Step 4. Enable EFS Indexing

At the Indexing step of the wizard, you can instruct Veeam Backup for AWS to perform indexing of the processed EFS file systems. EFS indexing allows you to perform EFS file-level recovery operations without specifying the exact paths to the necessary files folders and to restore them using different restore points during one restore session. While performing EFS indexing of a file system, Veeam Backup for AWS creates a catalog of all files and directories (an index) and saves the index to a backup repository. This index is further used to reproduce the file system structure and to enable browsing and searching for specific files within an EFS backup.

To learn how indexing works, see EFS Backup.

Limitations and Requirements

Before you enable EFS indexing, consider the following:

• EFS indexing is not supported in the Free edition of Veeam Backup for AWS. For more information on license editions, see Licensing of Standalone Backup Appliances.
• Each processed EFS file system for which you want to perform indexing must meet the following requirements:

• A file system must have at least one mount target created.

• A mount target that will be used by worker instances to connect to the file system must be associated with a security group that allows inbound access on port 2049.

• If no specific worker configurations are added to Veeam Backup for AWS, the most appropriate network settings of AWS Regions are used to launch worker instances for EFS indexing operations. For Veeam Backup for AWS to be able to launch a worker instance used to create an index of a file system:

• A VPC in which the file system has the mount target must have at least one security group that allows outbound access on ports 2049 and 443. These ports are used by worker instances to mount the file system and to communicate with AWS services.
• The DNS resolution option must be enabled for the VPC. For more information, see AWS Documentation.
• As Veeam Backup for AWS uses public access to communicate with worker instances, the public IPv4 addressing attribute must be enabled at least for one subnet in the Availability Zone in which the file system has a mount target and the VPC to which the subnet belongs must have an internet gateway attached. VPC and subnet route tables must have routes that direct internet-bound traffic to this internet gateway.

If you want worker instances to operate in a private network, enable the private network deployment functionality and configure specific VPC endpoints for the subnet to let Veeam Backup for AWS use private IPv4 addresses. Alternatively, configure VPC interface endpoints as described in section Appendix C. Configuring Endpoints in AWS.

Enabling EFS Indexing

To enable indexing of the processed file systems, do the following:

1. Set the Enable indexing toggle to On.
2. In the Repositories window, select a repository where the created EFS indexes will be stored, and click Apply.

For a backup repository to be displayed in the Repositories list, it must be added to Veeam Backup for AWS as described in section Adding Backup Repositories. The list shows only backup repositories of the S3 Standard storage class that have encryption enabled and immutability disabled.

3. In the IAM role section, choose an IAM role that will be attached to the worker instances and used by Veeam Backup for AWS to communicate with these instances. The role must be assigned permissions listed in section Indexing Worker IAM Role Permissions.

For an IAM role to be displayed in the list, it must be added to Veeam Backup for AWS with the Production worker role selected as described in section Adding IAM Roles. The list shows only IAM roles that belong to the production account — account where the file systems belong. Note that the specified IAM role must be included in one or more instance profiles. For more information on instance profiles, see AWS Documentation.