Permissions required for Amazon S3 cloud provider user
The Amazon (S3) cloud provider, requires the following permissions to work with NetBackup:
s3:ListAllMyBuckets
s3:ListBucket
s3:GetBucketLocation
s3:GetObject
s3:PutObject
s3:GetObjectTagging
s3:GetObjectAcl
s3:PutObjectAcl
s3:PutObjectTagging
s3:RestoreObject
s3:PutObjectRetention
s3:BypassGovernanceRetention
s3:GetBucketObjectLockConfiguration
s3:Getobjectretention
To use the object change tracking feature, add the following additional permission for the source buckets:
s3:GetBucketLogging
s3:GetBucketAcl
To use the object change tracking feature, add only the following permissions in the log buckets:
s3:ListBucket
s3:GetObject
s3:GetBucketAcl