Glossary

This section describes product-specific terms and abbreviations that appear in the User Guide.

A

• application-aware processing — a Veeam technology that enables quiescing applications on EC2 instances and creating a consistent view of application data. See also Performing EC2 Backup.
• Availability Zone — a separate data center within an AWS Region that provides high availability for AWS resources in this region. See also Performing Entire Configuration Export.
• AWS account — a container for AWS resources that is used to manage AWS services, to configure IAM permissions and to handle service billing. See also Worker Deployment Options.
• AWS KMS key — a cryptographic key that is used to encrypt and decrypt data associated with AWS resources across AWS services. See also AWS KMS Encryption.
• AWS Organization — a collection of AWS accounts that is organized in a hierarchical structure. See also AWS Organizations.
• AWS Plug-in for Veeam Backup & Replication — an architecture component that extends the Veeam Backup & Replication functionality to enable integration of backup appliances into the backup infrastructure. See also Integration with Veeam Backup & Replication.
• AWS Region — a specific physical location where AWS resources are hosted. See also Overview.
• AWS services — cloud-based tools and AWS resources that are used for cloud computing, storage, networking and security purposes. See also AWS Services.
• AWS tag — a label (key-value pair) assigned to AWS resources that is used to organize and manage them. See also Performing Backup Using Web UI.

B

• backup appliance — a Linux-based EC2 instance that orchestrates backup and restore tasks, communicates with AWS services and stores configuration data. See also Solution Architecture.
• backup account — an AWS account that is used to perform operations with AWS resources belonging to either the same or any other AWS account. See also Worker Deployment Options.
• backup chain — a sequence of backups created by a backup policy. See also Protecting EC2 Instances.
• backup copy — a Veeam Backup & Replication functionality that enables creating copies of backed-up data in different locations, providing additional data protection and disaster recovery options. See also Creating Backup Copy Jobs.
• backup policy — a collection of settings that define the way backup operations are performed: what data to back up, which operations to perform, where to store backups, when to start the backup process, how to retain restore points and so on. See also Performing EC2 Backup.
• backup repository — a folder in an Amazon S3 bucket where Veeam Backup for AWS stores backups created by backup polices. See also Solution Architecture.
• backup server — a Windows-based physical or virtual machine that serves as the core component of the backup infrastructure. See also Solution Architecture.
• backup vault — an AWS container where Veeam Backup for AWS stores cloud-native backups created by backup polices. See also Performing DynamoDB Backup.
• Block Generation — a Veeam technology that enables managing the immutability period for backed-up data stored in backup repositories. See also Immutability.

C

• changed block tracking (CBT) — a Veeam technology that enables tracking data block changes to reduce the amount of data read from processed EBS volumes, and to increase the speed and efficiency of incremental backups. See also Changed Block Tracking.
• cloud-native backup — a restore point that Veeam Backup for AWS takes using native AWS capabilities to capture the whole image of a processed AWS resource (DynamoDB table, EFS file system, FSx file system, Redshift cluster or Redshift Serverless namespaces) at a specific point of time. See also Protecting DynamoDB Tables.
• cloud-native snapshot — a restore point that Veeam Backup for AWS takes using native AWS capabilities to capture either a set of point-in-time snapshots created for EBS volumes of an EC2 instance or a storage volume snapshot created for an RDS resource (DB instance or Amazon Aurora DB cluster). See also Protecting EC2 Instances.
• configuration database — a backup appliance component that stores data on backup policies, sessions, worker instance configurations, IAM roles, AWS resources and so on. See also Performing Configuration Backup Using Web UI.
• Cloud Credentials Manager — a configuration database where Veeam Backup & Replication stores credential records that are used to connect to components of the backup infrastructure (such as servers, virtual machines and cloud services). See also Deploying Backup Appliance.

D

• database account — an account whose credentials are used to access databases of PostgreSQL DB instances when performing image-level backup and restore operations. See also Managing Database Accounts.
• Default Backup Restore role — a role that is used to perform data protection and recovery operations within AWS accounts to which backup appliances belong. See also Deploying Backup Appliance.

G

• gateway server — a backup component that provides access between the backup server and repositories added to the backup infrastructure. See also Connecting to Existing Appliances.
• guest scripting — a Veeam Backup for AWS functionality that enables running custom scripts on EC2 instances before and after backup operations. See also Performing EC2 Backup.

H

• health check — a Veeam Backup for AWS functionality that enables verifying the availability of data blocks in backup files and the redundancy of cyclic values to ensure metadata integrity. See also Performing EC2 Backup.

I

• IAM permissions — specific actions that are granted to IAM roles to allow access to AWS services and resources. See also IAM Permissions.
• IAM policy — an AWS object that is attached to IAM roles to define their permissions. See also Appendix B. Creating IAM Policies in AWS.
• IAM role — an IAM identity whose permissions Veeam Backup for AWS uses to access AWS services and resources. See also Appendix A. Creating IAM Roles in AWS.
• IAM user — an IAM identity whose permissions Veeam Backup for AWS uses to perform restore operations. See also Plug-In Permissions.
• image-level backup — a restore point that captures the whole image of the processed AWS resource (including OS data, application data and so on) at a specific point in time. See also EC2 Backup.
• Impersonation IAM role — a specific IAM role created on the backup appliance after its deployment and used to assume IAM roles added to Veeam Backup for AWS to perform operations in the backup infrastructure. See also Managing IAM Roles.
• immutability — a Veeam Backup for AWS functionality that enables protecting restore points stored in backup repositories from deletion or loss as a result of malware, ransomware or any other malicious actions. See also Immutability.

N

• namespace — a collection of database objects and users in Amazon Redshift Serverless. See also Protecting Redshift Serverless.

O

• organizational unit — a logical subdivision within AWS Organizations that is used to group and manage AWS accounts. See also AWS Organizations.

P

• parameter group — a set of settings containing database engine configuration values applied to RDS resources. See also RDS Restore Using Console.
• product updates — updates for Veeam Backup for AWS components that deliver new features and improvements. See also Updating Appliances Using Console.
• production account — an AWS account in which Veeam Backup for AWS deploys worker instances to perform operations with processed AWS resources belonging to the same AWS account. See also Worker Deployment Options.

R

• restore point — a point-in-time cloud-native snapshot, snapshot replica, cloud-native backup and image-level backup that can be used to restore an AWS resource. See also Snapshot Chain.
• retention policy — a collection of settings that define how long Veeam Backup for AWS keeps restore points produced by backup policies. See also Retention Policies.

S

• security group — a virtual firewall that controls inbound and outbound traffic for AWS resources. See also RDS Backup.
• Self Backup service — a service that enables backing up and restoring the configuration database of the backup appliance. See also Performing Configuration Backup and Restore.
• software package updates — updates for Veeam Backup for AWS software components such as .NET, PostgreSQL, and other third-party packages required for proper operation. See also Updating Veeam Backup for AWS.
• subnet group — a collection of subnets within Amazon VPC networks assigned to AWS services for deploying and managing AWS resources. See also Restoring DB Instances.

T

• tape device — a hardware component that records and reads data sequentially, commonly used for long-term backup archiving. See also Additional Repositories and Tape Devices.

V

• Veeam Backup for AWS REST API service — a service that allows users to perform operations with Veeam Backup for AWS entities using HTTP requests and standard HTTP methods. See also Ports.

• Veeam Backup for AWS Web UI — a client-side component that is used to access and manage backup appliances through a web browser. See also Worker Instances in Private Environment.

• Veeam Backup & Replication console — a client-side component that provides access to the backup server. See also Integration with Veeam Backup & Replication.
• Veeam Data Mover — a service that is responsible for data processing and transfer. It optimizes backup performance by compressing, encrypting and transporting data between source and target locations. See also Solution Architecture.
• Veeam FLR service — a service that enables restoring individual files and folders of protected EC2 instances. See also Performing File-Level Recovery.
• Veeam Updater service — a service that enables checking, viewing and installing product and software package updates. See also Installing Updates.

• VPC interface endpoint — a private connection within an Amazon VPC network created using AWS PrivateLink to enable access to AWS services. See also Worker Instances in Private Environment.

W

• worker configuration — a group of network settings that Veeam Backup for AWS uses to deploy worker instances in a specific AWS Region to perform data protection and disaster recovery operations. See also Managing Worker Configurations.
• worker profile — a type of worker instance that Veeam Backup for AWS deploys in a specific AWS Region to perform data protection and disaster recovery operations. See also Managing Worker Profiles.
• worker instance — a temporary Linux-based EC2 instance that is responsible for the interaction between the backup appliance, AWS services and other Veeam Backup for AWS components. See also Worker Instances.
• workgroup — a collection of compute resources in Amazon Redshift Serverless. See also Protecting Redshift Serverless.
• workload — any AWS resource (for example, an EC2 instance, a RDS resource, a DynamoDB table and so on) that can be protected by Veeam Backup for AWS. See also Managing Backed-Up Data.