When you configure backups for Amazon EC2 instances, the configuration wizard helps you create any new entities that are needed, such as a hypervisor to represent your AWS account and a VM group that specifies the instances to back up.
Configuring an Admin Account
Start the Configuration Wizard
-
From the Command Center navigation pane, go to Protect > Virtualization.
The Overview page appears.
-
In the upper-right area of the page, click Add hypervisor.
The Configure Hypervisor page appears.
-
Select Amazon Web Services.
-
Click Next.
The Add Hypervisor page of the configuration wizard appears.
Add Hypervisor
-
In Server name, enter a descriptive name for the admin hypervisor.
-
For Regions, enter the AWS Regions that the instances reside in.
You can enter multiple Regions as a comma-separated list. For example, you can enter us-east1,us-west1.
-
Select the authentication method to use.
Important
As a best practice, AWS recommends using IAM roles instead of access keys. For more information, see Security best practices in IAM in the AWS documentation.
-
If you selected the STS assume role with IAM policy or Access and secret key for the authentication method, for Credentials, select existing credentials or create new credentials.
Steps to create credentials with STS assume role with IAM policy
-
Click the add button .
The Add credential dialog box appears.
-
In Credential name, enter a descriptive name for the credentials.
-
In Role ARN, enter the ARN of IAM role in the AWS account.
-
If an external ID is specified in the IAM role trust policy, in External ID, enter the value.
For more information about using an external ID, see Using an External ID with the AWS STS AssumeRole API Authentication Method.
-
In Description, enter a description of the credentials.
Steps to create credentials with Access and secret key
-
Click the add button .
The Add credential dialog box appears.
-
For Credential Vault, select the credentials to use.
-
In Credential name, enter a descriptive name for the credentials.
-
In Access key ID, enter the access key ID.
-
In Secret access key, enter the secret access key.
-
In Description, enter a description of the credentials.
-
-
From the Access nodes list, select the access node to use.
The Add VM Group page of the configuration wizard appears.
Add VM Group
You must create a VM group to proceed with the configuration. However, since you are configuring an admin account, the content that you add to the VM group does not matter. Select a small instance that is OK to back up.
Summary
-
Review the summary.
-
Click Finish.
Configuring a Tenant Account
Start the Configuration Wizard
-
From the Command Center navigation pane, go to Protect > Virtualization.
The Overview page appears.
-
In the upper-right area of the page, click Add hypervisor.
The Configure Hypervisor page appears.
-
Select Amazon Web Services.
-
Click Next.
The Add Hypervisor page of the configuration wizard appears.
Add Hypervisor
-
In Server name, enter a descriptive name for the tenant hypervisor.
-
For Regions, enter the AWS Regions that the instances reside in.
You can enter multiple Regions as a comma-separated list. For example, you can enter us-east1,us-west1.
-
For the authentication method, select STS assume role with IAM policy.
Important
For the tenant account, you cannot use an IAM role. And as a best practice, AWS recommends not using access keys. For more information, see Security best practices in IAM in the AWS documentation.
-
For Credentials, select existing credentials or create new credentials.
Steps to create credentials
-
Click the add button .
The Add credential dialog box appears.
-
In Credential name, enter a descriptive name for the credentials.
-
In Role ARN, enter the ARN of MetallicRole in the tenant AWS account.
-
If an external ID is specified in the IAM role trust policy, in External ID, enter the value.
For more information about using an external ID, see Using an External ID with the AWS STS AssumeRole API Authentication Method.
-
In Description, enter a description of the credentials.
-
-
Move the Use service account resources toggle key to the right, and then select the hypervisor for the admin account.
The Add VM Group page of the configuration wizard appears.
Add VM Group
A VM group is a set of EC2 instances that you want to back up with the same settings. By default, the VM group is associated with all unprotected instances that are discovered.
You can add content to the VM group by using rules that auto-discover content, by selecting specific instances, and by other ways. When you first create the VM group, you can add an instance that is relatively small, and then later you can update the VM group by adding more instances.
-
In Name, enter a descriptive name for the VM group.
-
To create rules that auto-discover and select instances to back up, do the following:
-
Click Add, and then select Rules.
The Add rule dialog box appears.
-
From the list, select the type of rule to create, and then specify the rule:
-
Browse: Select specific instances. (Selecting this option changes the Add rule dialog box to the Add content dialog box.)
-
Guest DNS hostname: Select instances based on a hostname or a domain. For example, to select hosts on the "mycompany.com" domain, enter Guest DNS hostname | Ends with | mycompany.com.
-
Guest OS: Select instances based on operating system. For example, to select instances that are not Windows, enter Guest OS | Does not contain | Windows.
-
Instance name or pattern: Select instances based on their names. For example, to select instances that have a name that includes "east", enter Instance name or pattern | Contains | east.
-
Power state: Select instances based on a power status of Running or Stopped.
-
Region: Select instances based on the AWS Region that they reside in.
-
Tag name: Select instances based on the names of tags that are assigned to them. Enter the tag name in the region\tag_name format. For example, to select instances in the eastern US Region that are for a department, enter Tag name | Equals | us-east-1\department.
-
Tag value: Select instances based on the values of tags that are assigned to them. Enter the tag value in the region\tag_name\tag_value format. For example, to select instances in the eastern US Region for the human resources department, enter Tag value | Equals | us-east-1\department\HR.
-
Zone: Select instances based on the zone that they reside in. For example, to select instances that reside in any eastern US zone, enter Zone | Contains | us-east. You can enter the zone value by typing or browsing to select.
-
-
Click Save.
-
-
To select instances in other ways, do the following:
-
Click Add, and then select Content.
The Add content dialog box appears.
-
From the Browse and select VMs list, select one of the following:
-
By region: Select instances based on the AWS Region that they reside in.
-
By zone: Select instances based on the zone that they reside in.
-
By tags: Select instances based on tags that are assigned to them.
-
By instance type: Select instances based on their type, such as t2.micro or c5.large.
-
-
Select the instances to add to the VM group.
-
Click Save.
-
-
To see the instances that are selected for the VM group, click the Preview button.
-
To use IntelliSnap to back up the VM group, move the IntelliSnap toggle key to the right.
-
Click Next.
The Summary page of the configuration wizard appears.
Summary
-
Review the summary.
-
Click Finish.