IAM Role and KMS key support

Giovanni VecchiGiovanni Vecchi Active Member Contributor
Hi guys,
I need to backup my Percona XtraDB database from EC2 instances to S3 bucket, but bucket content needs to be encrypted with our own key hosted on KMS service.
I'm running 2.4.19 version on Ubuntu 18.04, but I can't find any reference about IAM Role and KMS key support in xbcloud --help, isn't it?
The only confirm about IAM Role support (but not KMS key) I found is on page 12 of "Percona XtraBackup Current and Future State" Tyler Duzan pdf for FOSDEM 2020.

Thanks!

Comments

  • Giovanni VecchiGiovanni Vecchi Active Member Contributor
    My current workaround:
    - Install aws cli
    - Create a local system user called xtrabackup
    - Create a MySQL user called xtrabackup, auth method: auth_socket
    - Backup via 
    sudo -u xtrabackup xtrabackup --user=xtrabackup --backup --stream=xbstream --galera-info --target-dir=/tmp 2>/dev/null | aws s3 cp - s3://<bucket>/<dump_db_file_name> --region <region> --sse aws:kms --sse-kms-key-id <kms_key_id>


Sign In or Register to comment.

MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright ©2005 - 2020 Percona LLC. All rights reserved.