Configuring Worker Instance Settings

To perform image-level backup or restore backed-up data, you must first configure worker instance settings.

  1. Specify an IAM role for worker instances.
  2. Configure network settings for AWS regions in which worker instances will be launched.

Specifying IAM Role

By default, Veeam Backup for AWS uses the Default Backup Restore IAM role to launch worker instances. The role is preconfigured and has all the required permissions to launch worker instances within the initial AWS account.

You can specify a different IAM role, for example, if you want Veeam Backup for AWS to launch worker instances in another AWS account. Before you specify the necessary role, make sure it is added to Veeam Backup for AWS. For information on how to add IAM roles to Veeam Backup for AWS, see Adding IAM Roles.

To specify an IAM role for worker instances:

  1. At the top right corner of the Veeam Backup for AWS window, click Configuration.
  2. In the configuration menu on the left, click Workers.
  3. On the General tab, in the Role section, click the link on the right of Worker IAM Role.
  4. In the Cloud Account window, click the necessary IAM role, and then click Apply.

Configuring Worker Instance Settings 

After you specify the IAM role, it is recommended that you check whether permissions of the specified IAM role are sufficient to launch worker instances. For information on how to check IAM role permissions, see Checking IAM Role Permissions.

Configuring Network Settings

For each AWS region in which worker instances will be launched, you must configure network settings.

  1. At the top right corner of the Veeam Backup for AWS window, click Configuration.
  2. In the configuration menu on the left, click Workers.
  3. On the General tab, in the Region Network Settings section, click Add.

Veeam Backup for AWS will launch the Add Region wizard.

  1. At the Region step of the wizard, select the AWS region and Availability Zone for which you want to configure network settings.
  1. At the Network Settings step of the wizard, select the Amazon VPC, subnet, and security group.

Veeam Backup for AWS will apply the specified network settings to worker instances that will be launched in the AWS region and Availability Zone selected at the Region step of the wizard.

Important

Consider the following:

  • If you plan to perform image-level backup or restore data from image-level backups, make sure the s3 endpoint is configured for the selected subnet. Otherwise, you may be charged additional fee for the traffic from Amazon EC2 to Amazon S3. If the s3 endpoint is not configured for the selected subnet, Veeam Backup for AWS will display a warning at the Summary step of the wizard.
  • If public IPv4 address assignment is not configured for the selected subnet, Veeam Backup for AWS will display a warning at the Summary step of the wizard.

To let Veeam Backup for AWS launch worker instances with private IPv4 addresses, the following endpoints must be configured for the selected subnet: sqs, ssm, ec2messages, ssmmessages.

For information on endpoints, see AWS Documentation.

  1. At the Summary step of the wizard, review the configured network settings and click Finish.

Configuring Worker Instance Settings 

Related Resources

I want to report a typo

There is a misspelling right here:

 

I want to let the Veeam Documentation Team know about that.