Using Amazon Commercial Cloud Services (C2S) as a primary storage for Enterprise Vault

To add a new Amazon C2S partition that uses CAP authentication

1. In the left pane of the Administration Console, expand the Vault Store Groups container to view the existing vault store groups.
2. Expand the vault store group that contains the vault store for which you want to create the partition.
3. Expand the vault store in which you want to create the partition.
4. Right-click the Partitions container, and then click New > Partition. The New Partition wizard starts.
5. Click Next.
6. Enter all the details for new Vault Store Partition and then click Next.
7. In the Storage type list, select Amazon Commercial Cloud Service (C2S).
8. Click Next.
9. Provide the Amazon C2S connection settings:

   Setting	Description
   AWS C2S S3 endpoint	Specify the endpoint for the AWS region based on the AWS S3 bucket.
   CAP URL	Specify the URL for the C2S access portal.
   Agency	Specify the agency that is associated with the target C2S account.
   Mission Name	Specify the mission name that is assigned to the target C2S account.
   Role	Specify the IAM Role in the target C2S account.
   Certificate name	Specify the client certificate for the C2S access portal authentication. You cannot remove a certificate that is currently in use. To configure the Certificate name for the C2S access portal authentication: Click Add. Enter the certificate name. Provide the certificate .cert.pem file. Provide the private key .key.pem file. Configure Passphrase, if required. Click OK. You can use the same screen for removing and viewing the configured certificate.
   Storage class	Specify the storage class for storing objects into the AWS S3 bucket. S3 Standard - to store frequently accessed data. S3 Standard-IA - to store infrequently accessed data that requires rapid access when needed. Data is stored in a minimum of three Availability Zones (AZs). S3 One Zone-IA - to store infrequently accessed data in a single Availability Zone. S3 Intelligent-Tiering - to move data across most cost-effective access tier. For more information, see https://aws.amazon.com/s3/storage-classes.
   Encryption	Specify encryption setting whether to encrypt archived files stored in bucket or not. By default, SSE-S3 is selected that encrypts the archived files by using server-side encryption with Amazon S3-Managed Encryption Keys.
   Log level	Specify the logging level for AWS SDK logs. No logging - Enterprise Vault does not log any AWS SDK logs. Fatal - Logs only fatal errors. Error - Logs all errors. Warn - Logs warning and errors. Info - Logs every information, including warnings and errors. Debug - Logs debug messages, including info, warnings, and errors. Everything - Logs everything. Note: DTrace logs will include the AWS SDK log statements, which can be easily found prefixed with AwsSdk:.
   Write buffer size (MB)	Specify the write buffer size, in the range of 5 MB to 200 MB, to upload data in chunks.
   Read buffer size (MB)	Specify the read buffer size, in the range of 1 MB to 1024 MB, to download data in chunks.

10. Click Next to check the configuration.
11. New Partition configuration shows the Amazon Commercial Cloud Services success message. Click Next.
12. The Replication page shows the selected option as When archived files exist on the cloud storage.

    Please see the Administration Console Help pages for more information.

13. Choose the scan interval for checking if files exist on the cloud. The supported scan interval is from 0 minute to 1440 minutes. By default, every 60 minutes, Enterprise Vault checks whether the archived data exists on the cloud. If required, you can change the scan interval. If you set the scan interval to 0 minutes, partitions are checked only when the backup mode is cleared from the vault store, and when the storage service starts.
14. Click Next.
15. The summary page provides the information for the newly created Amazon C2S partition.