Veeam Backup for AWS 9.1
User Guide
Related documents
Search

Organization Rescan IAM Permissions

To allow Veeam Backup for AWS to collect information on AWS Organizations, the Organization rescan IAM role specified in the organization settings must meet the following requirements:

  1. The backup appliance must be granted permissions to assume the IAM role. For more information on the requirements for adding IAM roles, see Before You Begin.
  1. The IAM role must be granted the following permissions:

{

   "Version": "2012-10-17",

   "Statement": [

       {

           "Effect": "Allow",

           "Action": [

               "iam:GetContextKeysForPrincipalPolicy",

               "iam:ListAccountAliases",

               "iam:SimulatePrincipalPolicy",

               "organizations:DescribeAccount",

               "organizations:DescribeOrganizationalUnit",

               "organizations:DescribeOrganization",

               "organizations:ListChildren",

               "organizations:ListRoots"

           ],

           "Resource": "*"

       }

   ]

}

 

To learn how to create IAM roles and assign them the required permissions, see Appendix A. Creating IAM Roles in AWS.

Page updated 4/28/2025

Page content applies to build 9.1.0.45

View all results across Veeam Help Center
Back to document search