Veeam Backup for AWS 9
REST API Reference
Related documents

Organizations

The /organizations resource collection represents all AWS Organizations added to the Veeam Backup for AWS configuration database.

Perform Rescan of AWS Organization Structure

The HTTP POST request to the /organizations/amazon/rescan endpoint runs the structure rescanning operation for an AWS Organization to which the specified IAM role belongs.

SecurityBearer
Request
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema: application/json
required
rescanIamRoleId
required
string <uuid>

Specifies the system ID assigned to an IAM role in the Veeam Backup for AWS REST API. The permissions of this role are used to collect information on the AWS Organization. Note that the specified role must be created in the AWS account that manages the AWS Organization.

rescanStorageType
required
string (AmazonOrganizationRescanStorageType)

Defines whether you want to store the list of organization entities in the RAM of the backup appliance or in its configuration database.

Enum: "Database" "InMemory"
Responses
202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. One or more resources specified in the request could not be found in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/rescan
Request samples
application/json
{
  • "rescanIamRoleId": "c963aa50-056c-4578-a8af-77ff0aca8807",
  • "rescanStorageType": "Database"
}
Response samples
{}

Get Collection of AWS Organizations

The HTTP GET request to the /organizations/amazon endpoint retrieves a list of all AWS Organizations added to the Veeam Backup for AWS configuration database.

SecurityBearer
Request
query Parameters
SearchPattern
string

Returns only those items of a resource collection whose names match the specified search pattern in the parameter value.

Offset
integer <int32>

Excludes from a response the first N items of a resource collection.

Limit
integer <int32>

Specifies the maximum number of items of a resource collection to return in a response.

Sort
Array of strings (AmazonOrganizationSortColumns)

Specifies the order of items in the response. For more information, see the Veeam Backup for AWS REST API Reference Overview, section Sort Parameter

Items Enum: "nameAsc" "nameDesc" "organizationIdAsc" "organizationIdDesc" "iamRoleAsc" "iamRoleDesc" "scopeAsc" "scopeDesc" "descriptionAsc" "descriptionDesc"
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

get/api/v1/organizations/amazon
Request samples 
curl -i -X GET \
  'https://helpcenter.veeam.com/api/v1/organizations/amazon?SearchPattern=string&Offset=0&Limit=0&Sort=nameAsc' \
  -H 'Authorization: YOUR_API_KEY_HERE' \
  -H 'x-api-version: 1.7-rev0'
Response samples
{}

Add AWS Organization

The HTTP POST request to the /organizations/amazon endpoint adds an AWS Organization to the Veeam Backup for AWS configuration database.

SecurityBearer
Request
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema:
required
required
object (AmazonOrganizationSpec)

Specifies information on the AWS Organization.

Array of objects (AmazonOrganizationLimitedScopeSpec) unique

[Applies only if Veeam Backup for AWS has limited access to resources within the AWS Organization] Specifies a list of limited scopes of organizational units.

Responses
202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon
Request samples
{
  • "organization": {
    },
  • "limitedScopes": [
    ]
}
Response samples
{}

Get AWS Organization Data

The HTTP GET request to the /organizations/amazon/{organizationId} endpoint retrieves information on an AWS Organization with the specified ID.

SecurityBearer
Request
path Parameters
organizationId
required
string <uuid>

System ID assigned to an AWS Organization in the Veeam Backup for AWS REST API.

header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

get/api/v1/organizations/amazon/{organizationId}
Request samples 
curl -i -X GET \
  'https://helpcenter.veeam.com/api/v1/organizations/amazon/{organizationId}' \
  -H 'Authorization: YOUR_API_KEY_HERE' \
  -H 'x-api-version: 1.7-rev0'
Response samples
{}

Modify AWS Organization

The HTTP PUT request to the /organizations/amazon/{organizationId} endpoint updates settings of an AWS Organization with the specified ID.

SecurityBearer
Request
path Parameters
organizationId
required
string <uuid>

System ID assigned to an AWS Organization in the Veeam Backup for AWS REST API.

header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema:
required
required
object (AmazonOrganizationSpec)

Specifies information on the AWS Organization.

Array of objects (AmazonOrganizationLimitedScopeSpec) unique

[Applies only if Veeam Backup for AWS has limited access to resources within the AWS Organization] Specifies a list of new limited scopes of organizational units to be created.

Array of objects (AmazonOrganizationLimitedScopeExistingSpec) unique

[Applies only if Veeam Backup for AWS has limited access to resources within the AWS Organization] Specifies a list of existing limited scopes of organizational units to be updated.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

put/api/v1/organizations/amazon/{organizationId}
Request samples
{
  • "organization": {
    },
  • "newLimitedScopes": [
    ],
  • "changedLimitedScopes": [
    ]
}
Response samples
{}

Remove AWS Organization

The HTTP DELETE request to the /organizations/amazon/{organizationId} endpoint removes an AWS Organization with the specified ID from the Veeam Backup for AWS configuration database.

NOTE
Before you remove an AWS Organization from the configuration database, make sure that the organization is not used by Veeam Backup for AWS.

SecurityBearer
Request
path Parameters
organizationId
required
string <uuid>

System ID assigned to an AWS Organization in the Veeam Backup for AWS REST API.

header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Responses
204

No Content

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

delete/api/v1/organizations/amazon/{organizationId}
Request samples 
curl -i -X DELETE \
  'https://helpcenter.veeam.com/api/v1/organizations/amazon/{organizationId}' \
  -H 'Authorization: YOUR_API_KEY_HERE' \
  -H 'x-api-version: 1.7-rev0'
Response samples
{
  • "type": "http://example.com",
  • "title": "string",
  • "status": 400,
  • "errorCode": "AccessDenied",
  • "details": "string",
  • "instance": "http://example.com",
  • "data": {
    }
}

Get AWS Organization Structure Rescan Results

The HTTP POST request to the /organizations/amazon/rescan/{sessionId}/identitiesInMemory endpoint allows you to retrieve the results of a structure rescan task with the specified ID, performed for an AWS Organization that has not yet been added to the Veeam Backup for AWS configuration database.

NOTE
To retrieve the structure of the entire organization, specify the sessionId parameter and set the expandChildNodes parameter to true. If you specify only the sessionId parameter, the response will return the structure of the top-level node.

SecurityBearer
Request
path Parameters
sessionId
required
string <uuid>

Specifies the system ID in the Veeam Backup for AWS REST API that is assigned to a structure rescan session performed for an AWS Organization.

query Parameters
ContainerId
string

Specifies the AWS ID of an organizational unit whose structure must be returned in the response.

expandChildNodes
boolean

Defines whether to return all child AWS identities within the AWS Organization, the specified organizational unit, or the defined scope of organizational units.

ReturnAsTree
boolean

Defines whether the structure of the AWS Organization must be represented in the hierarchical format.

offset
integer <int32>

Excludes from a response the first N items of AWS identities.

limit
integer <int32>

Specifies the maximum number of items of AWS identities to return in a response.

SearchPattern
string

Returns only those items of AWS identities whose names match the specified search pattern in the parameter value.

TypeFilter
string

Specifies a type of AWS identity that must be returned in a response.

Enum: "Unit" "Account"
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema:

Specifies the scope of organizational units whose structure must be returned in the response.

includedMembers
required
Array of strings unique

Specifies AWS IDs of the organizational units that must be returned in the response.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/rescan/{sessionId}/identitiesInMemory
Request samples
{
  • "includedMembers": [
    ]
}
Response samples
{
  • "identities": [
    ],
  • "tree": {
    },
  • "statistics": {
    },
  • "totalCount": 0
}

Get Structure of AWS Organization Added to Veeam Backup for AWS

The HTTP POST request to the /organizations/amazon/{organizationId}/identitiesInDb endpoint allows you to retrieve the structure of an AWS Organization added to the Veeam Backup for AWS configuration database, including AWS identities and their relationships.

NOTE
To retrieve the structure of the entire organization, specify the organizationId parameter and set the expandChildNodes parameter to true. If you specify only the organizationId parameter, the response will return the structure of the top-level node.

SecurityBearer
Request
path Parameters
organizationId
required
string <uuid>

Specifies the system ID assigned to an AWS Organization in the Veeam Backup for AWS REST API.

query Parameters
ContainerId
string <uuid>

Specifies the system ID assigned in the Veeam Backup for AWS REST API to an organizational unit whose structure must be returned in the response.

LimitedScopeId
string <uuid>

Specifies the system ID assigned to a limited scope of organizational units in the Veeam Backup for AWS REST API.

ExpandChildNodes
boolean

Defines whether to return all child AWS identities within the AWS Organization, the specified organizational unit, or the defined scope of organizational units.

ReturnAsTree
boolean

Defines whether the structure of the AWS Organization must be represented in the hierarchical format.

offset
integer <int32>

Excludes from a response the first N items of AWS identities.

limit
integer <int32>

Specifies the maximum number of items of AWS identities to return in a response.

SearchPattern
string

Returns only those items of AWS identities whose names match the specified search pattern in the parameter value.

TypeFilter
string

Specifies a type of AWS identity that must be returned in a response.

Enum: "Unit" "Account"
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema:

Specifies the scope of organizational units whose structure must be returned in the response.

includedMembers
required
Array of strings unique

Specifies AWS IDs of the organizational units that must be returned in the response.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/{organizationId}/identitiesInDb
Request samples
{
  • "includedMembers": [
    ]
}
Response samples
{
  • "identities": [
    ],
  • "tree": {
    },
  • "statistics": {
    },
  • "totalCount": 0
}

Validate Removing of AWS Organization

The HTTP POST request to the /organizations/amazon/{organizationId}/validateDelete endpoint checks whether the organization with the specified ID is not used by Veeam Backup for AWS and can be removed from the configuration database.

SecurityBearer
Request
path Parameters
organizationId
required
string <uuid>

System ID assigned to an AWS Organization in the Veeam Backup for AWS REST API.

header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. One or more resources specified in the request could not be found in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/{organizationId}/validateDelete
Request samples 
curl -i -X POST \
  'https://helpcenter.veeam.com/api/v1/organizations/amazon/{organizationId}/validateDelete' \
  -H 'Authorization: YOUR_API_KEY_HERE' \
  -H 'x-api-version: 1.7-rev0'
Response samples
[
  • {
    }
]

Validate Removing of Multiple AWS Organizations

The HTTP POST request to the /organizations/amazon/validateDelete endpoint checks whether the organizations with the specified IDs are not used by Veeam Backup for AWS and can be removed from the configuration database.

SecurityBearer
Request
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema: application/json
required
items
required
Array of strings <uuid> unique
Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid.

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. One or more resources specified in the request could not be found in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/validateDelete
Request samples
application/json
{
  • "items": [
    ]
}
Response samples
{
  • "results": [
    ]
}

Check AWS Organization Configuration

The HTTP POST request to the /organizations/amazon/testConfiguration endpoint checks whether the IAM role used to collect information on the specified AWS Organization has all the required permissions, and whether the IAM roles used to perform backup and restore operations meet the Veeam Backup for AWS requirements.

SecurityBearer
Request
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema:
required
object (CreateAmazonOrganizationSpec)

Specifies details on the AWS Organization you want to add.

object (UpdateAmazonOrganizationSpec)

Specifies details on the AWS Organization you want to modify.

rescanSessionId
string <uuid>

[Applies only if the AWS Organization has not yet been added to the Veeam Backup for AWS configuration database] Specifies the session ID of the infrastructure rescanning operation performed for an AWS Organization.

Responses
202

Accepted

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/testConfiguration
Request samples
{
  • "create": {
    },
  • "update": {
    },
  • "rescanSessionId": "10437ea3-6ba6-4b6e-a615-0ea67a25e346"
}
Response samples
{}

Export Collection of AWS Organizations

The HTTP POST request to the /api/v1/organizations/amazon/export endpoint exports a list of all AWS Organizations added to the Veeam Backup for AWS configuration database to a .CSV or an .XML file. To specify the required type of the file, use the Accept request header.

SecurityBearer
Request
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Responses
200

OK

401

Unauthorized. The Authorization header does not contain an access token, or the provided access token is invalid.

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/export
Request samples 
curl -i -X POST \
  https://helpcenter.veeam.com/api/v1/organizations/amazon/export \
  -H 'Authorization: YOUR_API_KEY_HERE' \
  -H 'x-api-version: 1.7-rev0'

Check Adding AWS Organization

The HTTP POST request to the /organizations/amazon/checkOrganizationExists endpoint checks whether the AWS organization to which the specified IAM role belongs has already been added to the Veeam Backup for AWS configuration database.

SecurityBearer
Request
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema: application/json
required
rescanIamRoleId
required
string <uuid>

Specifies the system ID assigned to an IAM role in the Veeam Backup for AWS REST API. The permissions of this role are used to collect information on the AWS Organization.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/checkOrganizationExists
Request samples
application/json
{
  • "rescanIamRoleId": "c963aa50-056c-4578-a8af-77ff0aca8807"
}
Response samples
{
  • "isRescanIamRoleValid": false,
  • "conflictingOrganizationId": "3fa85f64-5717-4562-b3fc-2c963f66afa6"
}

Validate AWS Organization Name

The HTTP POST request to the /organizations/amazon/validateName endpoint checks whether the name you plan to specify for an AWS Organization in Veeam Backup for AWS is unique and meets the Veeam Backup for AWS requirements.

NOTE
The length of the AWS Organization name must not exceed 127 characters.

SecurityBearer
Request
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema: application/json
required
organizationName
required
string

Specifies a name for an AWS Organization.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/validateName
Request samples
application/json
{
  • "organizationName": "string"
}
Response samples
{
  • "isValid": true,
  • "isUnique": true
}

Validate AWS Organization Settings

The HTTP POST request to the /organizations/amazon/validateOrganization endpoint validates the configured settings of an AWS Organization before adding it to Veeam Backup for AWS or modifying it.

SecurityBearer
Request
header Parameters
x-api-version
required
string
Default: 1.7-rev0

Specifies the current version and revision of the Veeam Backup for AWS REST API.

Request Body schema: application/json
required
object (CreateAmazonOrganizationSpec)

Specifies details on the AWS Organization you want to add.

object (UpdateAmazonOrganizationSpec)

Specifies details on the AWS Organization you want to modify.

rescanSessionId
string <uuid>

[Applies only if the AWS Organization has not yet been added to the Veeam Backup for AWS configuration database] Specifies the session ID of the infrastructure rescanning operation performed for an AWS Organization.

Responses
200

OK

400

Bad Request. The request body is malformed, incomplete or otherwise invalid

401

Unauthorized. The authorization header has been expected but not found (or found but is expired).

403

Forbidden. The user sending a request does not have adequate privileges to access one or more objects specified in the request.

404

Not Found. Failed to find one or more resources specified in the request in the specified resource collection.

500

Internal Server Error. The request has been received but could not be completed because of an internal error on the server side.

503

Service Unavailable

504

Gateway Timeout

post/api/v1/organizations/amazon/validateOrganization
Request samples
application/json
{
  • "create": {
    },
  • "update": {
    },
  • "rescanSessionId": "10437ea3-6ba6-4b6e-a615-0ea67a25e346"
}
Response samples
[
  • {
    }
]