You can recover Amazon EC2 instances and related Amazon VPC resources, without delays.
Specifically, you can back up key VPC resources across regions and accounts, recover deleted resources in minutes, and recover known good Amazon EC2 and Amazon VPC configurations in place. For a list of resources that are protected, see Amazon VPC Resources That Commvault Protects.
Verify the IAM Policy
Verify that amazon_restricted_role_permissions.json policy is assigned to the IAM user or IAM role that is used to authenticate to the Amazon EC2 hypervisor that contains the VPC resources that you want to protect. For more information, see Requirements and Usage for AWS IAM Policies and Permissions.
Commvault recommends controlling access to AWS resources using tags or TagKeys to further restrict the scope of access for Commvault data protection operations.
Enable VPC Protection in Commvault
To enable backups and restores of the AWS network configuration, add the bAWSBackupNetworkConfig and bAWSRestoreNetworkConfig entity settings to all access nodes that are used for Amazon EC2 backups and restores. To enable the Instance configuration files restore option for Amazon EC2, add the showAwsVmfileRestore entity setting to the web server.
The entity settings take effect with the next Amazon EC2 backup and restore.
To restore a VPC, you must have at least one VPC-enabled backup to restore from.
Add bAWSBackupNetworkConfig to Enable VPC Data Collection
To instruct Commvault to collect VPC resources and attributes during Amazon EC2 backups, you must enable VPC data collection.
From the navigation pane, go to Manage > System.
Click the Additional settings tile.
The Additional settings page appears.
Click Add, and then select Entity settings.
The Add entity settings dialog box appears.
In the Name box, enter bAWSBackupNetworkConfig.
From the Entity list, select the access nodes that are used for Amazon EC2 backups and restores.
From the Category list, select VirtualServer.
From the Type list, select Boolean.
In the Value box, enter True.
In the Comment box, enter an explanation for the change.
Click Save.
The Additional settings page appears.
Add bAWSRestoreNetworkConfig to Enable VPC Recovery
To enable the automated recovery of missing VPC resources during a full instance Amazon EC2 restore, you must enable VPC recovery.
From the navigation pane, go to Manage > System.
Click the Additional settings tile.
The Additional settings page appears.
Click Add, and then select Entity settings.
The Add entity settings dialog box appears.
In the Name box, enter bAWSRestoreNetworkConfig.
From the Entity list, select the cloud access nodes.
From the Category list, select VirtualServer.
From the Type list, select Boolean.
In the Value box, enter True.
In the Comment box, enter an explanation for the change.
Click Save.
The Additional settings page appears.
Add showAwsVmfileRestore to Enable VPC Forensic Configuration Restores
To enable the recovery of VPC resources and attributes configuration as a JSON flat-file, you must enable the Amazon EC2 configuration file restore type.
From the navigation pane, go to Manage > System.
Click the Additional settings tile.
The Additional settings page appears.
Click Add, and then select Entity settings.
The Add entity settings dialog box appears.
In the Name box, enter showAwsVmfileRestore.
From the Entity list, select the web server.
From the Category list, select WebConsole.
From the Type list, select Boolean.
In the Value box, enter True.
In the Comment box, enter an explanation for the change.
Click Save.