Although you can use the Server SDK to develop custom post-LDIF-export task processors, the server also provides the upload-to-s3 processor type, which you can use to upload the resulting LDIF file to a specified Amazon S3 bucket as a means of an off-site backup mechanism.

To configure the post-LDIF-export upload to the S3 bucket:

  1. If the server isn't configured with an appropriate Amazon AWS external server definition, create one with the necessary settings for connecting and authenticating to the AWS service. 
    dsconfig create-external-server \
  --server-name AWS \
  --type amazon-aws \
  --set authentication-method:access-key \
  --set aws-access-key-id:<accessKeyID> \
  --set aws-secret-access-key:<secretAccessKey> \
  --set aws-region-name:us-east-1
  2. Configure an instance of the upload-to-s3 post-LDIF-export task processor with the appropriate settings. 
    dsconfig create-post-ldif-export-task-processor \
  --processor-name "Upload to S3" \
  --type upload-to-s3 \
  --set enabled:true \
  --set aws-external-server:AWS \
  --set s3-bucket-name:<bucketName> \
  --set maximum-file-count-to-retain:20 \
  --set "maximum-file-age-to-retain:1 w"
  3. When performing an LDIF export as an administrative task using the export-ldif tool, use the --postExportProcessor argument with the processor-name value of the desired post-LDIF-export task processor. 
    bin/export-ldif \
  --task \
  --hostname ds.example.com \
  --port 636 \
  --useSSL \
  --bindDN uid=admin,dc=example,dc=com \
  --bindPasswordFile /path/to/admin-password.txt \
  --backendID userRoot \
  --ldifFile ldif/userRoot.ldif \
  --postExportProcessor "Upload to S3"
    Note:

    To specify that a post-LDIF-export task processor should be used when performing an automated LDIF export through a recurring task, set the post-ldif-export-task-processor property in the configuration for the recurring task.