Configuring Private Networks
If you want worker instances to operate in a private environment — that is, to allow Veeam Backup for AWS to deploy worker instances with disabled auto-assignment of Public IPv4 addresses — you must configure specific endpoints for services used by the backup appliance to perform backup and restore operations:
Operation | Worker Instance Location | Possibility to Deploy Worker Instances in Production Accounts | Interface Endpoints | S3 Interface Endpoints |
|---|---|---|---|---|
Creating EC2 image-level backups | AWS Region in which a processed EC2 instance resides | Yes |
|
|
Restoring EC2 instances from image-level backups | AWS Region to which an EC2 instance is restored | Yes |
|
|
Restoring EC2 volumes from image-level backups | AWS Region to which the volumes of a processed EC2 instance are restored | Yes |
|
|
Performing health check for EC2 backups | AWS Region in which a backup repository with backed-up data resides | No |
|
|
Creating EC2 archived backups | AWS Region in which a standard backup repository with backed-up data resides | No |
|
|
Creating RDS image-level backups | AWS Region in which a processed DB instance resides | Yes |
|
|
Restoring PostgreSQL DB instances from image-level backups | AWS Region to which a PostgreSQL DB instances is restored | Yes |
|
|
Performing health check for RDS backups | AWS Region in which a backup repository with backed-up data resides | No |
|
|
Creating RDS archived backups | AWS Region in which a standard backup repository with backed-up data resides | No |
|
|
Applying retention policy settings to created restore points | AWS Region in which a backup repository with backed-up data resides | No |
|
|
Performing file-level recovery from image-level backups | AWS Region in which a backup repository with backed-up data resides | No |
|
|
Performing file-level recovery from cloud-native snapshots and replicated snapshots | AWS Region in which a snapshot is located |
|
|
|
Performing EFS indexing | Availability Zone in which a file system has a mount target created | Yes |
|
|
To create these endpoints, use the specified endpoint names, where <region> is the name of an AWS Region in which worker instances will be launched.
How to Configure Private Networks
Note |
This section provides instructions on steps performed in a third-party application. Keep in mind that the instructions may become outdated. For up-to-date instructions, see AWS Documentation. |
To configure private networks, use either of the following options:
- Configuring private networks to deploy worker instances in the backup account.
- Configuring private networks to deploy worker instances in production accounts.
Note |
Following the provided instructions is not the only way to configure connectivity between your VPCs. Keep in mind that there exists a number of other possible workarounds. |