Skip to main content
Welcome to this lesson on AWS Backup. In this guide, you will learn how AWS Backup simplifies the backup and restore process across various AWS services. AWS Backup automates the process of creating backups, making it an essential component of your data protection strategy. Previously, managing backups required manual efforts or reliance on third-party solutions, but AWS Backup streamlines these operations for you.
The image is a flowchart illustrating the AWS Backup process, including steps like creating a backup plan, assigning resources, and protecting them, with options for monitoring, configuring, restoring, and auditing.
AWS Backup allows you to define backup plans that specify backup frequency, retention policies, and the resources to protect. Backups are stored in vaults that can be secured further with air-gapping (vault locking) to prevent unauthorized modifications. This service supports both single-account and cross-account backups across multiple AWS regions through a unified console that automates tasks, enforces policies, and enables scheduled cross-region backup copies.
The image is an infographic about AWS Backup, highlighting features such as a unified console for managing AWS services, automated backup scheduling and retention policies, and support for different regions and accounts.

Primary Components of AWS Backup

The core components of AWS Backup include:
  1. Backup Vault: A secure container to store your backups. You can create multiple vaults across regions and accounts for better data organization and security.
  2. Backup Plan: This defines what resources to back up, the backup schedule, and which backup vault to use.
  3. Recovery Points: Snapshots or backup milestones captured at specific intervals, providing the ability to perform point-in-time recoveries.
The image describes three components: Backup Vault, Backup Plan, and Recovery Point, each with a brief explanation of their functions in data management.
Consider an EC2-based application running in US East (N. Virginia). In addition to locally stored application data, supporting resources such as EFS and RDS instances are also critical. While EBS volumes are integrated into the EC2 service, they receive backup protection too. For enhanced disaster recovery, replicate these backups from US East to another region like US West (Northern California) by configuring an additional backup vault with a copy job. This cross-region replication ensures that you have complete data availability for restoration.
The image is a diagram showing an AWS cloud backup and restoration setup between two regions: N. Virginia (us-east-1) and N. California (us-west-1). It illustrates the use of AWS services like EC2, EFS, EBS, RDS, and AWS Backup for WebApp 1.
With backup copies in both regions, you have the flexibility to restore your resources from either location, ensuring high availability and rapid recovery in the event of a disaster.

Configuring AWS Backups

To configure backups for your AWS resources, start by creating a backup vault. There are two types of backup vaults available:
  • Standard Backup Vault: A regular vault without enforced immutability.
  • Vault-Locked (Air-Gapped) Vault: A vault with enforced immutability ideal for retaining audit trails and ensuring data integrity.
The image is a screenshot of a configuration interface for creating a backup vault in AWS, showing options for vault name and type. It includes steps for configuring AWS Backup for resources.
Once your backup vault is established, create a backup plan. You have multiple options for defining your backup plan:
  • Import a Plan Using JSON: Quickly deploy a predefined JSON configuration.
  • Use a Predefined Template: Select from AWS Backup templates.
  • Build Your Own Plan: Customize your backup schedule, retention period, and resource selection from scratch.
The backup plan details include specifying backup frequency, retention periods, and the volumes or databases to include. Resources can be assigned to the plan using filters such as resource tags (e.g., “production”) or by specifying resource types (e.g., EBS volumes).
The image is a screenshot of a user interface for configuring AWS Backup for AWS resources, showing options to start with a template, build a new plan, or define a plan using JSON. It includes a dropdown for choosing a template and a field for naming the backup plan.
After the backup plan is set, assign the specific AWS resources to be protected. This step involves choosing which resources—such as EBS volumes, RDS databases, etc.—will be backed up, either by selecting resource types or applying specific tags.
The image is a screenshot of a configuration step for AWS Backup, specifically selecting specific resource types like EBS for backup. It includes options to choose resource types and volume IDs.
Monitoring your backup operations is a vital part of managing AWS Backup. The dashboard provides real-time statistics on backup, restore, and copy jobs, including metrics on completed jobs and any errors or failures.
The image shows a dashboard for configuring AWS Backup for AWS resources, highlighting the monitoring of backup jobs with a status overview indicating 1,092 completed jobs and no issues, failures, or expirations.

Broad Service Integration

AWS Backup supports almost every AWS database and data storage service. Some of the supported services include:
AWS ServiceSupported ResourceExample Use Case
Amazon EC2EBS volumesAutomated backups for EC2 applications
Amazon RDSDatabase snapshotsPoint-in-time recovery for databases
Amazon S3Bucket dataBackup for object storage
Amazon EFSFile system dataPersistent file system backups
AWS Storage GatewayOn-premises data through cloud integrationHybrid cloud backup scenarios
The image lists AWS Backup supported resource types, including services like Amazon EC2, S3, EBS, RDS, and others, along with their corresponding resource types.
Furthermore, AWS Backup integrates seamlessly with other AWS management and monitoring services. These integrations include:
  • EventBridge: To track event triggers from AWS Backup.
  • CloudWatch: For monitoring system metrics.
  • CloudTrail: For auditing API calls.
  • Job Notifications: To receive alerts upon the completion of backup, restore, or copy operations.
Integrating AWS Backup with EventBridge, CloudWatch, and CloudTrail ensures a streamlined workflow and comprehensive monitoring of all backup activities, making it easier to maintain a robust backup strategy.
This lesson has provided an in-depth overview of AWS Backup, covering its essential components such as backup vaults, backup plans, and recovery points. By configuring backups, assigning resources intelligently, and monitoring the backup processes, you are now equipped to implement a reliable backup strategy that spans across multiple AWS regions. We look forward to seeing you in the next lesson.

Watch Video