You must create an AWS hypervisor to direct operations for scaling out AWS access nodes.
In environments that have multiple AWS accounts, you must associate this hypervisor with the AWS IAM Admin User account. Then, for each AWS tenant account, you must create an additional AWS hypervisor that will use the account resources that are configured in this hypervisor. You must configure both the hypervisor, which is associated with the AWS IAM Admin account, and the additional AWS tenant hypervisors to authenticate using an IAM role.
Before You Begin
-
If you are using an on-premises access node (MediaAgent), then in the AWS console, you must configure an IAM user with the AmazonEC2RoleforSSM policy attached and the restricted backup-restore JSON file attached.
You can find the policy in the AWS console at arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM. To download the JSON file from your browser, see amazon_restricted_role_permissions.json.
-
Verify that the Command Center contains either a server that represents an EC2 access node or an on-premises VSA access node. You will select this access node as part of creating the hypervisor.
For more information, see Configuring Automatic Scaling for Access Nodes.
Procedure
-
From the navigation pane, go to Protect > Virtualization.
The Virtual machines page appears.
-
On the Hypervisors tab, click Add hypervisor.
-
From the Select vendor list, select Amazon.
-
In Client name, type a descriptive name for the hypervisor.
-
Optional: Specify a region for the access nodes you are adding to the hypervisor. From the Regions list, select a region.
-
Under Authentication, configure the appropriate authentication method for the type of access node you will select:
-
If you will use an EC2 access node for this hypervisor, select IAM role, and then enter the key values.
-
If you will use an on-premises VSA access node for this hypervisor, select either IAM role or Access and secret key, and then enter the key values.
Note
If you select IAM role for the Amazon client, but a proxy that is not associated with the IAM role is used for a backup or restore, the operation fails.
-
-
From the Access nodes list, select either the EC2 access node or the on-premises VSA access node.
-
Click Save.
What to Do Next
-
For environments that have multiple AWS accounts, add an additional hypervisor for each AWS tenant account.
-
For all other environments, Configuring a Hypervisor for Automatic Scaling.
Related Topics
-
For more information about AWS IAM Admin User accounts, in the AWS documentation, see Creating Your First IAM Admin User and Group.
-
For more information about the use of AWS IAM Admin User accounts in the Commvault software, see Using Resources from an Admin Account.