I note that S3 backup can be enabled.
I’m not entirely sure about the S3 permissions but is there a way to only allow one admin (me) to view and set the two keys required for this? Or do all admins have the rights to access the S3 keys?
I note that S3 backup can be enabled.
I’m not entirely sure about the S3 permissions but is there a way to only allow one admin (me) to view and set the two keys required for this? Or do all admins have the rights to access the S3 keys?
All admins have access to everything. If you cannot trust your admin(s) with S3 keys, don’t make them admins. Moderators do not have access to site settings, and therefore are a good alternative if you need users to have control over content on the forums, but not settings.
Well I was hoping that there would be a way to display encrypted S3 keys such as used with Travis-ci and ones GitHub .travis.yml
repository file. The decryption key could be stored in the file system. It just creates an extra layer of security.
Do the backup logs contain the S3 keys? If not , then I might look at encrypting them.
Backups contain the database, and the site settings are all on the database.
If you are concerned about the level of S3 access you are giving away by putting S3 keys in plaintext in Discourse backups, you could create a user which is specifically for backup of that discourse instance and has access to nothing else on AWS. (I got most of this policy from various blogs but I can’t remember where exactly so unfortunately I can’t give credit)
NAME_OF_YOUR_S3_BUCKET
with the actual name of your S3 backup bucket.{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::NAME_OF_YOUR_S3_BUCKET",
"arn:aws:s3:::NAME_OF_YOUR_S3_BUCKET/*"
]
}
]
}