Backup to Object Storage

The SP can allocate object storage resources as cloud repository resources to tenants. To do this, the SP must add an object storage repository in the Veeam Backup & Replication infrastructure and assign this backup repository as a cloud repository in the properties of a tenant account. Once the tenant connects to the SP, they can create backup jobs targeted at the cloud repository that uses object storage as a back end.

This functionality allows the SP to use object storage as a target location for tenant backups without the need to configure scale-out backup repositories extended with capacity tier object storage. It may be helpful, for example, if the SP wants to keep the entire tenant data in object storage instead of offloading backup chains from on-premises extents of a scale-out backup repository to a cloud-based object storage.

The SP can use the following types of object storage as a cloud repository:

  • S3 compatible
  • Amazon S3, Amazon S3 Glacier and AWS Snowball Edge
  • Google Cloud
  • IBM Cloud
  • Microsoft Azure Blob, Azure Archive Storage and Azure Data Box
  • Wasabi Cloud Storage
  • [Starting from Veeam Backup & Replication 12.1.2] Veeam Data Cloud Vault

The SP can add use object storage as a simple backup repository or as an extent of a scale-out backup repository — both as a performance tier extent or capacity tier extent.

Veeam products on the tenant side communicate with the object storage using one of the following connection modes:

  • Connection through a gateway server. In this mode, the tenant accesses object storage through a proxy component — a gateway server assigned in the SP Veeam Backup & Replication console. Backup data is sent from Veeam Backup & Replication or Veeam Agent on the tenant side to the gateway server on the SP side, and then it is sent from the gateway server to the object storage used as a cloud repository.
  • Direct connection. In this mode, the tenant accesses object storage directly. Backup data is sent from Veeam Backup & Replication or Veeam Agent on the tenant side to the object storage on the SP side.

To access object storage repository in the direct connection mode, Veeam products on the tenant side use temporary credentials issued by Veeam Backup & Replication running on the SP side.

To learn more about connection modes, see How Backup to Object Storage Works.

Getting Started with Backup to Object Storage

To assign a quota in object storage to the tenant, the SP must complete the following steps:

  1. Add an object storage repository in the SP Veeam backup infrastructure. For details, see the Adding Object Storage Repositories section in the Veeam Backup & Replication User Guide.
  1. [For S3 compatible object storage] Set up access permissions for the added S3 compatible object storage repository. For details, see the Managing Permissions for S3 Compatible Object Storage section in the Veeam Backup & Replication User Guide.
  2. Assign the added object storage repository as a cloud repository to the tenant account. For details, see Registering Tenant Accounts.

Once the tenant connects to the SP, they can create VM backup jobs and Veeam Agent backup jobs targeted at the cloud repository that uses object storage as a back end.

Considerations and Limitations

Backup to object storage in the Veeam Cloud Connect Backup scenario has the following requirements and limitations.

For Veeam Data Cloud Vault, both the SP and tenant must run Veeam Backup & Replication 12.1.2 (or later).

In earlier product versions, object storage repositories used as cloud repositories are not displayed on the tenant side.

  • Veeam Data Cloud Vault can only be used as a cloud repository in the Connection through a gateway server mode.

Page updated 5/7/2024

Page content applies to build 12.1.2.172