What is AWS Backup?
AWS Backup is a fully managed backup service to automate backup of data across AWS resources in the cloud as well as on-premises. Using AWS Backup, you can configure backup policies and monitor backup activity for your AWS resources in one place.AWS Backup automates and consolidates backup tasks that were previously performed service-by-service, and removes the need to create custom scripts and manual processes. With just a few clicks on the AWS Backup console, you can create backup policies that automate backup schedules and retention management.
In this blog, we are detailing AWS Backup by creating a backup plan. It involves three steps viz
- Create – Build Backup plans that define your backup requirements, including backup schedules, backup retention rules, and lifecycle rules.
- Assign – Assign your AWS resources to Backup plans using resource tags or AWS resource IDs. Resources assigned to Backup plans are then backed up automatically according to the schedule defined in the plan.
- Manage – Use AWS Backup to centrally manage backup configurations, monitor backup activity across AWS services, or restore an AWS resource from a backup.
Creating a backup plan
- Login AWS management console using a valid username and password, and choose your desired region where you want to initiate a backup plan.
- Choose AWS Backup under Storage Service
- Click the “Create a backup plan” button
A backup plan is a policy expression that defines when and how you want to back up your AWS resources. You can assign resources to backup plans, and AWS Backup then automatically backs up and retains backups for those resources according to the backup plan. You can create multiple backup plans if you have workloads with different backup requirements. While creating a backup plan, you can choose either of three options. You can use a predefined backup template created by AWS or you can create a new backup plan from scratch or define a plan using JSON expression Here we are creating a new backup plan from scratch to get more details of each step to be configured for AWS Backup plan.
Building a new backup plan
On the first step, provide a backup plan name. In our example, it is “VembuDemoBackup”
Backup rule configuration – Backup rules specify the backup schedule, backup window, and life cycle of backups. It specifies which backup vault to store backups in and what tags to add to backups when they are created. You can have multiple backup rules in a single backup plan with different combinations of backup sets. For example, you can have a rule that creates daily backups that are retained for one month and a second rule that creates monthly backups that are retained for one year. In our example, the backup rule name is “VembuDemoBackup_rule”
Schedule frequency – This determines your backup schedule. Available options are Every 12 hours, daily, weekly, monthly, and Custom Cron expression. You can choose either of these options and accordingly choose days and dates. You can also customize the backup frequency and backup window start time using a cron expression. Here we are choosing daily.
Backup window – Backup windows consist of the time that the backup window begins and the duration of the window in hours. Backup jobs are started within this window. If you are unsure what backup window to use, you can choose to use the default backup window that AWS Backup recommends. The default backup window is set to start at 5 AM UTC and lasts 8 hours. You can choose your backup window by providing start and end time or days. Here we are choosing a default backup window.
Life cycle – Schedule transition to cold storage and expiration of the backup. The lifecycle defines when it is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define. Backups transitioned to cold storage must be stored there for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” setting cannot be changed after a backup has been transitioned to cold.
Transition to cold storage available options are: Never, Days, Weeks, Months, and Year ( after the creation of the backup job, you can define when to transit to cold storage in Days, Weeks, Months, and Years period ). Similarly, Expire options also the same period settings to expire the backup job on these periods. Here we are choosing Never for both Transitions and Expire period.
Backup vault – Specify the Backup vault that recovery points created by this Backup rule are organized in. Backups are stored in the specified backup vault. You can create your backup vault, use a previously created one, or store your backups in the default AWS Backup vault. Here we are choosing the default backup vault offered by AWS.
Generate copy (Optional ) – Automatically create a copy of the backup as part of the Backup plan across multiple regions. By default, copies will inherit the Backup plan’s vault and lifecycle configuration; however, you may designate a unique configuration per each copy.
Destination region – Specify the region to which the backup will be copied to. You can choose the region from the available list.
Application-aware backup – Enables application-consistent Windows VSS backups. Back up and restore your VSS (Volume Shadow Copy Service)-enabled Microsoft Windows applications. You can schedule application-consistent backups, define lifecycle policies, and perform consistent restores as part of an on-demand backup or a scheduled backup plan. So here we enabled the “Windows VSS” check box.
Click Create a plan, this will create a new backup plan with the desired settings mentioned above.
Our next step, assigning resources to the backup plan. Resource assignments specify which resources will be backed up by this backup plan.
Assigning resources to the backup plan
After creating a backup plan, the backup plan name will be listed under the AWS Backup → Backup plan → Name of the backup plan. In our case, the backup plan name is VembuDemobackup. Select this backup plan, and you will get all the details about the backup plan.
Under resource assignments, Click assign resources.
You can assign resources by its resource type. Supported resource types are Aurora, DynamoDB, EBS, EC2, EFS, RDS, and Storage Gateway. Provide a resource assignment name, and choose the available resources with their resource ID. In our example, we have included an EBS volume and selected its EBS Volume ID. Similarly, you can select other resources, and choose their resource id to include.
You can add multiple resources by clicking on the Add assignment button. Once finished clicking the Assign resources button. So your backup resource an EBS volume is scheduled to take backup daily. After a first backup is completed, you can view the EBS volume in the protected resources. Similarly, you can create multiple backup plans and associate multiple resources for each backup plan.
Deleting a backup plan
When you don’t want to continue your backup and want to reconfigure your backup from scratch you can delete the backup plan and start configuring freshly. Before deleting a backup plan, you must delete the associated resource first as shown in the red box below. You can do this by clicking the backup plan under AWS Backup → Backup plans — > Name of the backup → Resource assignments → Select the resource and choose Delete.
You can initiate a deletion operation for the backup plan after deleting its resource. You can do this by clicking the backup plan under AWS Backup → Backup plans — > Name of the backup plan to delete. Then click the Delete button ( as shown in the red box below )
After clicking Delete, a confirmation dialog box will open to input your Backup plan name. On providing the backup plan name, you can initiate the delete backup operation.
There are many benefits of backing up to the AWS cloud using AWS Backup. It protects backups with 99.999999999% data durability. Scale up your backup resources in minutes as data requirements change. Also backup all data types such as object (Amazon S3 and Amazon S3 Glacier), file (Amazon Elastic File System), and block (Amazon Elastic Block Storage) using AWS Backup. AWS backup provides multiple options for data access control, including encrypting data in transit and at rest. So in a few steps, any administrator can create a backup plan and include backup resources easily.