> Software > Cleanroom recovery > Setup > AWS cleanroom sites

Create a recovery group for an AWS cleanroom site

To recover to an Amazon Web Services cleanroom site, you need an AWS recovery group that specifies details about the resources to recover.

Tips
  • You can create recovery groups that include all the resources for an application, to ensure the resources are recovered in the correct sequence and to the same point in time.
  • For information about recovery group settings that aren't included on this page, see Modify settings for a cleanroom recovery group.

Start the recovery group wizard

  1. From the Command Center navigation pane, go to Cleanroom > Recovery groups.

  2. In the upper-right area of the page, click Add.

  3. Select Amazon Web Services.

  4. Click Next.

  5. Enter a descriptive name for the recovery group.

  6. Select your AWS recovery target.

  7. For Default recovery point list, select a recovery point for the recovery group.

    The Automatic option and SIEM/SOAR tools

    The Automatic option streamlines the cyber recovery process by integrating with external security information and event management (SIEM) and security orchestration, automation, and response (SOAR) tools. These tools identify compromised servers and the exact time of infection, allowing Commvault to automatically revert to the last known good state.

    Instead of SIEM/SOAR tools, you can use blast radius reports or delimited files to determine the last known good state.

    When you use the Automatic option, Commvault uses anomaly detection to ensure that infected backups are excluded. If no exclusions exist, the latest recovery point is used.

  8. Click Save.

    The recovery group appears.

Add virtual machines

  1. On the Entities tab, click Add virtual machines.

  2. Select the VMs.

  3. To repave the recovered EC2 instances by replacing the operating system disk with a known clean version, do the following:

    1. Enable the Repave VM with new secure image toggle key.

    2. For Instance type list, select EC2 instance type for the recovered EC2 instances.

    3. From the Key pair list, select the EC2 key pair that will be used to securely access the recovered EC2 instances. If you don't have an existing key pair, you may need to create one in the AWS console first.

    4. For Amazon Machine Image (AMI), select the AMI to use to specify the software configuration for the recovered EC2 instances.

      Only private AMIs are listed. To use an Amazon Marketplace AMI, enter the AMI ID.

    5. To attach both the OS disk and the data disk to the recovered EC2 instances, clear the Skip attaching OS disk check box.

      If you leave this setting selected, only the data disk is attached to the recovered EC2 instances.

  4. Click Add.

×

Loading...