EC2 restores

EC2 SecureVault Backups can be restored from any unexpired backup. Likewise, EC2 Snaps can be restored from any unexpired Snap. After the backup or Snap expires, it is destroyed and is no longer available to be restored.

Your assigned role determines the actions you can do in the Clumio UI. For example, users who are assigned to the "Backup Admin" role can do all restores except for granular record retrieval. To learn more about roles, see Roles.

EC2 backup and Snap restores are performed through the Protection History calendar of the EC2 instance’s details page (AWS > Environments > [Account Number] > EC2 Instances > [EC2 Instance ID]).

The Protection History calendar displays the dates with available backups and Snaps. A blue dot represents a backup, while an orange dot represents a Snap. Click the date corresponding to the backup or Snap you want to restore. A popup appears with a list of backups and Snaps that were generated on that day.

Since backups are saved in Clumio, you can browse and search the contents of a backup to restore individual files and folders. Snaps, on the other hand, are stored in the AWS account, so you cannot browse or search the contents of a Snap. Each backup or Snap includes an expiry date after which it is no longer available to be restored. The expiry date is based on the retention schedule of the policy covering the backup or Snap.

EC2 restores

EC2 backups can be restored from any unexpired backup. After the backup expires, it is destroyed and is no longer available to be restored.

By default, the EC2 backup will be restored to the same AWS account, region, and availability zone as a completely separate instance with a new AWS instance ID and with the AWS tags that were associated with the original instance.

There are three ways to restore the contents of an EC2 backup:

  • Restore the EC2 instance, along with its attached EBS volumes, Marketplace AMIs and instance store configurations that have instance store volumes. The EC2 instance can be restored to the same AWS account as a completely separate instance with a new AWS instance ID, or to a completely different AWS account within the same region. When you restore an EC2 instance, you can choose to perform a basic or advanced restore.
  • Browse and restore folders and files from an attached EBS volume within the EC2 backup. If the “Browse and Restore Files” button is disabled (grayed out) it means that the backup exceeds the limitation and therefore cannot support the browse and restore feature.
  • Search for and restore single files from an attached EBS volume within the EC2 backup. Search the backups for individual files by file name and restore the single file.

Sharing retrieved files and folders

There are two ways to share the file or folder you want to retrieve:

  • Use the Transparent Data Access (TDA) feature to securely share retrieved files directly with an end user. The retrieved files are protected by two-factor authentication. Only the specified end user can access the retrieved file.
  • After you find the folders or files you want to retrieve, save them to a ZIP file which downloads and saves to your local machine. You can share the ZIP file.

EC2 Snap restores

EC2 Snaps can be restored from any unexpired Snap. After the Snap expires, it is destroyed and is no longer available to be restored.

Snaps can only be restored to the same AWS account and saved as a separate instance.

EC2 instance restores – Basic vs. advanced restores

When you restore an EC2 instance, you can choose to perform a basic or advanced restore.

  • Select Basic Restore to restore the EC2 instance with its original configurations back to the AWS account. The EC2 instance is restored to the same AWS account as a completely separate instance with a new AWS instance ID.
    The basic restore option is only available if the backup or Snap is compatible with the current state of the AWS account. For example, you cannot perform a basic restore if the backup is in a certain VPC which has since been deleted from the AWS account. If you cannot perform a basic restore, or if you want to change any of the EC2 instance configurations, select Advanced Restore.

  • Select Advanced Restore to modify the EC2 instance settings before restoring the instance, or restore the instance to another AWS account in the same region. Advanced restore configuration settings include the AWS account details, storage details, network settings, and AWS tags. The fields in the Advanced Restore window are ones that you can modify.

The settings that appear by default represent the settings that were configured at the time of backup. When restoring a backup, the “backup” icon that appears in a drop-down represents the setting at the time of backup. Likewise, when restoring a Snap, the “Snap” icon that appears in a drop-down represents the setting when the Snap was taken.

Restore an EC2 SecureVault Backup

You can restore EC2 SecureVault Backups from both active and deleted EC2 instances.

  1. Select AWS > Environments > [Account Number] > EC2 Instances. The Active EC2 Instances window appears with a list of EC2 instances that have been inventoried into Clumio. If you are restoring an EC2 backup from a deleted EC2 instance, click Active EC2 Instances and select Deleted EC2 Instances.
  2. Click the instance ID of the EC2 backup you want to restore. A detailed view of the instance appears. In the Protection History calendar, the dates with instance backups appear with blue dots.
  3. Click the date with a blue dot corresponding to the backup you want to restore. A popup appears with a list of backups and Snaps that were generated on that day.
  4. Select Restore EC2 Instance and select one of the following two restore types:
    • Select Basic Restore to restore the EC2 instance to the same AWS account as a completely separate instance with a new AWS instance ID. You can perform a basic restore if the backup is compatible with the current state of the AWS account. If the basic restore option is not available, the selection is grayed out. If you change the instance name, the instance is restored to the same AWS account, but with the new instance name. If you selected Basic Restore, click Restore and skip the next step, which only applies to the Advanced Restore option.
    • Select Advanced Restore to modify the EC2 instance settings before restoring the instance or restore the instance to another AWS account in the same region.
  5. If you selected Advanced Restore, from the Advanced Restore popup, modify any of the following sections:

Details

* **Name**: Enter a name for the EC2 instance. Defaults to the instance name at the time of backup.
* **Account Region**: Select a different AWS account number and region to where the restored instance will be saved. Defaults to the account and region at the time of backup.
* **Type**: The Amazon EC2 instance type. Defaults to the instance type at the time of backup. Examples include a1.metal, c4.8xlarge, m5ad.large, and t2.micro. This field cannot be modified.
* **IAM Role**: The Amazon IAM used to back up the EC2 instance.
* **Key Pair**: The key pair used to securely connect to the Linux instance after restore. This field does not apply if you are connecting to a Windows instance, and the dropdown will be disabled. To connect to a Windows instance after restore, on the Remote Desktop login screen, specify the initial administrator password that you set for the original EC2 instance before backup.**Storage**



* **Name**: The name of the EBS volumes that are attached to the EC2 instance. If the EC2 instance supports instance store volumes, those will also be listed.
* **Enable Encryption**: If encryption is disabled (gray) by default, this means the volume was not encrypted at the time of backup. You can either keep encryption disabled to restore the volume unencrypted, or enable encryption to encrypt the restored volume. If you enable encryption, enter the KMS key ID generated through AWS Key Management Service. For example, `arn:aws:kms:us-west-2:123456789012:key1234abcd-12ab-34cd-56ef-1234567890ab`.
 If encryption is enabled (blue) by default, this means the volume was encrypted at the time of backup, and the KMS key ID represents the key that was used to encrypt the volume. If you delete this key, you will not be able to decrypt the restored volume.**Network**


* **VPC ID**: The Amazon-assigned virtual private cloud ID (VPC ID) that the EC2 instance is launched into. Begins with “vpc-“
* **Subnet ID**: The Amazon-assigned subnet ID. Begins with “subnet-“
* **Total Network Interfaces**: The number and list of network interfaces. This field cannot be changed. To connect to an existing network interface, select the ENI ID from the dropdown. To create an ENI on restore using the configurations from the backup, select the “Restore From Backup” option from the Network Interface drop-down. To create a new elastic network interface (ENI) on restore, select “Default” from the Network Interface drop-down. The primary subnet is always assigned to interface name `eth0`.**EC2 Tags**


* The AWS tag key/value pairs that were assigned to the EC2 instance at the time of backup. You can modify the list by adding or deleting tags.
  1. Click Restore. Clumio starts the EC2 Restore task. Once the task completes, the backup is fully restored. Sign in to your AWS account through the AWS Management Console to see the restored instance.

Restore a single file from an EC2 SecureVault Backup

If you know the name of the file that you want to restore from an EC2 backup, you can restore it through a file level search. You can only perform file level searches in backups; you cannot perform file level searches in Snaps.

  1. Select AWS Protect> Environment > [Account Number] > EC2 Instances. The Active EC2 Instances window appears with a list of EC2 instances that have been inventoried into Clumio.
  2. Click the instance ID of the EC2 instance you want to search. A detailed view of the instance appears.
  3. In the Search field, perform a file name prefix search by typing at least the first character of the file name you want to find and pressing Enter. The Restore File dialog appears as Clumio searches for all files that begin with the characters you entered.
  4. Click the radio button next to the file you want to restore and click Next: Summary. The list displays all of the backups that contain the file you are searching for. If the file went through modifications between backups, then multiple backup versions appear, with each backup containing a modified version of the file. The most recent backup version appears at the top of the list. Within each backup version are older backup versions that contain the same, unmodified file. Click # previous version to view these backup versions.
  5. Click the radio button next to the backup version you want to restore and click Next: Data Access.
  6. Choose Direct Download to download the files directly to a ZIP file on your local computer. You have access to the files, and can share them with users. Choose the Transparent Data Access (TDA) feature to securely share retrieved files directly with an end user. The retrieved files are protected by two-factor authentication. Only the specified end user can access the retrieved file. For more information, see Securely sharing retrieved files.
  7. Click Initiate Restore. Clumio starts the EC2 File Restore task to restore the file you selected.

Restore a file or folder from an EC2 SecureVault Backup through browsing

You can restore individual EBS files and folders from the EC2 backups of both active and deleted EC2 instances. You can only perform file or folder level searches and restores from backups; you cannot perform file or folder level searches and restore from Snaps.

  1. Select AWS > Environments > [Account Number] > EC2 Instances. The Active EC2 Instances window appears with a list of EC2 instances that have been inventoried into Clumio. If you are restoring files or folders from a deleted EC2 instance, click Active EC2 Instances and select Deleted EC2 Instances.
  2. Click the instance ID of the EC2 instance that contains the EBS volumes that have the files or folders you want to restore. A detailed view of the instance appears. In the Protection History calendar, the dates with instance backups are highlighted with blue dots.
  3. Click the date with a blue dot corresponding to the backup with the files you want to restore and select Browse Files. The Browse and Restore dialog appears with a list of file systems from which you can restore.
  4. Click the name of a file system to see its individual files and folders. Click the checkbox next to each file and/or folder you want to restore. Repeat this for each of the file systems.
  5. Click Next: Summary to view a summary of the files and folders you have selected to restore.
  6. Click Next: Data Access.
  7. Choose Direct Download to download the files directly to a ZIP file on your local computer. You have access to the files, and can share them with users. Choose the Transparent Data Access (TDA) feature to securely share retrieved files directly with an end user. The retrieved files are protected by two-factor authentication. Only the specified end user can access the retrieved file. For more information, see Securely sharing retrieved files.
  8. Click Initiate Restore. Clumio starts the EC2 File Restore task to restore the file you selected.