Backups in Amazon S3 object storage might be encrypted by N2WS Backup & Recovery backup jobs. Moreover, password for such encrypted backups may change on a daily basis.
For example, there is a backup chain in Amazon S3 object storage that consists of 10 restore points, each of which was encrypted with different password. Therefore, there are 10 different passwords in total that have been used.
To be able to decrypt each restore point in such a backup chain without having to provide each previously used password separately, Veeam Backup & Replication implements the ability of backward hierarchical decryption.
Backward hierarchical decryption requires only the latest password to be provided so that all the previously created restore points can be decrypted as well.
As an example, there are three restore points: A, B, and C. The point A was encrypted with password 1, B with password 2, and C with password 3. Therefore, you will only need to know the password of the C point to decrypt points C, B, and A.
Password is provided at the Specify Cloud Storage Details step of the new external repository wizard.
To create a backup copy job it is necessary to provide a password for encrypted backups.