In order for Cloud Protection Manager (CPM) to perform its backup and restore management functions, it needs to have the correct permissions assigned.
Cloud Protection Manager supports two different types of AWS authentication during setup:
- AccessKey / SecretKey
- Role based authentication (recommended)
The permissions necessary have been combined into a JSON file for convenience and can be downloaded from the N2WS Knowledge Base:
- At the top of your AWS console, select the Services tab (1). In the Security Identity & Compliance section, select IAM (2).
In the left menu, select Policies.
Click the Create policy button.
Select the JSON tab.
Delete the default contents and copy and paste the contents of the JSON file downloaded from our Knowledge Base (see above).
Click Review Policy.
Type a Name for the policy (1) and click Create policy (2).
Next, create a role, and then assign the policy you just created to that role.
In the left menu, select Roles (1) and click Create role (2).
In the list of type of trusted entity, select AWS service and then select EC2. Click Next: Permissions.
In the AWS services list, select EC2 (1) again and click Next: Permissions (2).
Search for the previously created policy (1), tick box it, and select Next: Review (2).
Name the Role (1) and select Create Role (2).
Assign the resulting role to the CPM trial instance by:
Selecting the CPM instance name (1).
In the Actions menu (2), selecting Instance Settings (3), and then Attach/Replace IAM Role.