N2W Software

            File level restore may fail with the "Failed adding share permission" error

            File level restore may fail with the "Failed adding share permission" error:
            ERROR:  share_snapshot(.\cpmserver\cpm\aws_utils.py:265)  Failed adding share permission to snapshot snap-1234567890abcdef (original volume: vol-abcdef1234567890) Failed. Reason: Encrypted snapshots with EBS default key cannot be shared (OperationNotPermitted)
            ERROR:  recover_volume(.\cpmserver\cpm\recovery.py:916)  Volume Recovery from snapshot: snap-1234567890abcdef (original volume: vol-abcdef1234567890) Failed. Reason: Failed adding share permission to snapshot snap-1234567890abcdef (original volume: vol-abcdef1234567890) Failed. Reason: Encrypted snapshots with EBS default key cannot be shared (OperationNotPermitted)
            ERROR:  explore_backup_init(.\cpmserver\cpm\filemanager\views.py:368)  File Level Recovery - failed exploring snapshot snap-1234567890abcdef. Reason: Volume Recovery from snapshot: snap-1234567890abcdef (original volume: vol-abcdef1234567890) Failed. Reason: Failed adding share permission to snapshot snap-1234567890abcdef (original volume: vol-abcdef1234567890) Failed. Reason: Encrypted snapshots with EBS default key cannot be shared (OperationNotPermitted)

            These errors will be printed in the CPM Server logs and presented in the GUI.

            The reason for these errors is an attempt to do a cross-account file level restore of an encrypted volume.
            Here is a quote from chapter 12 "File-level Recovery" in the CPM User Guide:

            Explore for encrypted volumes will only work at the same account the CPM Server
            instance is in. Cross-account explore of encrypted volumes is not supported.

            This is an AWS limitation:
            "AWS prevents you from sharing snapshots that were encrypted with your default CMK".


            Helpful?  
            Help us to make this article better
            0 0