Configuring Snapshot Replica Settings
If you want to replicate cloud-native snapshots to other AWS accounts or regions, do the following:
- In the Replicas section of the Targets step of the wizard, set the Replicate snapshots toggle to On.
- In the Replication settings window, configure the following mapping settings for each AWS Region where source instances reside:
- Select a source AWS Region in the list and click Edit Region Mapping.
- In the Edit Region Mapping window, specify the following settings:
- From the Target account drop-down list, select an IAM role whose permissions will be used to copy and store cloud-native snapshots in a target AWS Region.
If you select an IAM role created in another AWS account, the cloud-native snapshot will be copied to a target AWS Region in that AWS account.
- From the Target region drop-down list, select a target AWS Region to which Veeam Backup for AWS must copy cloud-native snapshots.
- If you want to encrypt cloud-native snapshots copied to the target AWS Region, select the Enable encryption check box and choose the necessary KMS key from the Encryption key drop-down list. For a KMS key to be displayed in the list of available encryption keys, it must be stored in the target AWS Region, and the IAM role specified for the copy operation must have permissions to access the key. For more information on KMS keys, see AWS Documentation.
Then, use the Key usage drop-down list to choose whether you want to encrypt snapshots for all volumes or only snapshots of the encrypted volumes.
If the original EBS volume is encrypted, you must enable encryption for replicated snapshots, otherwise, the replication process will fail.
- Click Save.
To configure mapping for all source AWS Regions at once, click Set Mapping for All Regions and specify settings as described in step 2.b.
- To save changes made to the backup policy settings, click Apply.