An S3 repository is a folder in an Amazon S3 bucket where Veeam Backup for AWS stores image-level backups of EC2 instances.
To communicate with an S3 repository, Veeam Backup for AWS uses the Veeam Data Mover — the component on a worker instance that is responsible for data processing and transfer. When a backup policy addresses the S3 repository, the Veeam Data Mover establishes a connection with the S3 repository enabling data transfer.
To let the Veeam Data Mover access the target Amazon S3 bucket, Veeam Backup for AWS uses permissions of an IAM role specified in S3 repository settings.
For enhanced data security, Veeam Backup for AWS allows you to enable encryption at the S3 repository level. For details, see S3 Repository Encryption. For information on how to enable encryption at the S3 repository level, see Step 5. Specify Data Encryption Settings.
Veeam Backup for AWS allows you to store backups only in the S3 Standard storage class. S3 Standard-IA, S3 One Zone-IA and S3 Glacier storage classes are not supported.