Last modified August 22, 2025

Integration with JetBackup 5

To improve security and maintain better control over your JetBackup Storage S3 Buckets, it is recommended to create dedicated IAM sub-users with limited permissions. This guide will walk you through the process of creating a sub-user, generating access keys, assigning a bucket-specific policy, and integrating your JetBackup Premium Cloud Storage with JetBackup 5. By the end, you’ll have a fully configured and ready-to-use backup destination.

Regions Endpoints URLS:

eu-central-2.storage.jetbackup.com 
eu-west-1.storage.jetbackup.com 
eu-west-2.storage.jetbackup.com 
eu-east-1.storage.jetbackup.com 

Step 1:

Adding a bucket

  1. Add a bucket, use a name to represent the server

  2. Do not enable Bucket Versioning / Object Lock

Step 2:

Create a subuser for the server

  1. Navigate to the ‘users’ tab, and click ‘Add User’.

  2. Fill out the E-Mail and Password for the user

  3. Use a strong password from a Password Generator for security. Please note that you don’t need to save the password, we will not use it

Step 3:

Add a Bucket Policy

  1. Create a policy for the bucket. Use the server name for the policy name
    • Policy template: Make sure to replace BUCKET_NAME in the “Resource” section below.

Here is a simple example of a policy that grants full access to a bucket name ‘BUCKET_NAME’:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:*",
      "Resource": [
        "arn:aws:s3:::BUCKET_NAME",
        "arn:aws:s3:::BUCKET_NAME/*"
      ]
    }
  ]
}

Advanced Bucket Policy (Limited Access)

This policy grants limited access to a specific S3 bucket and its contents.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "LimitedBucketAccess",
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket",
        "s3:ListAllMyBuckets",
        "s3:ListBucketVersions",
        "s3:ListBucketMultipartUploads",
        "s3:GetBucketLocation",
        "s3:GetObject",
        "s3:GetObjectVersion",
        "s3:GetObjectTagging",
        "s3:GetBucketObjectLockConfiguration",
        "s3:GetBucketVersioning",
        "s3:GetObjectLegalHold",
        "s3:GetObjectRetention",
        "s3:CreateBucket",
        "s3:PutBucketObjectLockConfiguration",
        "s3:PutBucketVersioning",
        "s3:DeleteObjectVersion",
        "s3:PutObjectRetention",
        "s3:BypassGovernanceRetention",
        "s3:DeleteObject",
        "s3:DeleteObjectTagging",
        "s3:PutObject",
        "s3:PutObjectTagging",
        "s3:PutObjectAcl",
        "s3:CreateMultipartUpload",
        "s3:UploadPart",
        "s3:ListMultipartUploadParts",
        "s3:CompleteMultipartUpload",
        "s3:AbortMultipartUpload"
      ],
      "Resource": [
        "arn:aws:s3:::BUCKET_NAME",
        "arn:aws:s3:::BUCKET_NAME/*"
      ]
    }
  ]
}

  1. Create a group, then assign the previously created user and policy to the group.

  1. Go back to Groups, click Edit, and ensure that both the user and the policy are assigned by checking their boxes and clicking Save.

Step 4:

Create an access key for the user

  1. Navigate to the Users tab, click Edit, and then select Access Keys. From this page, you can generate a new Access Key for the user.

  1. Save the Access Keys in a secure location, as they cannot be retrieved once lost.

Step 5:

Adding the destination in JetBackup 5

  1. Open JetBackup 5 and navigate to Destinations > “+ Create New Destination

  2. Enter the JetBackup Storage credentials

  1. Lastly, assign the destination to your backup jobs.

Your backups will now be stored to your JetBackup Premium Cloud Storage!