Step 4. Specify IAM Identity for Restore
At the Account step of the wizard, specify how Veeam Backup for AWS must access AWS services and resources to perform EBS volume restore:
An IAM role or IAM user whose access keys you will specify determine to which AWS account EBS volumes will be restored. For information on what permissions an IAM role or IAM user requires to perform restore, see this Veeam KB article.
To specify an IAM role for restore:
- Select IAM Role.
- Select the necessary IAM role from the list.
If you have not added the necessary IAM role to Veeam Backup for AWS beforehand, you can do it without closing the Volume Restore wizard. To add the IAM role, click Add and follow the steps described in the Adding IAM Roles section.
To specify one-time access keys of an IAM user for restore:
- Select Temporary Access Keys.
- In the Access Key field, specify an access key ID of the IAM user.
- In the Secret Key field, specify a secret access key of the IAM user. To view the entered secret key, click and hold the eye icon on the right of the field.
Note that Veeam Backup for AWS does not store one-time access keys in the configuration database.