Regardless of the size of your company, data backups and system recovery need to be a critical part of your IT operations and planning. Without a proper backup plan or recovery techniques put in place for when an IT disaster strikes, you are signing off on your business's failure. Today, many technologies encompass the backup realm, and AWS has its own in-house feature to help you automatically back up and recover multiple other services too; AWS Backup.
AWS Backup is a fully-managed and automatic backup service first released by Amazon Web Services in January 2019 and was updated earlier this year. With this policy-based service, it is possible to automatically backup data from multiple AWS services in your cloud environments as well as your on-premises servers with the additional help of AWS Storage Gateway.
The Backup feature works straight out of the box. It will simplify your backup management system in just a few clicks, allowing you to set up backup policies for services like RDS databases, Amazon EBS volumes, EFS file systems, DynamoDB tables, and AWS Storage Gateway volumes.
The service allows you to fully define various backup policies and retention periods customized to your requirements, including the ability to move backups to cold storage (for EFS data) or delete them entirely after a specific amount of time. By default, all backup information is automatically stored in Amazon S3 buckets.
Most of the supported services, with the exception of EFS file systems, already feature the ability to create snapshots. AWS Backup automates the entire process for each service and creates rules around it. This also means that pricing for Backup is the same as for other services using those snapshot features (except for the file system backup, which has a per-GB charge). There is also a pay per-GB fee for restoring data from EFS file systems and DynamoDB backups.
However, in terms of benefits and value for money, AWS Backup’s scope does provide cross-region functionality allowing AWS enterprise customers to meet their strict business continuity policies of needing a certain distance between two copies of their backups.
AWS does have a few backup and storage partners that offer an alternative range of functionality to AWS’s service. Meanwhile, AWS Back up provides the following features and capabilities:
The advantages of utilizing AWS Backup as your recovery service include:
ServiceDynamoDBStorage GatewayAutomated backup schedulesYESYESYESYESYESAutomated retention managementYESYESYESYESYESCentralized backup monitoring/loggingYESYESYESYESYESKMS integrated backup encryptionYESYESYESYESYESLifecycle to cold storageYES Independent backup encryptionYES
In AWS Backup, a backup vault is a container that you organize your backups in (all backups are stored here). You can use backup vaults to set an AWS Key Management Service (AWS KMS) encryption key to encrypt backups and control access to the backups data.
If you need different encryption keys or access policies for multiple groups of backups, there is the option to create more than one backup vault. Alternatively, you can organize all your backups in the default backup vault.
It’s possible to set individual access policies on backup Vaults and recovery points, for access to particular vaults or to deny access to the ‘Delete Recovery Points’ option in a backup vault.
To create a backup vault, go to AWS Backup, click ‘Backup vaults’, then ‘Create Backup vault’.
In AWS Backup, a backup plan is a policy expression that outlines when and how you want to configure the back up of your AWS resources, such as for Amazon DynamoDB tables or Amazon Elastic File System (Amazon EFS) file systems.
You can assign resources to backup plans, and AWS Backup will automatically backup and retain the backups for those resources according to the configured plan. You can create multiple backup plans if you have workloads with different backup requirements.
Create a new backup plan via the ‘Build a new plan’ option as per below.
Here you can schedule backups for every 12 hours, or choose a daily, weekly, or monthly schedule. Or you can utilize crontabs. However, with cron expressions, the frequency must be at least a minimum of one hour. Modify this in the custom backup window below the cron expression. It’s important to note that you cannot create a backup for 1 minute, 5 minutes or 30 minutes, etc. Also, EFS only supports a transition to cold storage and data will expire according to your retention period.
After creating a Backup plan, the next step then is to assign resources to it.
When you assign a resource to a backup plan, that resource is backed up automatically according to the backup plan. The backups for that resource are also managed according to your configured plan.
Assign resources using tags or resource IDs. You can also use a default IAM role or create a custom IAM role according to your needs.
Under this section, you can create on-demand backup’s according to your workload requirements.
Jobs is the last field in the AWS Backup service, on this screen you can see the pending jobs i.e., Backup jobs and Restore jobs.
And there you have it; best practices for how to set up and maintain AWS Backups to keep you on track in case an IT disaster should strike. Get your recovery plan in place by following the above steps to ensure that your AWS environments are no longer unprotected. Putting this backup plan in place takes advantage of AWS Backups latest feature updates and instigates policies surrounding all your important AWS resources. So, what are you waiting for? Get backed-up today!
Ibexlabs is an experienced DevOps & Managed Services provider and an AWS consulting partner. Our AWS Certified DevOps consultancy team evaluates your infrastructure and make recommendations based on your individual business or personal requirements. Contact us today and set up a free consultation to discuss a custom-built solution tailored just for you.