Amazon S3 Bucket region and name restrictions and requirements
Amazon S3 bucket name restrictions and requirements. The primary symptom of an incompatible or improperly created S3 bucket / region when used with NovaBACKUP is that the backup job to Amazon S3 will not be able to connect to Amazon S3 at the start of the backup job and fail to store a backup to S3.
SPECIAL UPDATE: With the new Amazon configuration for IAS users, NovaBACKUP software cannot create the Bucket Name for you from within NovaBACKUP, the bucket must *first* be created via the Amazon AWS site, S3 explorer or something similar. When creating the S3 bucket name you will be required to select "US East (N. Virginia)" for the region name. The reason that this specific region has to be utilized for your bucket's region is explained by Amazon in the article here; do a search for the word Important. There is a workaround article that we have that you can utilize if you do NOT want to use the US East (N. Virginia) region for the bucket region but it involves installing Amazon AWS CLI (Command Line Interface) application to create a new bucket name via AWS CLI with an additional "LocationConstraint" property set on the bucket; you can follow the instructions that we have written on how to do that here. You will need to take special note that there are still some regions which are NOT supported by NovaBACKUP software and if you do attempt to use those regions then NovaBACKUP will fail to connect to Amazon S3 and perform a backup. You can read further about that limitation and how to avoid it here:
NovaStor has recently identified that if the bucket region choice is set to Canada (Central) or Germany (Frankfurt) or some of the "US West" choices it WILL not work to be able to back up to that bucket, if utilizing those region choices. The symptom is that when you start the backup and the connection is made to Amazon S3 the backup will fail based solely on the bucket's Region setting that you specified. Amazon S3 while setting up your account and bucket names, on the Amazon AWS website side, will auto-detect the best region for you based on your physical location and each bucket that is created will utilize that region, there are certain regions that are incompatible with NovaBACKUP software and we will cover that next to show the workaround that you can perform. The latest AWS regions are displayed in list form here. The only bucket Regions which the NovaBACKUP software supports are the bucket Regions that contain "Signature Versions Support: Versions 2 and 4", this data will be displayed in the last column of the AWS region list website here. If the bucket's "Signature Version" is displayed as "Signature Versions Support: Versions 4 Only" it will NOT work with NovaBACKUP and you will be required to go and change your bucket name region inside the Amazon AWS site. Then you can re-try the backup job to that modified Amazon S3 bucket.
When creating the bucket on the Amazon AWS site it will tell you if the name already exists or if it does not meet the current in place requirements and you will have the choice of choosing the Region. If the Region choice is set to Oregon our software will probably fail to perform the backup so be careful when selecting the Region during bucket name creation in Amazon AWS. You can access the Amazon AWS site at the following web address: https://console.aws.amazon.com/s3/.
Note: Please make sure that your Windows Time is set to have daylight savings checked in windows explorer and verify the time is correct. If this is not checked you will not be able to establish a connection properly within bucket explorer.
Why do some of my requests randomly fail with a 403 Forbidden?
Check the system clock and time zone settings on the offending machine. Amazon s3 requires all machines making requests be within 15 minutes of an Amazon S3 webserver's clock. Setting up your machines to sync their times with a NTP server in addition to making sure they are patched for the recent Day Light Savings changes should resolve this issue.
The response from Amazon S3 will contain the following:
-HTTP Status Code: 403 Forbidden
-Error Code: RequestTimeToo-Skewed
-Description: The difference between the request time and the server"s time is too large.