New backup destination: Amazon AWS S3 (D8)

I second this!

Since May 2018, I've used AWS S3 as for offline backups along with Backup and Migrate.

My setup is external to Backup and Migrate and do not rely on other Drupal modules. Basically I do this:

1. Configure Backup and Migrate to scheduled backups to the local private filesystem
2. Have a Unix cron-job that run a script built upon s3cmd to sync the local private filesystem with AWS S3 just after Backup and Migrate have created a scheduled backup.

This works well enough for me to rely on it for all the production sites I am in charge of. However, I would welcome an option to set AWS S3 as a backup destination as part of Backup and Migrate.

We do this too but use the aws cli, https://aws.amazon.com/cli/, for syncing a folder to S3.

Alternatively there is rclone, https://rclone.org/, which apart from supporting many cloud storage providers, also supports FTP/SFTP.
I don't use this for our production but at home and it works well.

hi snehalgaikwad, any news on the patch for this feature?

Added new destination Amazon AWS S3 for backup.

Updating patch with few changes.

Hi,

I've tested out the patch

1) Even though I've added $settings[backup_migrate_aws_access_key] and $settings[backup_migrate_aws_key_id] in my settings.php, the notification for "Please store access key id an secret key id" does not disappeared.

2) When trying out quick backup to my s3 the error appeared as below:

Error executing "PutObject" on "https://[mybucket].s3.ap-southeast-1.amazonaws.com/backup-2019-08-08T08-59-22.mysql.gz"; AWS HTTP error: Client error: `PUT https://[mybucket].s3.ap-southeast-1.amazonaws.com/backup-2019-08-08T08-59-22.mysql.gz` resulted in a `400 Bad Request` response: <?xml version="1.0" encoding="UTF-8"?> AuthorizationHeaderMalformedThe authorization header (truncated...) AuthorizationHeaderMalformed (client): The authorization header is malformed; the Credential is mal-formed; expecting "/YYYYMMDD/REGION/SERVICE/aws4_request". - <?xml version="1.0" encoding="UTF-8"?> AuthorizationHeaderMalformedThe authorization header is malformed; the Credential is mal-formed; expecting "<YOUR-AKID>/YYYYMMDD/REGION/SERVICE/aws4_request".2DD8E33313675943SLNdBHyovR2mDwwII5JnVbgVg4/P01Wqe4SvsekDDnzsl1Di1X475y3f1GMfBuMeTB8tyAGxE9g=

edit:

now I am using the latest development for backup and migrate module updated 13 Apr 2019 at 01:38 UTC

I've now received the following error when quick backup to amazon s3

Error executing "PutObject" on "https://[mybucket].s3.ap-souteast-1.amazonaws.com/backup-2019-08-09T03-45-48.mysql.gz"; AWS HTTP error: cURL error 6: (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)

the notification for "Please store access key id an secret key id" still does not disappeared as stated before.

Here is updated patch with few more changes.

Hi @muaz91,
1. I have uploaded a new patch which will fix issue of notification for "Please store access key id an secret key id".
2. For the second point, I guess it is issue with Bucket Policy for the S3 bucket you provided. Will you please confirm once if access key you have provided have permission to PutObject in the bucket?
Thanks.

Hi @snehalgaikwad,

The patch works, however there are problems that I have found:

1. The region field is not required, you can save without putting any region. When leave blank and try to backup, will get notification as below:

Please fill all mandatory fields to create S3 client
Could not upload to S3

2. The main problem is that, the $settings['backup_migrate_aws_key_id'] and $settings['backup_migrate_aws_access_key'] is getting the wrong information. This means that when i put my access key in $settings['backup_migrate_aws_access_key'] and my secret key in $settings['backup_migrate_aws_key_id'], I will get error as below:

Error executing "PutObject" on "https://[mybucket].s3.ap-southeast-1.amazonaws.com/backup-2019-08-15T07-37-17.mysql.gz"; AWS HTTP error: Client error: `PUT https://[mybucket].s3.ap-southeast-1.amazonaws.com/backup-2019-08-15T07-37-17.mysql.gz` resulted in a `400 Bad Request` response: <?xml version="1.0" encoding="UTF-8"?> AuthorizationHeaderMalformedThe authorization header (truncated...) AuthorizationHeaderMalformed (client): The authorization header is malformed; the Credential is mal-formed; expecting "/YYYYMMDD/REGION/SERVICE/aws4_request". - <?xml version="1.0" encoding="UTF-8"?> AuthorizationHeaderMalformedThe authorization header is malformed; the Credential is mal-formed; expecting "<YOUR-AKID>/YYYYMMDD/REGION/SERVICE/aws4_request".39219DAC9BC3E6E5XRQ+kSGXqqRevmSrZjKNidxQKhhfWX++M7yw20cnvCxXR43Ft5hLl8hWOD+tZgYv4ZdaYUXySQw=

However, if I put:

$settings['backup_migrate_aws_key_id'] = 'my-access-key';
$settings['backup_migrate_aws_access_key'] = 'my-secret-key';

the backup process works. the information put in is in the wrong fields. Thank you.

Made Region field required and changed variable names of secret key and access key to avoid confusion. Here is updated patch.

Hello @snehalgaikwad,
I tested your patch it works perfectly, the region is now required and the access_key and secret access_key are better labeled. The last item on my S3 is the default Drupal database backup

Updated notice for storing secret and access key in settings.php.

Tested the patch on #17. It works flawlessly

#17 patch looks good to me. +1 to RTBC

This module cannot add a dependency on an AWS library. If this dependency needs to be added in order for S3 to work, it might be worth splitting the S3 functionality into a (bundled) submodule that's only available when enabled.

I agree it is not a good idea to require on the main module level; however, I'm not sure if the submodule approach would work. I don't know if a composer.json inside a submodule is read to build the dependencies. I broadly see two approaches:

1. Have the functionality in a submodule and only add the PHP dependency in `suggests` section. The functionality is better off in a submodule. Otherwise, things like extending a class from the PHP package might not work as expected. The module shouldn't be able to install without the dependency.
2. Put the entire thing in Backup and Migrate S3 module. Over there, it might make sense to put the dependency in the root composer.json itself.

Thoughts?

Thanks @DamienMcKenna and @hussainweb for your suggestions. I'll make appropriate changes in code and will put it in Backup and Migrate S3 as a D8 porting.

Hi

I manage to upload backup files to my S3 bucket with the backup_migrate_aws_s3 module but only to the root folder of my bucket.
When I use bucketname/subfolder I get error because the slash in the folder is rewritten to bucketname%2Fsubfolder.
Slash is url encoded...

Any suggestions how I could solve this problem?

Error executing "PutObject" on "https://s3.eu-west-3.amazonaws.com/bucket.XXXXX.be%2Fikbenpro/backup-202..."; AWS HTTP error: Client error: `PUT https://s3.eu-west-3.amazonaws.com/bucket.XXXXX.be%2Fikbenpro/backup-202...` resulted in a `403 Forbidden` response: .....

Kind regards.

Hi @ErwinDeClerck (and anyone else looking to save backups into a sub-folder of their S3 bucket) - I've filed issue #3189043 with a patch which may help you?

:)

Best wishes,

Alex

Hi folks, i have a question that might sound crazy,

Why are we need create this solution for B&M and not just configure https://www.drupal.org/project/s3fs to work as your private system (or public)?