Solved

Unable to use 2 IAM roles with 1 shared Cloud Library Mount Path

  • 12 January 2021
  • 1 reply
  • 64 views

Userlevel 3
Badge +3

Hi Team 

 

While configuring a Cloud Library we would like to have separate IAM roles for different Buckets pointing to different AWS location, how can I achieve this?

icon

Best answer by Winston W 12 January 2021, 06:32

View original

1 reply

Userlevel 3
Badge +4

Hi Jon 

 

By default Commvault will propogate the IAM credentials to other Shared path based on the IAM policy set on the preferred Device Controller

You can change this behavior and have different IAM credentials assigned to different Bucket within the same Library by changing the following setting (Media Management - https://documentation.commvault.com/commvault/v11/article?p=11022.htm)

  • Update cloud library credential to selected device controller only:

    • Definition: When this option is enabled, you can set different access credentials for individual device controller on the same cloud device.

    • Default Value: 0

    • Range: 0 (disabled) 1 (enabled)

    • Usage: When this parameter is disabled, any changes made on one controller of the cloud device will be copied to all the other existing controllers. When the parameter is enabled, then from CommCell Console you can modify the access credentials of only the edited controller.

  • After this MMConfig option is turned on, from the mount path sharing edit the second credential to access the cloud library path .

  • Once you change the setting to "1" the IAM role does not automatically propgate the IAM credentials and allows independent IAM roles assigned to different MediaAgent with in the same Cloud Bucket

Kind Regards

Winston 

Reply