| KB ID: | 4226 |
Challenge
Solution
2. Create an S3 Interface Endpoint in your VPC. It will be assigned a DNS name that you can see in the AWS Console under VPC - Endpoints, when selecting the corresponding Endpoint.
3. On the Veean Backup Server, edit the C:\Program Files\Veeam\Backup and Replication\Backup\AmazonS3Regions.xml file by adding the DNS from step 2 with a "bucket" prefix to the corresponding region, as shown in the example below:
<Region Id="eu-central-1" Name="EU (Frankfurt)" Type="Global">
<Endpoint Type="S3">bucket.<DNS name></Endpoint>
<Endpoint Type="EC2">ec2.eu-central-1.amazonaws.com</Endpoint>
<Endpoint Type="IAM">iam.amazonaws.com</Endpoint>
<Protocol>HTTP</Protocol>
<Protocol>HTTPS</Protocol>
<LocationConstraint>eu-central-1</LocationConstraint>
<SignatureVersion>4</SignatureVersion>
</Region>
Here we edited the "eu-central-1" record, because the S3 bucket along with the PrivateLink endpoint are located in that region. The new DNS goes into the S3 Endpoint Type node.
4. Create a registry parameter on the Veeam Backup Server:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\Veeam\Veeam Backup and Replication\
- Type: DWORD
- Name: CloudRegionsDisableUpdate
- Value: 1
This will prevent Veeam from automatically updating the XML file we've edited in step 3, thus making sure your custom configuration remains untouched.
5. Having performed all steps above, you can now create a Scale-Out Backup Repository in Veeam and use the DNS from step 2 to add a Capacity Tier and/or an Archive Tier extent.
6. In order to use PrivateLink Endpoint with your Archive Tier extent, you will need some additional tweaks:
a) Create a registry parameter:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\Veeam\Veeam Backup and Replication\
- Type: DWORD
- Name: ArchiveFreezingUsePrivateIpForAmazonAppliance
- Value: 1
b) Configure a EC2 Interface Endpoint in your VPC