Veeam Backup & Replication 10
User Guide for VMware vSphere
Related documents

AWS IAM User Permissions

To restore to Amazon EC2, it is recommended that the IAM user whose credentials you plan to use to connect to AWS has administrative permissions — access to all AWS actions and resources.

If you do not want to provide full access to AWS, you can grant to the IAM user a minimal set of permissions that will be sufficient for restore. To do that, create the following policy in the JSON format and attach it to the IAM user:

{

 "Version": "2012-10-17",

 "Statement": [{

  "Action": [

   "ec2:DescribeInstances",

   "ec2:RunInstances",

   "ec2:TerminateInstances",

   "ec2:StartInstances",

   "ec2:StopInstances",

   "ec2:ModifyInstanceAttribute",

   "ec2:DescribeImages",

   "ec2:ImportImage",

   "ec2:DeregisterImage",

   "ec2:DescribeVolumes",

   "ec2:CreateVolume",

   "ec2:ModifyVolume",

   "ec2:ImportVolume",

   "ec2:DeleteVolume",

   "ec2:AttachVolume",

   "ec2:DetachVolume",

   "ec2:CreateSnapshot",

   "ec2:DescribeSnapshots",

   "ec2:DeleteSnapshot",

   "ec2:DescribeSubnets",

   "ec2:DescribeNetworkInterfaces",

   "ec2:DescribeSecurityGroups",

   "ec2:DescribeKeyPairs",

   "ec2:CreateKeyPair",

   "ec2:DeleteKeyPair",

   "ec2:DescribeAvailabilityZones",

   "ec2:DescribeVpcs",

   "ec2:DescribeConversionTasks",

   "ec2:DescribeImportImageTasks",

   "ec2:DescribeVolumesModifications",

   "ec2:CancelImportTask",

   "ec2:CancelConversionTask",

   "ec2:CreateTags",

   "ec2:DescribeAccountAttributes",

   "ec2:DescribeDhcpOptions",

   "ec2:DescribeVpcAttribute",

   "iam:GetRole",

   "iam:CreateRole",

   "iam:PutRolePolicy",

   "iam:DeleteRolePolicy",

   "s3:CreateBucket",

   "s3:ListBucket",

   "s3:ListAllMyBuckets",

   "s3:DeleteBucket",

   "s3:PutObject",

   "s3:DeleteObject",

   "s3:GetBucketLocation",

   "s3:PutLifeCycleConfiguration",

   "s3:GetObject",

   "s3:RestoreObject",

   "s3:AbortMultiPartUpload",

   "s3:ListBucketMultiPartUploads",

   "s3:ListMultipartUploadParts"

  ],

  "Effect": "Allow",

  "Resource": "*"

 }]

}

Alternatively, you can attach the created policy to the IAM group or role to which the IAM user is assigned.

For information on how to create and attach a policy to an IAM user, see the Creating IAM Policies and Adding and Removing IAM Identity Permissions sections in the AWS IAM User Guide.

This Document Help Center
User Guide for VMware vSphereUser Guide for Microsoft Hyper-VVeeam Backup Enterprise Manager GuideVeeam Agent Management GuideVeeam Cloud Connect GuideVeeam Explorers User GuideVeeam Plug-ins for Enterprise Applications GuideVeeam PowerShell ReferenceVeeam Explorers PowerShell ReferenceVeeam RESTful API ReferenceRequired Permissions for VMware vSphereQuick Start Guide for VMware vSphereQuick Start Guide for Microsoft Hyper-VVeeam Backup for AWS DocumentationVeeam Availability for Nutanix AHV DocumentationVeeam Backup for Microsoft Office 365 DocumentationVeeam ONE DocumentationVeeam Agent for Windows DocumentationVeeam Agent for Linux DocumentationVeeam Management Pack Documentation
I want to report a typo

There is a misspelling right here:

 

I want to let the Veeam Documentation Team know about that.