Acronis Cyber Protect Cloud With Wasabi
- 11 Apr 2024
- Print
- PDF
Acronis Cyber Protect Cloud With Wasabi
- Updated on 11 Apr 2024
- Print
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
How do I use Acronis Cyber Protect Cloud with Wasabi?
Acronis Cyber Protect Cloud represents an all-in-one cyber protection solution that integrates backup and recovery, disaster recovery, malware prevention, security controls, remote assistance, monitoring, and reporting. Wasabi can now be used as a destination for the Cyber Protect backups.
Prerequisites
- An active Acronis Cyber Protect Cloud account to access Cyber Protection Service
- If you are an Acronis partner, you should create accounts for your customers
- If you are a customer of an Acronis partner, you should receive the user account from your partner
- Have Cyber Administrator, User or Company Administrator access.
- A Wasabi Cloud Storage account
Reference Architecture
Access requirements needed to backup to Wasabi
To define a Wasabi bucket as a backup location, there are a few requirements that need to be considered.
- A Wasabi Bucket needs to be created.
- A user with relevant policies needs to be created.
For security purposes, root user access keys cannot be used to define a backup location in Acronis. A user with relevant policies (detailed below) should be created. The credentials of this user will be used to define the Backup Location in Acronis.
The sections below outline the steps to fulfill the access requirements needed to create a Wasabi backup location in Acronis.
Bucket Creation
Create a bucket. See Creating a Bucket.
Policy permissions
This section provides examples of the access policies that can be used. Using one of the examples, create a policy to be applied to the user. See Create a policy
Example 1
This policy gives the user minimum set of permissions to a wide scope of resources.
Note: In the policy, * indicates all resources.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "s3:GetBucketLocation",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"iam:CreateRole",
"iam:AttachRolePolicy",
"sts:GetCallerIdentity",
"sts:AssumeRole"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "*"
}
]
}Example 2
This policy gives the user minimum set of permissions to a specific bucket.
Note: [BUCKETNAME] should be replaced with the name of the bucket and [ACCOUNTID] with the ID of the Wasabi account.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "s3:GetBucketLocation",
"Resource": "arn:aws:s3:::[BUCKETNAME]"
},
{
"Effect": "Allow",
"Action": [
"iam:CreateRole",
"iam:AttachRolePolicy",
"sts:GetCallerIdentity",
"sts:AssumeRole"
],
"Resource": "arn:aws:iam::[ACCOUNTID]:*"
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::[BUCKETNAME]/*"
},
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::[BUCKETNAME]"
}
]
}Creating a user
Create a user with programmatic (create API key) access and apply the policy created above to the user. See Creating a User
Note: Remember to save the access keys as they will be needed to define the backup location.
We can now proceed to create the backup location in Acronis Cyber Protect console.
Creating a backup location in Acronis Cyber Protect console
1. Log in to the Acronis Cyber Protect console. Click on "Backup Storage".
2. In the Backup Storage tab, click on "+Add Location".
3. Navigate to Public cloud and select "Wasabi" from the dropdown menu.
4. Click on "Add new connection".
5. In the Wasabi connection dialog box, provide the following details and click "Connect".
- Connection name - a name for a Wasabi connection (Wasabi-2 in the example below)
- Access key ID - access key of the Wasabi user created in section Access requirements needed to backup to Wasabi.
- Access key - secret access key of the Wasabi user created in section Access requirements needed to backup to Wasabi.
6. The Wasabi connection created in the previous step is populated in the S3-compatible connection field. Provide a Location name (Wasabi central in our example) and select the bucket created in the section Access requirements needed to backup to Wasabi from the Buckets dropdown menu. (You can use the search bar to search for the bucket). Click "Add".
7. The Locations page will display the newly added location.
Next step is to create a Protection plan with Wasabi storage or edit an existing plan to add Wasabi as the storage destination.
Creating a Protection plan with a Wasabi location
1. Navigate to Devices --> All devices.
2. Select the required device and click on "Protect".
.png)
3. Click on "Create plan" to expand the menu and click on "Protection".
4. Provide a name for the Backup plan and click on "Where to backup" to configure Wasabi as the backup destination.
5. Select the Wasabi location created in Creating a backup location in Acronis Cyber Protect console.
6. Configure the other fields as desired. Confirm the backup destination is Wasabi storage and click "Create".
7. The protection plan with Wasabi storage will be created and assigned to the device.
The backups of this device will be stored in Wasabi cloud storage.
Assigning Wasabi location to an existing Protection plan
1. To assign the Wasabi location created earlier to a protection plan, navigate to Management --> Protection Plans. Select the desired protection plan and click "Edit".
2. In the Details dialog box, click on "Where to back up".
3. In the 'Where to back up' dialog box, select the Wasabi location created in Creating a backup location in Acronis Cyber Protect console.
4. Confirm the 'Where to back up' field now displays the added location. Click "Save".
The backups of the devices assigned to this protection plan will be stored in Wasabi cloud storage.
