Configuring Image-Level Backup Settings

In the Backups section of the Targets step of the wizard, you can instruct Veeam Backup for AWS to create image-level backups of the processed EC2 instances, to deploy worker instances used to create the backups in the production account — account to which the IAM role specified at step 3.1 belongs, and to copy backups to a long-term archive storage. To learn how Veeam Backup for AWS creates image-level backups, see EC2 Backup.

  • To create image-level backups of the selected EC2 instances, do the following:
  1. Set the Enable backups toggle to On.
  2. In the Repositories window, select a standard repository where the created image-level backups will be stored, and click Apply.

For a backup repository to be displayed in the repository list, it must be added to Veeam Backup for AWS as described in section Adding Backup Repositories. The list shows only backup repositories of the S3 Standard storage class.

  1. Select the Archives will be stored in check box.
  2. In the Repositories window, select an archive repository where the archived data will be stored, and click Apply.

For an archive repository to be displayed in the repository list, it must be added to Veeam Backup for AWS as described in section Adding Backup Repositories. The list shows only backup repositories of the S3 Glacier or S3 Glacier Deep Archive storage classes.

For more information on backup archiving, see Enabling Backup Archiving.

Important

If you enable the backup archiving mechanism, consider that data encryption must be either enabled or disabled for both backup and archive repositories. This means that you cannot select an encrypted repository and an unencrypted repository in one backup policy. However, the selected repositories can have different encryption schemes (password and KMS encryption).

  1. Set the Deploy workers in production account toggle to On.
  2. From the IAM role drop-down list, select an IAM role that will be attached to the launched worker instances and used by Veeam Backup for AWS to communicate with them. For more information on permission required for the specified IAM role, see Backup and Restore IAM Role Permissions.

For an IAM role to be displayed in the list, it must belong to the same account to which the IAM role selected at step 3.1 belongs, and must be added to Veeam Backup for AWS beforehand as described in section Adding IAM Roles.

Note

By default, Veeam Backup for AWS launches worker instances in the Backup account. For more information, see Managing Worker Configurations.

Creating EC2 Backup Policy