Permissions
For general requirements for permissions that must be provided to the user account to install and work with Veeam Backup & Replication, see Permissions. In addition to general port requirements, make sure that user accounts have permissions listed in the following subsections:
Note |
If you plan to restore SAP HANA databases using Veeam Explorer for SAP HANA, consider the required permissions listed in the Permissions section of Veeam Explorers User Guide. |
Operation | Required Roles and Permissions |
---|---|
Installing and updating Veeam Plug-In | The account used for installing and updating Veeam Plug-In must have root privileges. |
Connecting to Veeam Backup & Replication, managing backups |
To learn how to grant permissions on Veeam repositories, see Access and Encryption Settings on Repositories.
|
Permissions for Object Storage
The general permissions for backup to object storage are listed in Using Object Storage Repositories. Additional permissions are required if you want to back up databases with Veeam Plug-In. The list of additional permissions differs depending on the selected object storage and the way you set your backup infrastructure:
- Amazon S3
- S3 compatible (including IBM Cloud Object Storage and Wasabi Cloud Storage)
- Google Cloud Storage
Consider the following:
- Make sure the user account you are using has access to Amazon buckets and folders.
- The ListAllMyBuckets permission is not required if you specify the bucket name explicitly at the Bucket step of the New Object Repository wizard.
- If you plan to use Amazon S3 storage with immutability enabled, see permissions required for immutability in Using Object Storage Repositories. For details about immutability, see Immutability for Object Storage Repositories.
Make sure that your infrastructure configuration fits the following description:
- You plan to back up data to the Amazon S3 storage.
- You selected direct connection in the object storage settings. For details, see Adding Amazon S3 Object Storage.
If you plan to back up data using such infrastructure configuration, make sure the user account that you use to connect to the object storage has the following permissions:
{ |
S3 Compatible (Including IBM Cloud Object Storage, Wasabi Cloud Storage)
Consider the following:
- Make sure the user account you are using has access to Amazon buckets and folders.
- The ListAllMyBuckets permission is not required if you specify the bucket name explicitly at the Bucket step of the New Object Repository wizard.
- If you plan to use Amazon S3 storage with immutability enabled, see permissions required for immutability in Using Object Storage Repositories . For details about immutability, see Immutability for Object Storage Repositories.
Make sure that your infrastructure configuration fits the following description:
- You plan to back up data to the S3 compatible storage.
- Direct connection is selected in the object storage settings. For details, see Specify Object Storage Account.
- The Provided by IAM/STS object storage capabilities option is selected for the object storage. For details, see Managing Permissions for S3 Compatible Object Storage.
If you plan to back up data using such infrastructure configuration, make sure the user account that you use to connect to the object storage has the following permissions:
{ |
Make sure that your infrastructure configuration fits the following description:
- You plan to back up data to the Google Cloud storage.
- You configured Helper Appliance in the object storage settings. For details, see Configuring Helper Appliance.
- You selected direct connection in the object storage settings. For details, see Specify Object Storage Account.
If you plan to back up data using such infrastructure configuration, make sure the user account that you specify in the Helper Appliance settings has the following permissions:
{ |