Prerequisites for AWS
To create a backup of the data stored in S3 buckets, Kyvos uses the following features of AWS:
Cross-Region Replication
Versioning, along with its lifecycle configurations
Replication configurations.
To back up data, Kyvos requires a separate destination bucket in a region where you expect to recover Kyvos after a disaster.
Cross Region Replica (CRR) should be enabled on the source bucket only (or Kyvos working directory).
CRR requires the source and destination buckets with versioning enabled.
Setting up replication bucket
Create a destination bucket for the Disaster Recovery (DR) cluster.
Enable versioning on both Source and Destination S3 buckets.
Create Lifecycle rules.
On the Source bucket, enable Replication and perform the following steps:
Source section
Provide the replication rule name.
In Source, choose a rule Scope as Limit the scope of this rule using one or more filters.
Provide the prefix as the kyvos working directory, such as: user/engine_work
Destination section
Choose a bucket in this account.
Provide IAM roles to copy data from bucket one to bucket two. Refer to the AWS document for details.
In Additional replication options, select the Delete Marker Replication option.
Note
You must manually copy the existing data after enabling Replication. The data that was present before enabling replication must be copied explicitly. It's recommended to stop Kyvos services while copying older data from the source bucket.
Creating a Read Replica of RDS
You must create a read replica by following the information provided in the AWS documentation.
Replicating AWS Secret Manager
You must replicate AWS Secret Manager by following the information provided in the AWS documentation.
Replicated resource information configuration in Kyvos Manager
To save replication information on primary cluster for disaster recovery, click here.