Step 3. Specify IAM Identity
At the Account step of the wizard, specify an IAM role whose permissions Veeam Backup for AWS will use to perform the export operation.
Make sure, that the specified IAM role belongs to an AWS account in which you plan to restore the VPC configuration.
To specify an IAM role for export:
- Select the IAM Role option.
- Select the necessary IAM role from the list.
For an IAM role to be displayed in the IAM Role list, it must be added to Veeam Backup for AWS as described in Adding IAM Roles. If you have not added the necessary IAM role to Veeam Backup for AWS beforehand, you can do it without closing the VPC Restore wizard. To add an IAM role, click Add and complete the Add Account wizard.
It is recommended that you check whether the selected IAM role has all the required permissions to perform export. To run the IAM role permission check, click Check permissions. Veeam Backup for AWS will display the Permissions check window where you can view the progress and results of the performed check. If the IAM role permissions are insufficient, the check will complete with errors. You can view the list of permissions that must be granted to the IAM role in the Missing Permissions column.
You can grant the missing permissions to the IAM role in the IAM Management Console or instruct Veeam Backup for AWS to do it. To learn how to grant permissions to an IAM Role using the IAM Management Console, see AWS Documentation.