Hello community!
Can you please help me with following error during AWS EC2 instance backup?
******\vol-0e21d18c73625cd7a Failed Volumes with market-place product code are filtered
I couldn't find anything relevant in documentation.
Thanks !
Hello community!
Can you please help me with following error during AWS EC2 instance backup?
******\vol-0e21d18c73625cd7a Failed Volumes with market-place product code are filtered
I couldn't find anything relevant in documentation.
Thanks !
Hello
This is a limitation on the AWS side as a ec2 instance needs to be powered off when attaching volumes using market place.
The solution to your problem is to enable EBS DIRECT API for backup copies.
The flow then becomes: create ec2 snapshot, backup copy from EBS DIRECT API (https endpoint), which completely bypasses the problem you describe.
Using EBS DIRECT API should also be faster and less error prone than the current process of creating a volume and attaching it to a ec2 vsa instance (hot-add mode is similar to this process).
EBS DIRECT API should work since 11.20 release of Commvault software, but does require IAM policy update.
Regards,
Mike
Hello
So, I assume this is the policy → iam:SimulatePrincipalPolicy
https://documentation.commvault.com/v11/essential/101442_requirements_and_usage_for_aws_iam_policies_and_permissions.html
This is a custom IAM policy, right? Do you have the permissions from a documentation in order to create it?
Thank you again,
Nikos
Hello
You should really just use the restricted json provided by Commvault:
There are multiple stuff in there for the EBS endpoint, but these are important:
"ebs:CompleteSnapshot", "ebs:GetSnapshotBlock", "ebs:PutSnapshotBlock", "ebs:StartSnapshot", "ebs:ListChangedBlocks", "ebs:ListSnapshotBlocks"
Regards,
Mike
I see that IAM Role, of the Account we want EC2 instance backup, already had the following permissions.
Any idea, maybe need additional permissions?
The warning from Commvault is the following:
There were r1] warnings while backing up virtual machine nawmserver]. ]Backup could not use Amazon EBS direct due to insufficient permissions.].
Thanks once again,
Nikos
Hello
I suspect there is a Service Control Policy blocking this and if you look at the logs you will see a “explicit deny”. Talk to your AWS Admin that controls the AWS accounts / Control Tower to check the SCP :)
Regards,
Mike
Hey
So, in my case the problem seems to was the IntelliSnap option, that was accidentally disabled in VM group configuration!
Finally, I have completed ec2-instance backup jobs through snap copy, and then copy-to-disk copy job completes with warnings about Failed Volumes.
Thank you a lot!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.