S3 Repository Encryption
Veeam Backup for AWS allows you to enable encryption at the S3 repository level. Veeam Backup for AWS encrypts backup files stored in S3 repositories in the same way as Veeam Backup & Replication encrypts backup files stored in backup repositories. For details on algorithms that are used to encrypt backup files, see the Encryption Standards section in the Veeam Backup & Replication User Guide.
How S3 Repository Encryption Works
Encryption of image-level backups in S3 repositories includes the following steps:
- In S3 repository settings, you enable encryption for an S3 repository and specify a password.
For details, see Step 5. Specify Data Encryption Settings.
- In backup policy settings, you select the S3 repository as a target for image-level backups.
For details, see Step 4. Specify Backup Target Settings.
- Veeam Backup for AWS generates an encryption key to protect data stored in the S3 repository. The key is stored in the configuration database on the backup server.
- During the backup session, Veeam Backup for AWS uses the generated key to encrypt backed-up data transferred to the S3 repository.