AWS Services
To perform backup and restore operations, the AWS Plug-In for Veeam Backup & Replication, backup appliance and worker instances must have outbound internet access to the following AWS services.
AWS Services Required For AWS Plug-In for Veeam Backup & Replication
- Amazon CloudWatch
- Amazon Data Lifecycle Manager
- Amazon Elastic Compute Cloud (EC2)
- Amazon Simple Storage Service (S3)
- AWS Identity and Access Management (IAM)
- AWS Key Management Service (KMS)
- AWS Systems Manager (SSM)
- AWS Security Token Service (STS)
- AWS Service Quotas
Note |
If you plan to deploy a backup appliance with a public IP address, consider that outbound internet access must be allowed from the backup server to https://checkip.amazonaws.com/ through port 443 over the HTTPS protocol — this is required for AWS Plug-in for Veeam Backup & Replication to be able to retrieve the IP address of the backup appliance. |
AWS Services Required For Backup Appliance
- Amazon CloudWatch
- Amazon CloudWatch Events
- Amazon Elastic Block Store (EBS)
- Amazon Elastic Compute Cloud (EC2)
- Amazon Kinesis Data Streams
- AWS Lambda
- AWS Organizations
- Amazon Relational Database Service (RDS)
- Amazon Redshift and Amazon Redshift Serverless
- AWS Secrets Manager
- Amazon Elastic File System (EFS)
- Amazon FSx File Systems
- Amazon DynamoDB
- Amazon Simple Notification Service (SNS)
- Amazon Simple Queue Service (SQS)
- Amazon Simple Storage Service (S3)
- Amazon S3-control
- AWS Identity and Access Management (IAM)
- AWS Key Management Service (KMS)
- AWS Marketplace Metering Service
- AWS Resource Access Manager
- AWS Security Token Service (STS)
- AWS Service Quotas
- AWS Backup
- AWS Systems Manager (SSM), including access to the ec2messages and ssmmessages endpoints
- Elastic Load Balancing (ELB)
- Instance Metadata Service
Notes |
|
AWS Services Required For Worker Instances
- AWS Systems Manager (SSM), including access to the ec2messages and ssmmessages endpoints
- Amazon Simple Queue Service (SQS)
- Amazon Simple Storage Service (S3)
- Amazon Elastic Block Store (EBS)
- Amazon Kinesis Data Streams
Important |
If you plan to configure an HTTP proxy for the backup appliance, make sure that the security group associated with the proxy server allows direct network traffic required to communicate with the AWS services. |