLockConfiguration" 69 ], 70 "Resource": [ 71 "arn:aws:s3:::bucket" 72 ] 73 }, 74 { 75 "Effect": "Allow", 76 "Action": [ 77 "s3:GetReplicationConfiguration", 78 "s3:ReplicateTags", 79 "s3:AbortMultipartUpload", 80 "s3:GetObject", 81 "s3:GetObjectVersion", 82 "s3:GetObjectVersionTagging", 83 "s3:PutObject", 84 "s3:DeleteObject", 85 "s3:ReplicateObject", 86 "s3:ReplicateDelete" 87 ], 88 "Resource": [ 89 "arn:aws:s3:::bucket/*" 90 ] 91 } 92 ] 93 } 94 EOF 95 mc admin policy add dest replpolicy ./replpolicy.json 96 cat ./replpolicy.json 97 98 #assign this replication policy to repluser 99 mc admin policy set dest replpolicy user=repluser 100 101 # define remote target for replication from source/bucket -> dest/bucket 102 mc admin bucket remote add repladminAlias/bucket http://repluser:repluser123@localhost:9000/bucket --service replication --region us-east-1 103 104 echo "Now, use this ARN to add replication rules using 'mc replicate add' command" 105 # use arn returned by above command to create a replication policy on the source/bucket with `mc replicate add` 106 #mc replicate add source/bucket --priority 1 --remote-bucket bucket --arn arn:minio:replication:us-east-1:21fb52f5857473e2dbdcf62dcac21240861caf0f8301c3d26aad4de7677869c7:bucket --replicate delete-marker,delete