Remote backup storage

Backup storage is a critical component of any database backup strategy. It serves as a secure, reliable place for your MongoDB data backups, ensuring that your data is protected and can be recovered when needed. The choice of backup storage directly impacts your backup strategy’s reliability, performance, and cost-effectiveness.

The backup storage serves several purposes:

• Provides a secure location for storing backup data
• Ensures data durability and availability
• Allows for backup data portability across different environments

Supported storage types

Percona Backup for MongoDB supports the following storage types:

• Amazon S3
• Google Cloud storage
• MinIO and S3-compatible storage
• Filesystem server storage
• Microsoft Azure Blob storage
• Alibaba Cloud OSS storage

How PBM organizes backups on the storage

Percona Backup for MongoDB (PBM) saves backup data to a designated directory on the backup storage. It can be a specific directory you define for the storage or the root folder.

Each backup is prefixed with the UTC starting time for easy identification and consists of:

• A metadata file containing backup information

• For each replica set:

• A compressed mongodump archive of all collections

• A compressed BSON file containing the oplog entries for the backup period

The oplog entries ensure backup consistency, and the end time of the oplog slice(s) is the data-consistent point in time of a backup snapshot.

Using the pbm list or pbm status commands, you can scan the backup directory to find existing backups, even if you never used PBM on your computer before.

Permissions setup

Regardless of the remote backup storage you use, grant the List/Get/Put/Delete permissions to this storage for the user identified by the access credentials.

The following example shows the permissions configuration to the pbm-testing bucket on the AWS S3 storage.

{
    "Version": "2021-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": "arn:aws:s3:::pbm-testing"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl",
                "s3:GetObject",
                "s3:GetObjectAcl",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::pbm-testing/*"
        }
    ]
}

Storage-specific documentation

Please refer to the documentation of your selected storage for the data access management.

See also

• AWS documentation: Controlling access to a bucket with user policies
• Google Cloud Storage documentation: Overview of access control
• Microsoft Azure documentation: Assign an Azure role for access to blob data
• MinIO documentation: Policy Management
• Alibaba Cloud documentation: Permissions and access control

---

Last update: October 23, 2025
Created: October 23, 2025