Skip to main content
VPC Cloning fails
Updated over 11 months ago

Problem description

VPC Cloning fails with the error message, "You are unauthorized to perform this operation. You are not authorized to perform this operation."

Cause

The Cloud Formation stack is incorrectly updated/removed/deleted. Druva CloudRanger provides a CloudFormation template that is used to create a stack.

The CloudFormation stack generates the following IAM permissions for Druva CloudRanger to access your AWS Account:

  • IAM Role

  • IAM Instance Profile

  • IAM Policy

The generated Amazon Resource Name (ARN) of the IAM role is then linked back to Druva CloudRanger so that it can run backup and restore jobs on your AWS workloads. For more information, see Create an AWS Access Role.


πŸ“ Note
​Druva CloudRanger follows all security protocols and best practices recommended by AWS. All-access permissions to your AWS resources and regions are controlled by AWS Identity and Access Management.


Resolution

Update the CloudFormation stack by updating the existing AWS Access Roles in Druva CloudRanger. To do so, follow the steps:

  1. On your Druva CloudRanger console, click the Settings icon to navigate to Account Settings.
    ​

    settings.png
  2. Click Configure under AWS Access. Copy the CloudFormation URL.
    ​

    Account access.png


    For step-by-step instructions on CloudFormation, click help me with Cloudformation.

  3. Login to your AWS Console and navigate to the CloudFormation page. Select the stack that you have previously created when configuring Druva CloudRanger, and then click Update.
    ​

    CFT.PNG
  4. On the Specify template page, select Replace current template. Then paste the CloudFormation URL into the Amazon S3 URL text box. Click Next.
    ​

    Update stack.PNG
  5. Click Next on the Specify stack details and Configure stack options page.
    You will be able to preview the changes before you click Update stack to confirm the CloudFormation changes to resources.
    ​

    Change set preview.PNG
  6. Once the stack update is complete, navigate back to Druva CloudRanger, and click Save under Save AWS Access Role.
    ​

    Save AWS access role.PNG


    Your IAM role and AWS account access should now be updated with the latest permissions, allowing you to take advantage of any new functionality that is released.

Did this answer your question?