S3 Storage for DR — Implementation Details | Deployment

LogScale Documentation Full Library Knowledge Base Release Notes Integrations Query Examples Training API GraphQL API Search Archives Contacting Support

LogScale Self-Hosted Deployment

S3 Storage for DR — Implementation Details

Cross-Region S3 Access

The secondary cluster requires read access to the primary's S3 bucket for DR recovery. This is implemented via IAM policy attached to the secondary's IRSA role:

json

{
  "Effect": "Allow",
  "Action": [
    "s3:GetObject",
    "s3:ListBucket"
  ],
  "Resource": [
    "arn:aws:s3:::${var.dr_primary_s3_bucket}",
    "arn:aws:s3:::${var.dr_primary_s3_bucket}/*"
  ]
}

Security controls:

Read-only access (no write/delete to primary bucket)
Bucket policy requires aws:SecureTransport (HTTPS only)
Access logged via S3 server access logging or CloudTrail

Versions of this Page

Deployment Overview

Planning Your Deployment

Instance Sizing

Authentication and identity providers

Other authentication methods

Storage Architecture

Installing Using Containers

Installing On Bare Metal or Cloud Instance

Reference Architectures

Installing Load Balancers

Deploying Auxiliary Services

Configuration Settings

Managing Your Deployment

Testing Your Deployment

S3 Storage for DR — Implementation Details

Enter search term