Veeam Backup for AWS 9
User Guide
Archive
Version 8.0 Version 7.0
Related documents
Search

Step 3. Specify Account Settings

At the Account step of the wizard, choose whether you want to use an IAM role of a standalone AWS account, an AWS account of an AWS Organization, or one-time access keys of an IAM user to allow Veeam Backup & Replication to perform the restore operation. For information on the permissions that the IAM role or IAM user must have to perform the restore operation, see VPC Configuration Restore IAM Permissions.

Note

Depending on whether the AWS account to which the source VPC configuration belongs is a part of an AWS Organization, Veeam Backup for AWS automatically does either of the following:

  • If the AWS account is a part of an AWS Organization, Veeam Backup for AWS chooses the AWS account itself and the organization identity that contains the account — in this case, the Organization account option is selected by default.
  • If the AWS account is not a part of an AWS Organization, Veeam Backup for AWS chooses an IAM role from the AWS account — in this case, the IAM Role option is selected by default.

Specifying IAM Role of Standalone AWS Account

To specify an IAM role to be used for the restore operation, select the IAM role option and choose the necessary IAM role from the list. The selected IAM role must belong to an AWS account in which you plan to restore the VPC configuration.

For an IAM role to be displayed in the IAM role list, it must be added to Veeam Backup for AWS with the Amazon VPC Restore operation selected as described in section Adding IAM Roles. If you have not added the necessary IAM role to Veeam Backup for AWS beforehand, you can do it without closing the VPC Restore wizard. To do that, click Add and complete the Add IAM Role wizard.

Important

It is recommended that you check whether the selected IAM role has all the permissions required to perform the operation. If some permissions of the IAM role are missing, the restore operation may fail to complete successfully. To run the IAM role permission check, click Check Permissions and follow the instructions provided in section Checking IAM Role Permissions.

Specifying AWS Account of AWS Organization

To specify an AWS account to be used for the restore operation, select the Organization account option and do the following:

  1. From the Organization drop-down list, choose the necessary organization identity — either an entire AWS Organization or a limited scope of organizational units.

For an organization or a scope of organizational units to be displayed in the list of available identities, it must be added to Veeam Backup for AWS as described in section Managing AWS Organizations.

  1. From the Account drop-down list, choose an account that contains the IAM role whose permissions will be used to perform the restore operation. The role must be specified in the settings of the selected organization identity, as described in section Adding AWS Organizations (step 3).

For an AWS account to be displayed in the list of available accounts, it must be created in the the selected organization identity as described in AWS Documentation.

Specifying One-Time Access Keys of IAM User

To specify one-time access keys for restore, select the Temporary access keys option and use the Access key and Secret key fields to provide the access keys of an IAM user. Note that the IAM user must belong to an AWS account in which you plan to restore the VPC configuration.

Note

Veeam Backup for AWS does not store one-time access keys in the configuration database.

Restoring VPC Configuration

Page updated 5/2/2025

Page content applies to build 9.0.0.304

View all results across Veeam
Back to document search