Challenge
How to create the required IAM role using Add IAM Role wizard and Access Keys.Solution
To create IAM role using Access Keys you should do following steps.
- Within Veeam Backup for AWS, go to Configuration -> Accounts.
- Under the IAM Roles tab, click Add.
- Specify IAM Role Friendly name (used in Veeam Backup for AWS grid) and click Next.
- Select IAM Mode “Create a new IAM Role” and click Next.
- On the AWS Identity step, specify the IAM Role name to be created within AWS.
- Select the required role type(s).
- Provide the Access Keys:
- Click Next and then Finish.
To learn how to create access keys, see the AWS Documentation.
The user whose keys you will use to create an IAM role should have the following permissions:
"iam:CreatePolicy", "iam:GetRole", "iam:UpdateAssumeRolePolicy", "iam:GetPolicy", "iam:CreateRole", "iam:AttachRolePolicy"
The new IAM role with the required permissions you have selected will be created in AWS and will be added to Veeam Backup for AWS automatically. After that you can use this role where you require.
There are currently 3 options available:
- Service role
- Policy role
- Repository role