Using Veeam Backup & Replication in AWS Environment

There can be various scenarios of using Veeam Backup & Replication in the AWS environment. For the purposes of this guide, we will consider the following use case as a primary one:

Veeam Backup & Replication is deployed on an EC2 instance.

Note

Sensitive customer data (credentials of user accounts required to connect to virtual servers and other systems, cloud credentials, and so on) is stored in the configuration database in the encrypted format. For more information, see Security Considerations.

Veeam Backup & Replication uses a scale-out backup repository (SOBR) to store backups. This SOBR consists of 2 repositories:

a Windows repository located at the same EC2 instance, where Veeam Backup & Replication is installed, as a performance tier,
an Amazon S3 object repository as a capacity tier extent.

Veeam Backup & Replication uses Veeam Agents to protect EC2 instances in the AWS Cloud. Backups are first saved to the performance tier and then offloaded to the capacity tier for long-term storage.
For access to EC2 instances, Veeam Backup & Replication uses AWS access keys. For more information, see the Access Keys for AWS Users section in the Veeam Backup & Replication User Guide.
All backups created by Veeam Backup & Replication can be encrypted. For more information, see the Data Encryption section in the Veeam Backup & Replication User Guide.

The following diagram illustrates the interaction of Veeam Backup & Replication components within the AWS environment.

Using Veeam Backup & Replication in AWS Environment

Tip

If the customer wants to back up VMs in other VPCs, they should establish connection between VPCs by using VPC Peering or Transit Gateway.

To protect EC2 instances, you must correctly configure Veeam Backup & Replication after deployment. To do that: