Regardless of the size of your company, data backups and system recovery need to be a critical part of your IT operations and planning. Without a proper backup plan or recovery techniques put in place for when an IT disaster strikes, you are signing off on your business’s failure. Today, many technologies encompass the backup realm, and AWS has its own in-house feature to help you automatically back up and recover multiple other services too; AWS Backup.

AWS Backup is a fully-managed and automatic backup service first released by Amazon Web Services in January 2019 and was updated earlier this year. With this policy-based service, it is possible to automatically backup data from multiple AWS services in your cloud environments as well as your on-premises servers with the additional help of AWS Storage Gateway.

The Backup feature works straight out of the box. It will simplify your backup management system in just a few clicks, allowing you to set up backup policies for services like RDS databases, Amazon EBS volumes, EFS file systems, DynamoDB tables, and AWS Storage Gateway volumes.

The service allows you to fully define various backup policies and retention periods customized to your requirements, including the ability to move backups to cold storage (for EFS data) or delete them entirely after a specific amount of time. By default, all backup information is automatically stored in Amazon S3 buckets.

Most of the supported services, with the exception of EFS file systems, already feature the ability to create snapshots. AWS Backup automates the entire process for each service and creates rules around it. This also means that pricing for Backup is the same as for other services using those snapshot features (except for the file system backup, which has a per-GB charge). There is also a pay per-GB fee for restoring data from EFS file systems and DynamoDB backups.

However, in terms of benefits and value for money, AWS Backup’s scope does provide cross-region functionality allowing AWS enterprise customers to meet their strict business continuity policies of needing a certain distance between two copies of their backups.

Supported services:-

  • EBS Snapshot
  • RDS Snapshot
  • DynamoDB Backup
  • EFS Warm Backup
  • EFS Cold Backup
  • Storage Gateway Snapshot

AWS does have a few backup and storage partners that offer an alternative range of functionality to AWS’s service. Meanwhile, AWS Back up provides the following  features and capabilities:

  1. Centralized AWS Backup Management.
  2. Policy-based backup solution.
  3. Tag-based backup policies.
  4. Automated backup scheduling.
  5. Automated retention management.
  6. Backup activity monitoring.
  7. Lifecycle management policies.
  8. Incremental backup.
  9. Backup data encryption in AWS Backup VAULT.
  10. Backup access policies.

The advantages of utilizing AWS Backup as your recovery service include:

  • Improved ease of handling systemic backups, mainly because it is automated with minimal manual intervention.
  • Daily, weekly and even monthly backups can be set up.
  • The pricing model is the same as that of snapshots.
  • App data in cloud and on-premises can be backed up in a common way (i.e., it’s possible to create the same backup policy for cloud data and Storage Gateway volumes).

Features Available For AWS Resources With The AWS Backup Service

 Elastic File
SystemElastic Block
StoreRelational Database

ServiceDynamoDBStorage GatewayAutomated backup schedulesYESYESYESYESYESAutomated retention managementYESYESYESYESYESCentralized backup monitoring/loggingYESYESYESYESYESKMS integrated backup encryptionYESYESYESYESYESLifecycle to cold storageYES    Independent backup encryptionYES

AWS Backup Vaults

In AWS Backup, a backup vault is a container that you organize your backups in (all backups are stored here). You can use backup vaults to set an AWS Key Management Service (AWS KMS) encryption key to encrypt backups and control access to the backups data.

If you need different encryption keys or access policies for multiple groups of backups, there is the option to create more than one backup vault. Alternatively, you can organize all your backups in the default backup vault.

It’s possible to set individual access policies on backup Vaults and recovery points, for access to particular vaults or to deny access to the ‘Delete Recovery Points’ option in a backup vault.

To create a backup vault, go to AWS Backup, click ‘Backup vaults’, then ‘Create Backup vault’.

Creating An AWS Backup Plan

In AWS Backup, a backup plan is a policy expression that outlines when and how you want to configure the back up of your AWS resources, such as for Amazon DynamoDB tables or Amazon Elastic File System (Amazon EFS) file systems.

You can assign resources to backup plans, and AWS Backup will automatically backup and retain the backups for those resources according to the configured plan. You can create multiple backup plans if you have workloads with different backup requirements.

Create a new backup plan via the ‘Build a new plan’ option as per below.

Here you can schedule backups for every 12 hours, or choose a daily, weekly, or monthly schedule. Or you can utilize crontabs. However, with cron expressions, the frequency must be at least a minimum of one hour. Modify this in the custom backup window below the cron expression. It’s important to note that you cannot create a backup for 1 minute, 5 minutes or 30 minutes, etc. Also, EFS only supports a transition to cold storage and data will expire according to your retention period.

After creating a Backup plan, the next step then is to assign resources to it.

Assigning Resources to a Backup Plan

When you assign a resource to a backup plan, that resource is backed up automatically according to the backup plan. The backups for that resource are also managed according to your configured plan.

Assign resources using tags or resource IDs. You can also use a default IAM role or create a custom IAM role according to your needs.

Protected Resources

Under this section, you can create on-demand backup’s according to your workload requirements.

AWS Backup Jobs

Jobs is the last field in the AWS Backup service, on this screen you can see the pending jobs i.e., Backup jobs and Restore jobs.

And there you have it; best practices for how to set up and maintain AWS Backups to keep you on track in case an IT disaster should strike. Get your recovery plan in place by following the above steps to ensure that your AWS environments are no longer unprotected. Putting this backup plan in place takes advantage of AWS Backups latest feature updates and instigates policies surrounding all your important AWS resources. So, what are you waiting for? Get backed-up today!

Ibexlabs is an experienced DevOps & Managed Services provider and an AWS consulting partner. Our AWS Certified DevOps consultancy team evaluates your infrastructure and make recommendations based on your individual business or personal requirements. Contact us today and set up a free consultation to discuss a custom-built solution tailored just for you.