Minor doc corrections

README.md

@@ -258,7 +258,24 @@ Omitting `--service` will include all supported services.
 
 You can optionally specify the name of the instance to transfer with `--names` in a comma separated list, e.g. `--names 'database-1, database-2`. This can be for either RDS instances, or S3 buckets, but not both at the same time. Future versions may remove `--service` and replace it with a subcommand instead, i.e. `akinaka dr transfer rds`, so that those service can have `--names` to themselves.
 
-This requires that Akinaka is run from either an account or instance profile which can use sts:assume to assume both the `source-role-arn` and `destination-role-arn`. This is true even if you are running on the account that `destination-role-arn` is on.
+A further limitation is that only a single region can be handled at a time for S3 buckets. If you wish to backup all S3 buckets in an account, and they are in different regions, you will have to specify them per run, using the appropriate region each time. Future versions will work the bucket regions out automatically, and remove this limitation.
+
+Akinaka must be run from either an account or instance profile which can use sts:assume to assume both the `source-role-arn` and `destination-role-arn`. This is true even if you are running on the account that `destination-role-arn` is on. You will therefore need this policy attached to the user/role that's doing the assuming:
+
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Sid": "akinakaassume",
+                "Effect": "Allow",
+                "Action": "sts:AssumeRole",
+                "Resource": [
+                    "arn:aws:iam::[DESTINATION_ACCOUNT]:role/[ROLE_TO_ASSUME]",
+                    "arn:aws:iam::[SOURCE_ACCOUNT]:role/[ROLE_TO_ASSUME]"
+                ]
+            }
+        ]
+    }
 
 The following policy is needed for usage of this subcommand, attach it to the role you'll be assuming:
 

akinaka/dr/commands.py

@@ -70,13 +70,15 @@ def create_kms_key(region, assumable_role_arn):
 
 @dr.command()
 @click.pass_context
-@click.option("--take-snapshot", is_flag=True, help="TODO: Boolean, default false. Take a live snapshot now, or take the existing latest snapshot")
+@click.option("--take-snapshot", is_flag=True, help="Boolean, default false. Take a live snapshot now, or take the existing latest snapshot. Relevant only for RDS")
 @click.option("--names", required=False, help="Comma separated list of DB/S3 names to transfer")
 @click.option("--service", type=click.Choice(['rds', 'aurora', 's3']), required=False, help="The service to transfer backups for. Defaults to all (RDS, S3)")
 @click.option("--retention", required=False, help="Number of days of backups to keep")
 @click.option("--rotate", is_flag=True, required=False, help="Only rotate backups so [retention] number of days is kep, don't do any actual backups. Relevant for RDS only")
 def transfer(ctx, take_snapshot, names, service, retention, rotate):
     """
+    Creates and passes shared KMS keys to the subcommands which wish to tranfer data between eachother.
+
     Backup [service] from owning account of [ctx.source_role_arn] to owning account
     of [ctx.destination_role_arn].
     """
@@ -202,7 +204,7 @@ def rds(
     Call the RDS class to transfer snapshots
     """
 
-    logging.info("Will attempt to backup the following RDS instances, unless this is a dry run:")
+    logging.info("Will attempt to backup the data for following RDS instances, unless this is a dry run:")
     logging.info(db_names)
 
     if dry_run:

akinaka/dr/s3/transfer_s3.py

@@ -86,7 +86,7 @@ class TransferS3():
                 ACL='private',
                 Bucket=new_bucket_name,
                 CreateBucketConfiguration={
-                    'LocationConstraint': 'EU'
+                    'LocationConstraint': self.region
                 }
             )