- Newest
- Most votes
- Most comments
Hello.
Backup acquisition from AWS Backup is not done directly by IAM users, but AWS Backup performs the backup acquisition on behalf of the user.
Therefore, it is necessary for AWS Backup to assume the IAM role and obtain snapshots etc.
https://docs.aws.amazon.com/aws-backup/latest/devguide/iam-service-roles.html
An AWS Identity and Access Management (IAM) role is similar to a user, in that it is an AWS identity with permissions policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. A service role is a role that an AWS service assumes to perform actions on your behalf. As a service that performs backup operations on your behalf, AWS Backup requires that you pass it a role to assume when performing backup operations on your behalf. For more information about IAM roles, see IAM Roles in the IAM User Guide.
Relevant content
- asked 4 months ago
- asked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
The default role used for AWS Backup is probably AWSBackupDefaultServiceRole
Yes, by default it uses "AWSBackupDefaultServiceRole". https://docs.aws.amazon.com/aws-backup/latest/devguide/iam-service-roles.html