Adding AWS Account for Backup

Adding AWS Account for Backup

Prerequisites to Add AWS Accounts

It is necessary to  Create & Attach a Policy to the User and set up Access Key ID & Secret access key as a prerequisite action to further proceed with adding the AWS Account.

1. Create & Attach Policy to User

Create a new policy and attach it to a user in your AWS account using any of the following methods:
METHOD 1 – Using JSON to create a policy
Follow the below steps;
  1. Sign in to the AWS Management Console https://aws.amazon.com/console/
  2. Search for IAM service in the Find Services section and choose the service. This will redirect you to the Identity and Access Management(IAM) page.
  3. Choose Policies from the IAM Dashboard displayed on the left pane.
  4. Then, choose Create policy option and click on the JSON tab.
  5. On the JSON Editor, remove the existing text and then copy and paste the entire content from the following JSON policy document.
  6. Once you have entered the JSON, click on the Review policy button.
  7. On the Review policy page, provide Name and Description (optional) for the policy that you are creating and click Create Policy.
  8. Once the policy is created, you can select the user for whom the policy needs to be attached. Choose Users on the IAM Dashboard and select the name of the user from the list to attach the created policy.
  9. On the Summary page of the selected user, click on Add Permissions.
  10. Select Attach Existing Policies Directly option on the Grant Permission Page.
  11. Then, select the policy created using the above JSON from the list and click Next: Review
  12. Lastly, on the Permission Summary page, click the Add Permissions button.
METHOD 2 – Using Visual editor to create a policy
Follow the below steps;
  1. Sign in to the AWS Management Console https://aws.amazon.com/console/
  2. Search for IAM service in the Find Services section and choose the service. This will redirect you to the Identity and Access Management(IAM) page.
  3. Choose Policies from the IAM Dashboard displayed on the left pane.
  4. Then, choose Create policy option and click on the Visual Editor tab.
  5. On the Visual Editor page, click on Choose a service. Initially, add one of the following services (Eg: S3). Then, In the Actions section, select the Access level for the service chosen and expand each of the access levels to choose individual actions. In the Resources section, choose the ‘All Resources’ option. Then, click on ‘Add additional permissions’ and repeat the process to grant access to each of the services listed below.
  6. Once you have chosen the services and actions, click on the Review policy button.
  7. On the Review policy page, provide Name and Description (optional) for the policy that you are creating and click Create Policy.
  8. Once the policy is created, you can select the user for whom the policy needs to be attached. Choose Users on the IAM Dashboard and select the name of the user from the list to attach the created policy.
  9. On the Summary page of the selected user, click on Add Permissions.
  10. Select Attach Existing Policies Directly option on the Grant Permission Page.
  11. Then, select the policy created using the above JSON from the list and click Next: Review
  12. Lastly, on the Permission Summary page, click the Add Permissions button.
SERVICES
ACTIONS
S3
List – ListBucket
Read – GetObject
Write – CreateBucket, PutObject
STS
Read -GetCallerIdentity
SSM(System Manager)
List – ListDocuments
Read – GetCommandInvocation,DescribeInstanceInformation
Write – CreateDocument, SendCommand
EC2
List – DescribeAvailabilityZones, DescribeKeyPairs, DescribeVolumes, DescribeInstances, DescribeRegions, DescribeVolumeStatus, DescribeInstanceStatus, DescribeSnapshots, DescribeVpcs
Tagging – CreateTags
Write – AttachVolume, DeleteSnapshot,RegisterImage, CreateImage, DeleteVolume, RunInstances, CreateSnapshots, DeregisterImage, CreateVolume, DetachVolume

2. Access Key ID & Secret access key

  1. Sign in to the AWS Management Console https://aws.amazon.com/console/
  2. Search for IAM service in the Find Services section and choose the service. This will redirect you to the Identity and Access Management(IAM) page.
  3. Choose Users from the IAM Dashboard displayed on the left pane.
  4. Select the user to whom the policy has been attached, and then choose the Security credentials tab.
  5. In the Access keys section, you can use the existing access key or create a new key:
  1. If you have already generated an access key for the user, you will see the Access Keys list. The secret access key for this will be available in the .csv file which you downloaded earlier. You can use this access key details and add your AWS account to the BDRSuite – Backup for AWS console.
  2. To create a new access key, click the Create Access Key option. The new access keys will be generated and displayed one time on the screen. Click Download .csv file to save the Access key ID and secret access key as a CSV file on your computer. You can use this access key details and add your AWS account to the BDRSuite – Backup for AWS console.

Add AWS Accounts

It is necessary to  Create & Attach a Policy to the User and set up Access Key ID & Secret access key as a prerequisite action to further proceed with adding the AWS Account. 
You can add your AWS account for backup by clicking on Add AWS Backup option and then manage the account by editing the added details or deleting the account. All the AWS accounts you have added will be listed along with their Account Name, Authentication Type, and option to edit or delete the added account.
Depending on the AWS account you are trying to backup, you need to select the Authentication Type while adding the account to the BDRSuite Backup Server.

To add the AWS Account;

  1. Log in to your BDRSuite Backup Server web console, choose AWS, and navigate to Backup -> Configure Backup -> Add your AWS Account to backup.
  2. Enter the generated Name, Authentication type, Access key ID, and Secret Access Key. Click on ‘Save’’ to add the domain and configure backup.
  3. Once added, your AWS account will be listed.

Managing AWS Account

To edit the domain details, you can click on the Edit Account option and make the required changes in order to manage the added AWS Account.

    • Related Articles

    • Configuring AWS Backup

      Step 1: Basic Job Details Enter the following details; Backup Job Name Enter a name with which you want to identify this particular backup job. Backup Option Only EBS Snapshot Backup : By choosing this option you can backup your AWS EC2 Instances ...

    • AWS EC2 Instance Backup and Recovery

      Overview BDRSuite's AWS Backup solution provides comprehensive protection for your AWS EC2 Instances and other critical workloads, ensuring secure backups and seamless recovery in case of accidental deletion, data corruption, or system failure. Watch ...

    • Adding Mac for Backup

      Prerequisites to add Mac Before you add a Mac Endpoint to the BDRSuite Server/Client, check the following prerequisites. 1.User Account with Root Privileges: Make sure the user account you specify to add the Mac has root privileges. If you add a ...

    • Adding Backup Sources (Azure)

      Prerequisites to add Azure Account Step 1 : Generate Application ID Sign in to your Azure Account through the Azure Portal Note: Make sure the user account you use has sufficient permission to register an application and assign a role to it. Search ...

    • Is user management available for AWS backup in BDRSuite?

      User management functionality will soon be added to BDRSuite, allowing you to add multiple users with specific access privileges to backup and restore AWS EC2 instances within their managed regions or accounts.