#Enable Backup for Amazon EC2 Instances or AWS Platform Configurations

Follow the steps below to enable backup for Amazon EC2 instances or AWS Platform Configurations (Private preview).

1. To bring your Amazon EC2 instances or AWS Platform Configurations objects to AvePoint Cloud Backup for IaaS + PaaS, you must first connect your Amazon account to AvePoint Online Services through the Management > Tenant management and then go to App management to create a service app profile for the connected Amazon tenant to authenticate the access to the resources for backup and restore.

2. Note that if your AWS organization contains multiple accounts, ensure to create an IAM user for each account. This ensures proper access to load the VMs associated with each respective account. The connection requires the access key ID and secret access key of an IAM user. The IAM user must have the following permissions:

   • iam:CreatePolicy

   • iam:GetRole

   • iam:UpdateAssumeRolePolicy

   • iam:ListPolicyVersions

   • iam:ListAccountAliases

   • iam:CreateRole

   • iam:AttachRolePolicy

   • iam:UpdateRole

   • iam:CreatePolicyVersion

   • iam:\DeletePolicyVersion

   • iam:GetAccountSummary

   • iam:SetDefaultPolicyVersion

   *Note: To create an access key of your IAM user for third-party services, refer to Create an Access Key.

   If you want to protect the Amazon EC2 instances with KMS enabled, the IAM user must be added as the key user.

   For details on connecting to Amazon tenant and creating the service app profile, refer to the following sections in AvePoint Online Services User Guide:

3. After you complete the configurations in AvePoint Online Services, go to the Backup page of the Cloud Backup for IaaS + PaaS to configure backup scope for Amazon EC2 or AWS Platform Configurations. Note that before you start creating a backup scope for Amazon EC2, you can click the Refresh button in the upper-right corner of the service page to retrieve the latest status for the data to protect. The Last refreshed time is displayed next to the Refresh button.

4. *Note: The AWS Platform Configurations backup service is currently in private preview. If you want to configure backup scopes for AWS Platform Configurations, contact your AvePoint support for assistance.

   For details on creating a backup scope, refer to

   • Create a New Backup Scope for Amazon EC2

   • Create a New Backup Scope for AWS Platform Configurations (Private Preview)

#Create an Access Key

To authenticate the requests for backup and restore, you must provide an access key (an access key ID and a secret access key).

Follow the steps below to create an access key for this user:

1. Go to the user details page and expand the Security credentials tab.

   

2. In the Access keys section, click Create access key.

3. On the Access key best practices & alternatives page, select Third-party service option.

4. In the Retrieve access keys page, copy the access key and the secret access key or choose to download a .csv file to store the information.