08 July,2022 by Rambler
Main Benefits of AWS Backup versus Service Native
-> Centralised backup service - covers multiple DBMS types - with common Backup Plans
-> Similar experience across different technologies . This DOES NOT mean the restores are all applied in the exactly the same manner
-> Lifecycle management is centralised
-> Discrete storage , in case of accidental or malicious DBMS destroy
-> Vault replication to multiple regions
Is AWS Backup Service a suitable replacement for the automated RDS service backups? As more services are deployed - it makes sense to think about how to employ an approach which includes more robust inventory, monitoring and compliance policies
The basic concept of the AWS Backup Service is to create a backup plan to an AWS resource - such as an RDS PostgreSQL , by tagging them - which allows the AWS Backup to identify and backup according to the backup plan. A backup plan can manage anything from one resource through to a resource type e.g RDS or resource type e.g RDS,EC2 etc
The AWS Backup Service aims to offer a single interface with a similar experience over multiple application types. AWS Backup provides a centralized console, automated backup scheduling, backup retention management, and backup monitoring and alerting.
The setup is very easy , but before setting up ensure the RPO & RTO are established for the targeted DBMS services which will be backed up . The RPO & RTO will give you the background information required to set up the Backup Plan and assign resources
Basic Concepts
1) Configure Resources - resource types must be enabled
2) Backup Plan - new or ready-made
3) Backup rules - A backup plan is made up of 1 or more backup rules
4) Backup vault - is a container for backup organization , also can be used to set AWS Key Management (AWS KMS).
5)Backup frequency - how often will the backup is created
6) Continuous backups to support PITR (Point in time recovery)
7)backup Window - Backup Window start & finish
8)Transition to Cold Storage
9)Retention Period - backups are automatically deleted at period end. Snapshots can be retained up to 100 days or indefinite if a period isn't entered
10)Copy to destination - various options to copy to another region
11) Tags added to recovery points - option to add tags to a backup .
12)Resource Assignments - IAM role - Default or Choose an IAM role
13) Resource Assignments - Assign Resources - various options - ranging from all resource types to customizing per source types. Resource Types examples include Aurora, DocumentDB,DynamoDB,EBS,EC2,EFS,RDS,FSx,Neptune ,Storage Gateway ,S3 ,VM
Does AWS Backup service replace automated RDS snapshot backups ? According to the documentation - "all existing per-service backup capabilities remain unchanged. RDS/PostgreSQL will automatically backup your database and retain those backups for the length of your retention period, up to 35 days. Backups preformed via AWS Backup are considered manual snapshots, and will persist until deleted."
Continuous backups for point-in-time recovery is now available through AWS Backup Service - although this needs to be enabled. If you don't enable continuous backups - the AWS backup service will only apply snapshot backups. Previously - you needed to toggle between the AWS Backup Service & RDS console
Notes on AWS Backup
1) Define a backup policy at an organizational level & automatically apply at an Account or Region level.
2) Utilize tags. For example using the tag key "Backup" and tag value "Daily" on an RDS DBMS can be defined in the Daily Backup Plan as the values to search when deciding on which resources to back up for the specific backup plan
3)Backup vault - Secure the Backup Vault so it isn't accidentally deleted.
4)Disaster Recovery - options include cross-region and cross-account.
Encryption
1) The AWS Backup service supports cross-account backups.
2) AWS Backups independent encryption is defined as encryption managed by the AWS Backup Vault. Not all AWS services support AWS Backup independent encryption .
For services not supporting AWS Backup independent encryption , the AWS Backup Service Process uses the data source key for data encryption as opposed to the AWS Backup Vault KMS key.
Read more related to AWS & DBMS
This is only a preview. Your comment has not yet been posted.
As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.
Having trouble reading this image? View an alternate.
Posted by: |