Although you can use the Server SDK to develop custom post-LDIF-export task processors, the server also provides the upload-to-s3 processor type, which you can use to upload the resulting LDIF file to a specified Amazon S3 bucket as a means of an off-site backup mechanism.

To configure the post-LDIF-export upload to the S3 bucket:

  1. If the server isn't configured with an appropriate Amazon AWS external server definition, create one with the necessary settings for connecting and authenticating to the AWS service.
    dsconfig create-external-server \
      --server-name AWS \
      --type amazon-aws \
      --set authentication-method:access-key \
      --set aws-access-key-id:<accessKeyID> \
      --set aws-secret-access-key:<secretAccessKey> \
      --set aws-region-name:us-east-1
  2. Configure an instance of the upload-to-s3 post-LDIF-export task processor with the appropriate settings.
    dsconfig create-post-ldif-export-task-processor \
      --processor-name "Upload to S3" \
      --type upload-to-s3 \
      --set enabled:true \
      --set aws-external-server:AWS \
      --set s3-bucket-name:<bucketName> \
      --set maximum-file-count-to-retain:20 \
      --set "maximum-file-age-to-retain:1 w"
  3. When performing an LDIF export as an administrative task using the export-ldif tool, use the --postExportProcessor argument with the processor-name value of the desired post-LDIF-export task processor.
    bin/export-ldif \
      --task \
      --hostname \
      --port 636 \
      --useSSL \
      --bindDN uid=admin,dc=example,dc=com \
      --bindPasswordFile /path/to/admin-password.txt \
      --backendID userRoot \
      --ldifFile ldif/userRoot.ldif \
      --postExportProcessor "Upload to S3"

    To specify that a post-LDIF-export task processor should be used when performing an automated LDIF export through a recurring task, set the post-ldif-export-task-processor property in the configuration for the recurring task.