Setting up an S3 compatible target

R‑Cloud supports using an S3 compatible target to store data in the storage provided by S3 or any of the supported S3 compatible cloud storage solutions.

Prerequisites

An S3 compatible account must be added to R‑Cloud and it must have the required permissions granted to access the target that you are adding. For details, see Adding an S3 compatible account.
The S3 bucket must be created and configured in Amazon S3 or any of the supported S3 compatible cloud storage solutions. For a list of supported cloud storage solutions, see the HYCU R‑Cloud Compatibility Matrix.
For Cloudian, Nutanix Objects, and Dell ECS targets:
- An AWS account, an Azure resource group, or a Google Cloud project must be added as a source to R‑Cloud. For details, see Adding sources.
- Only if the target is accessible exclusively from a private network. The data movers that are created during data protection operations must have access to the endpoint used by the target. Assign the data mover configuration that uses the appropriate networking parameters to the entity whose data you plan to store on the target. For details, see Creating a data mover configuration.
- If the target is accessible exclusively from a private network, the data movers must have access to the endpoint used by the targets. Assign the entity whose protected data you plan to store on the target the data mover configuration that defines the appropriate networking parameters. For details, see Creating a data mover configuration.
Only if you want the data stored on this target to be encrypted by using the customer managed key management type. The length of your AES-256 key must be 32 bytes.
Only if you want to add compute as part of setting up a target. Depending on which cloud platform you want to use for compute, you must have an Azure resource group, an AWS account, or a Google Cloud project created in cloud.

Limitations

Storing data to a publicly available target is not supported.
Storing data to a target on which lifecycle management is enabled is not supported and may result in data loss.
Only if you plan to enable target encryption. The following limitations apply:
- Target encryption is limited to the SaaS application data.
- R‑Cloud cannot encrypt data of the SaaS applications that are related to R‑Cloud modules that use staging targets or only use snapshots to store backup data. For details, see the relevant topics for your SaaS application in Protecting SaaS applications

Considerations

You can set up the same target in multiple protection sets.
Storing data to a target that has Object Lock (WORM) enabled is supported.
For Cloudian, Nutanix Objects, and Dell ECS targets that are accessible exclusively from a private network: When adding such a target, R‑Cloud will not check if the target exists and if the selected cloud account has the necessary permissions to perform all operations on the target. As a result, until the first backup is performed, the target will be in the Pending state.
Only if you plan to enable target encryption. The following limitations apply:
- Target encryption is limited to the SaaS application data.
- R‑Cloud cannot encrypt data of the SaaS applications that are related to R‑Cloud modules that use staging targets or only use snapshots to store backup data. For details, see the relevant topics for your SaaS application in Protecting SaaS applications

Procedure

In the Targets panel, click Add.
Select S3 Compatible, and then click Next.
In the Bucket Name, enter the name of an existing bucket that will store protected data.
In the Size Quota field, specify the amount of storage space that should be used for storing data (in MiB, GiB, or TiB).

 Important The specified amount represents a soft limit, therefore actual usage may exceed it.
Use the Enforce quota switch to stop running backups if this target reaches its size quota. The backups will start running again after you increase the size quota of this target or assign a different policy to the entities. Such a policy must use a target with the sufficient size quota.
Use the Target encryption switch if you want the SaaS application data stored on this target to be encrypted.
1. From the Key Management Type drop-down menu, select one of the following:
  - Select HYCU managed if you want the encryption key to be provided and managed by HYCU.
  - Select Customer managed if you want to provide and manage the encryption key by yourself.
2. Only if you selected the customer managed key management type. In the AES-256 Encryption Key field, browse for and select your AES-256 binary key.
  
   Note If you later decide to edit the target, the AES-256 Encryption Key field will remain populated.
From the Service Provider drop-down menu, select your S3 compatible service provider.
Only if you are adding a Cloudian, a Nutanix Objects, or a Dell ECS target that is accessible exclusively from a private network. If the target is accessible exclusively from a private network, enable the Private target switch.
From the Cloud Account drop-down menu, select the S3 compatible account that you want to be used for performing all operations on the target.

By clicking Add New, you are automatically redirected to the dialog box that enables you to add the preferred cloud account to R‑Cloud, if not already added.
Only if you are adding an OVHcloud S3 compatible target. In the Region field, enter the prefix of the region where the target is located (for example, DE).
Optional. Click Add Compute to add an AWS account, an Azure resource group, or a Google Cloud project as compute for creating the data movers. For details on how to perform the required steps, see Adding compute.
Click Save.

The target is added to the list of targets in the Targets panel. For details on managing targets, see Managing targets.