How to set up Cloud Sync using the same role for multiple backup accounts
- First, follow the steps provided here to set up Cloud Sync if you have not done so already.
-
In the RewindApp, go to the other account for which you’d like to reuse the AWS role from step 1 for. Navigate to the gear icon in the top right and click on Manage Cloud Sync to open the Cloud Sync dialog. In this dialog, make note of the External ID which is unique to the current Rewind Backups account:
- In step 1, an IAM role should have been created in your AWS account which you can find as follows: IAM → Roles → <name of role created in step 1>, click on this role and navigate to Trust relationships, which will contain a Trust Policy that looks like:
The External ID in the Trust Policy will be the unique ID of the Rewind Backups account for which you initially set-up Cloud Sync with. - Modify the Trust Policy using the Edit Trust Policy button to match the below configuration, adding in the External ID you got from step 2:
Ensure that the sts:ExternalId field is changed from a string to an array as per the above screenshot. - You should now be able to reuse the same role and S3 bucket for both Rewind Backups accounts. Ensure to specify a different Storage Key Prefix to prevent collisions of backed-up data.