Configuring Snapshot Replica Settings
If you want to replicate cloud-native snapshots to other AWS accounts or regions, do the following:
- In the Snapshots section of the Targets step of the wizard, set the Replicate snapshots toggle to On.
- In the Replication settings window, configure the following mapping settings for each AWS Region where source instances reside:
- Select a source AWS Region in the list and click Edit Region Mapping.
- In the Edit Region Mapping window, specify the following settings:
- From the Target account drop-down list, select an IAM role whose permissions will be used to copy and store cloud-native snapshots in a target AWS Region.
If you select an IAM role created in another AWS account, the cloud-native snapshot will be copied to the target AWS Region in that AWS account.
- From the Target region drop-down list, select the target AWS Region to which Veeam Backup for AWS must copy cloud-native snapshots
- If you want to encrypt cloud-native snapshots copied to the target AWS Region, select the Enable encryption check box and choose the necessary AWS Key Management Service (AWS KMS) customer master keys (CMKs) from the Encryption key drop-down list. For a CMK to be displayed in the list of available encryption keys, it must be stored in the AWS Region selected at step 3 and the IAM role specified for the backup operation must have permissions to the CMK. For more information on CMKs, see AWS Documentation.
Then use the Key Usage drop-down list to choose whether you want to encrypt snapshots for all instances or only snapshots of the encrypted instances.
If the original RDS instance is encrypted, you must enable encryption for replicated snapshots, otherwise the replication process will fail.
- Click Save.
To configure mapping for all source AWS Regions at once, click Set Mapping for All Regions and specify settings as described in step 2.b.