To start working with Veeam Backup for AWS, complete the following steps.
- Install and access Veeam Backup for AWS from a web browser.
- Add IAM roles.
Veeam Backup for AWS accesses AWS resources that are required to perform data protection and disaster recovery operations through IAM roles. For details, see IAM Roles.
If you want to back up or restore EC2 instance data within a single AWS account, you can use the Default Backup Restore IAM role. This IAM role is created and added to Veeam Backup for AWS during the product installation. The Default Backup Restore IAM role has permissions on all EC2 instances and S3 buckets in an AWS account where Veeam Backup for AWS is installed (initial AWS account).
If you want to back up or restore EC2 instance data between two AWS accounts or use separate IAM roles with minimum set of permissions for each operation, create IAM roles in the initial AWS account and add them to Veeam Backup for AWS. For details on how to add IAM roles to Veeam Backup for AWS, see Adding IAM Roles.
- Configure backup infrastructure.
- Configure an S3 repository.
Veeam Backup for AWS uses an Amazon S3 bucket as a target location for EC2 instance backups. To add an Amazon S3 bucket to Veeam Backup for AWS, configure an S3 repository. For details, see Adding S3 Repositories.
This step is not required if you plan to protect EC2 instances only with cloud-native snapshots.
- Configure network settings for worker instances.
To perform most data protection and disaster recovery operations, Veeam Backup for AWS uses worker instances. Worker instances are launched for the duration of the backup or restore process. In worker instance settings, you must specify the Amazon VPC, subnet, and security group to which worker instances must be connected.
- Configure a policy to create image-level backups and/or cloud-native snapshots of EC2 instances.
For details, see Creating Policies.
- Perform recovery operations with backed-up data in case of a disaster.
For details, see Data Recovery.