Step 3. Specify IAM Identity for Restore

At the Account step of the wizard, specify how Veeam Backup for AWS must access AWS services and resources to perform EC2 instance restore:

An IAM role or IAM user whose access keys you will specify determine to which AWS account EC2 instances will be restored. For information on what permissions an IAM role or IAM user requires to perform restore, see this Veeam KB article.

Specifying IAM Role

To specify an IAM role for restore:

  1. Select IAM Role.
  2. Select the necessary IAM role from the list.

If you have not added the necessary IAM role to Veeam Backup for AWS beforehand, you can do it without closing the Instance Restore wizard. To add the IAM role, click Add and follow the steps described in the Adding IAM Roles section.

Step 3. Specify IAM Identity for Restore 

Specifying One-Time Access Keys of IAM User

To specify one-time access keys of an IAM user for restore:

  1. Select Temporary Access Keys.
  2. In the Access Key field, specify an access key ID of the IAM user.
  3. In the Secret Key field, specify a secret access key of the IAM user. To view the entered secret key, click and hold the eye icon on the right of the field.

Note that Veeam Backup for AWS does not store one-time access keys in the configuration database.

Step 3. Specify IAM Identity for Restore 

I want to report a typo

There is a misspelling right here:


I want to let the Veeam Documentation Team know about that.