AWS Native Backups
January 22, 2019Amazon Web Services has released yet another service designed to improve the lives of people administering an AWS environment. There is a new backup service, cleverly named, AWS Backup.
This new service allows you to create a backup plan for Elastic Block Store (EBS) volumes, Elastic File System (EFS), DynamoDB, Relational Database Services (RDS), and Storage Gateway.
Now we can build plans to automatically backup, tier and expire old backups automatically based on our own criteria.
Create a Backup Plan
To get started, just login to your AWS console and look for the AWS Backup Service. You’ll get a familiar splash screen where you’ll click “Create Backup Plan”.
From there, you can pick how to get started. For this post we’ll just build a new plan.
Give the plan a name. I’ve named mine Daily-Evenings meaning that it will run at night. Pick your own schedule, but do notice that times are in UTC format so do your own math. Pick the backup window when these backups can be taken.
After this you may add life cycle options to tier your backups onto lower cost storage. If you do this, you will want to pick an expiration period as well which must be 90 days or more from the time it was tiered. Then you may select which vault to use. I’ve selected the default which will be created for me automatically.
Just like about everything else in AWS you can add your own tags. When you’re done, click “Create plan.”
You should see a success message with a link to assign resources to this backup plan. Click that link.
Give the resource assignment a descriptive name. And then decide how the resources will be assigned to this backup routine. In my case I’m using a tag with a key of “backup” and a value of “evening”. This means any EBS volumes I create with a key value pair matching these will be backed up.
Now you must wait for your backup to run. If you look under the jobs link, you’ll see that a job ran during the time frame that you specified.
I created an EC2 instance with an EBS volume tagged with my key value pair specified earlier. Under protected resources, you can see that I have an EBS volume listed.
If I select the resource ID, I’m taken to a page with the snapshots created of that EBS volume. You’ll also notice that you can create an on-demand backup whenever you need, in case your schedule needs to be interrupted for an important upgrade or something.
Restore
Now to restore one of your backups, just find the resource and the associated backup shown earlier, select it and click the restore button.
You’ll be asked some questions like what kind of resource type will be restored, volume type and the size. Notice that the size I’m restoring is 100 Gibibytes. This is note worthy because my EBS volume was only 8 Gibibytes. Then we need to select the availability zone to restore it to.
Select which IAM role should be doing the restore. Default has the permissions it needs, but you can specify your own if default isn’t going to work with your companies security policies.
Once you’ve created the restore you can view it in the Jobs panel.
Once the restore is complete, go check it out in your console.
You can see in my EBS volumes, that I now have a 100 Gibibyte volume in the Availability Zone I selected.
Summary
There are plenty of ways to backup your resources in AWS including rolling your own snapshot routine with AWS Lambda, or using RDS snapshots natively. But this new tool lets administrators set schedules across the environment pretty easily and have a single portal to manage them. Another great service from AWS.