Requirements for Using an Amazon EC2 Instance as an Agentless File Recovery Destination

To perform an agentless restore to an Amazon EC2 instance, verify that the access node and the EC2 instance that you want to use as a destination meet the requirements.

Support

Agentless restores are supported only in the Command Center.

Requirements

• The access node must have all the permissions that are required for performing agentless restores. Those permissions are included in the amazon_restricted_role_permissions.json JSON file.

• The destination instance must be running.

• The destination instance must have the AWS Systems Manager Agent (SSM Agent) installed.

  The SSM Agent is installed by default on instances that run Windows Server 2016 and more recent versions of Windows Server.

  For Windows Server 2003 to Windows Server 2012 R2, SSM is installed by default on instances that are created from AMIs published in November 2016 and more recently.

• The destination instance must be able to access the metadata of the guest instance. For information, see Retrieve instance metadata in the AWS documentation.

• The destination instance must have an IAM role with the following policies attached:

  • AmazonSSMManagedInstanceCore managed policy

  • vsa_SSMInstanceProfileS3Policy.json policy

• The destination instance must have connectivity to an Amazon S3 service endpoint (s3.region.amazonaws.com).

• The destination instance must have PowerShell Core installed:

  • Linux PowerShell Core

  • Windows PowerShell Core

• The destination instance must have AWS Tools and AWSPowerShell NetCore, with the scope set to all users, installed:

  • Linux AWS Tools for PowerShell Core

  • Windows AWS Tools for PowerShell Core

• To verify that the destination instance is capable of being a destination for agentless file recovery, do the following:

  1. Go to AWS Systems Manager.

  2. In the navigation pane, under Node Management, click Run command.

     The AWS Systems Manager Run Command page appears.

  3. Click Run a command.

     The Run a command page appears.

  4. Search for AWS-RunPowerShellScript, and then click it.

     The AWS-RunPowerShellScript page appears.

  5. In the Target section, click Choose instances manually.

     The instances that are displayed can be used as destinations for agentless file recovery.

Agentless Restore Process

To perform an agentless restore, the software uses the following process:

1. Restore the data to the access node.

2. If an Amazon S3 bucket does not already exist, create one.

3. Upload the data to the Amazon S3 bucket.

4. Download the data to the destination instance.

5. Delete the temporary data from the Amazon S3 bucket and the access node.