All Products
Search
Document Center

Data Online Migration:Preparations

Last Updated:Apr 17, 2024

This topic describes the operations that you must perform before you migrate data.

Step 1: Estimate the amount of data to be migrated

Estimate the size and number of files to be migrated. You can view the size and number of files to be migrated in the Object Storage Service (OSS) console.

Note

To ensure a successful migration, you must specify valid values for the size and number of files when you create a migration job.

Step 2: Restore data in the source bucket

Before you create a migration task to migrate data of the Archive storage class, you must manually restore the data. Take note of the following items when you restore the data:

  • Before you create a source data address and a migration task, make sure that data of the Archive storage class is restored.

  • Specify the number of days during which the restored data remains in the restored state based on the amount of data that you want to migrate. This can prevent data from entering the archived state during data migration.

  • You may be charged for the restoration operation. The fee may be relatively high. For more information about the billing methods, contact the service provider that offers the source bucket.

Note

Data Online Migration does not restore data in archived files at the source data address during data migration. The files that are not restored or are being restored cannot be migrated.

Step 3: Create a destination bucket

Create a destination bucket in the OSS console to store the migrated data. For more information, see Create a bucket.

Step 4: Create a RAM user that is used to migrate data

Note If you need to migrate data across accounts, you must create RAM users for the Alibaba Cloud account to which the source bucket belongs and the Alibaba Cloud account to which the destination bucket belongs. Then, you must grant the required permissions to both RAM users.
  1. Log on to the Resource Access Management (RAM) console.
  2. In the left-side navigation pane, choose Identities > Users.
  3. On the Users page, click Create User.
  4. In the User Account Information section of the Create User page, configure the Logon Name and Display Name parameters.
  5. In the Access Mode section, select Console Access and OpenAPI Access. Then, save the generated logon name, password, AccessKey ID, and AccessKey secret.
    • Console Access: If you select this option, you must configure the console password, password reset settings, and multi-factor authentication (MFA) settings.
    • OpenAPI Access: If you select this option, an AccessKey pair is automatically created for the RAM user. The RAM user can call API operations or use other development tools to access Alibaba Cloud resources.
    Note If you need to migrate data across accounts, you must save the logon name, password, AccessKey ID, and AccessKey secret that are generated for each RAM user by the corresponding Alibaba Cloud account.
  6. After the RAM user is created, go to the Users page. Find the RAM user that you want to manage and click Add Permissions in the Actions column to grant the RAM user the AliyunOSSFullAccess permissions.
  7. In the left-side navigation pane, click Overview.
  8. On the page that appears, navigate to the Account Management section and click the link under RAM user logon. On the page that appears, enter the logon name and password of the RAM user to log on to the Alibaba Cloud Management Console.

Step 5: Grant permissions to the RAM user

After the RAM user is created, go to the Users page in the RAM console. Find the RAM user that you want to manage and click Add Permissions in the Actions column to grant permissions to the RAM user. Grant the required permissions to the RAM user based on the migration scenario.

Migrate data within the same Alibaba Cloud account

If you want to migrate data within the same Alibaba Cloud account, you must grant the following permissions to the RAM user:

  • System policy: AliyunMGWFullAccess, which grants full permissions on Data Transport

  • Custom policies:

    • Grant the RAM user the permissions to list and read all resources in the source bucket

      Note
      • The following policy is for reference only. Replace mybucket with the name of the source bucket.

      • For more information about RAM policies for OSS, see Common examples of RAM policies.

      {
          "Version": "1",
          "Statement": [
              {
                  "Effect": "Allow",
                  "Action": "oss:ListObjects",
                  "Resource": [
                      "acs:oss:*:*:mybucket",
                      "acs:oss:*:*:mybucket/*"
                  ]
              },
              {
                  "Effect": "Allow",
                  "Action": "oss:GetObject",
                  "Resource": [
                      "acs:oss:*:*:mybucket",
                      "acs:oss:*:*:mybucket/*"
                  ]
              }
          ]
      }
    • Grant the RAM user full permissions on the destination bucket

      Note
      • The following policy is for reference only. Replace mybucket with the name of the destination bucket.

      • For more information about RAM policies for OSS, see Common examples of RAM policies.

      {
          "Version": "1",
          "Statement": [
              {
                  "Effect": "Allow",
                  "Action": "oss:*",
                  "Resource": [
                      "acs:oss:*:*:mybucket",
                      "acs:oss:*:*:mybucket/*"
                  ]
              }
          ]
      }

Migrate data across Alibaba Cloud accounts

If you want to migrate data across Alibaba Cloud accounts, you must grant the following permissions to the RAM users:

  • RAM user that is created within the source Alibaba Cloud account

    • System policy: AliyunMGWFullAccess, which grants full permissions on Data Transport

    • Custom policy:

      Grant the RAM user the permissions to list and read all resources in the source bucket

      Note
      • The following policy is for reference only. Replace mybucket with the name of the source bucket.

      • For more information about RAM policies for OSS, see Common examples of RAM policies.

      {
          "Version": "1",
          "Statement": [
              {
                  "Effect": "Allow",
                  "Action": "oss:ListObjects",
                  "Resource": [
                      "acs:oss:*:*:mybucket",
                      "acs:oss:*:*:mybucket/*"
                  ]
              },
              {
                  "Effect": "Allow",
                  "Action": "oss:GetObject",
                  "Resource": [
                      "acs:oss:*:*:mybucket",
                      "acs:oss:*:*:mybucket/*"
                  ]
              }
          ]
      }
  • RAM user that is created within the destination Alibaba Cloud account

    • System policy: AliyunMGWFullAccess, which grants full permissions on Data Transport

    • Custom policy:

      Grant the RAM user full permissions on the destination bucket

      Note
      • The following policy is for reference only. Replace mybucket with the name of the destination bucket.

      • For more information about RAM policies for OSS, see Common examples of RAM policies.

      {
          "Version": "1",
          "Statement": [
              {
                  "Effect": "Allow",
                  "Action": "oss:*",
                  "Resource": [
                      "acs:oss:*:*:mybucket",
                      "acs:oss:*:*:mybucket/*"
                  ]
              }
          ]
      }