This is an archive version of the document. To get the most up-to-date information, see the current version.Configuring Security Settings
The Veeam Backup for AWS REST API has the following default security settings:
- Access token lifetime is 1 hour (3600 seconds).
- Refresh token lifetime is 2 hours.
- Authorization code lifetime is 60 seconds.
- REST API port number is 11005.
However, you can change token and authorization code lifetime defaults and the REST API port number to meet the necessary security requirements. To do that:
- Connect to the EC2 instance where Veeam Backup for AWS is installed. To do that, run the following ssh command in a terminal window:
ssh -i /path/EC2_instance.pem key ubuntu@<Public DNS hostname or IPv4 address of the EC2 instance> |
- On the EC2 instance, create an override file. To do that, run the following command:
sudo systemctl edit veeamawsbackuprestfulapi.service |
- To change token, authorization code lifetime policy the REST API port number, add the following variables to the file, and set their values:
[Service] Environment=VEEAM_PUBLIC_REST_PORT=<value> Environment=VEEAM_ACCESS_TOKEN_LIFTIME_SEC=<value> Environment=VEEAM_REFRESH_TOKEN_LIFTIME_DAYS=<value> Environment=VEEAM_AUTHORIZATION_CODE_LIFETIME_SECONDS=<value> |
- Save the changes.
- Restart the veeamawsbackuprestfulapi service to apply the changes. To do that, run the following commands:
sudo systemctl daemon-reload sudo systemctl restart veeamawsbackuprestfulapi.service |