Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest
This article documents the granular permissions needed for connecting to an existing Veeam Backup for AWS appliance.
Alternatively, cumulative permissions are listed in the Integration with Veeam Backup for AWS Guide.
To connect to an existing Veeam Backup for AWS appliance, use an AWS account with the following profile:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:PutObject"
],
"Resource": "*"
}
]
}
To connect to an existing Veeam Backup for AWS appliance and be able to upgrade the appliance, use an AWS account with the following profile:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:DescribeVolumes",
"ec2:CreateSnapshot",
"ec2:DescribeSnapshots",
"ec2:DeleteSnapshot",
"ec2:StopInstances",
"ec2:StartInstances",
"ec2:DetachVolume",
"ec2:DeleteVolume",
"ec2:CreateVolume",
"ec2:AttachVolume",
"iam:ListAttachedRolePolicies",
"iam:ListInstanceProfilesForRole",
"iam:ListRolePolicies",
"iam:PutRolePolicy",
"iam:UpdateAssumeRolePolicy",
"iam:GetAccountSummary",
"iam:SimulatePrincipalPolicy",
"iam:ListAttachedRolePolicies",
"iam:ListPolicyVersions",
"iam:GetPolicyVersion",
"iam:CreatePolicyVersion",
"iam:GetRole",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:PutObject",
"sts:GetCallerIdentity"
],
"Resource": "*"
}
]
}
Your feedback has been received and will be reviewed.
Please try again later.
This form is only for KB Feedback/Suggestions, if you need help with the software open a support case
Your feedback has been received and will be reviewed.