20 June,2023 by Rambler
When the AWS Backup Service takes over the RDS Automated Backups there are a number of modifications occuring - requiring some attention.
The integration of AWS Backup and the RDS service will impact potentially existing scripted, CLI or Infrastructure As Code (IaC) .
Using AWS CLI I'm able to recreate the error message, although you can create the same error message with your other methods such as Terraform
In the steps below , the RDS Instance was using native Automated Backups and then AWS Backup was introduced with the Enable Continuous backup option.
The first time the Backup Plan executes and creates the Continuous backup , it introduces a db-instance-parameter - AwsBackupRecoveryPointArn. This parameter is the Amazon Resource Name (ARN) of the recovery point in Amazon Web Services Backup.
Step 1: Identify the PreferredBackupWindow & BackupRetentionPeriod of an existing RDS that is being managed by AWS Backup
aws rds describe-db-instances --db-instance-identifier myRDSInstance --query "DBInstances[*].[PreferredBackupWindow,BackupRetentionPeriod,AwsBackupRecoveryPointArn]" --output text
19:00-21:00 15 arn:aws:backup:xxxxxxxxxxx:recovery-point:continuous:xxxxxxxxxxxxxxxxx
Step 2a: Modify the RDS Instance and attempt to modify the --preferred-backup-window parameter
aws rds modify-db-instance --preferred-backup-window 01:00-02:00 --db-instance-identifier myRDSInstance
An error occurred (InvalidParameterValue) when calling the ModifyDBInstance operation: Your RDS instance myRDSInstance is associated with an AWS Backup resource with id arn:aws:backup:xxxxxxxxxx:recovery-point:continuous:db-xxxxxxxxxxxx. You can leave PreferredBackupWindow blank, or you can specify it only with the current value 19:00-21:00. For more details, see the AWS Backup documentation.
Step 2b: Modify the RDS Instance and attempt to modify the --backup-retention parameter
aws rds modify-db-instance --backup-retention-period 10 --db-instance-identifier myRDSInstance
An error occurred (InvalidParameterValue) when calling the ModifyDBInstance operation: Your RDS instance myRDSInstance is associated with an AWS Backup resource with id arn:aws:backup:xxxxxxxxxxxx:recovery-point:continuous:db-xxxxxxxxxxxxxxx. You can leave BackupRetentionPeriod blank, or you can specify it only with the current value 15. For more details, see the AWS Backup documentation.
Step 3 : IF you needed to change the preferred-backup-window or the BackupRetentionPeriod via the modify-db-instance
The workaround for this is by removing the RDS Instance from the backup plan, and then modifying the RDS Instance by calling the ModifyDBInstance API through the AWS CLI command as completed previously. Once that is done, the RDS Instance can then be added back to the backup plan or a new plan can be configured
aws backup disassociate-recovery-point --backup-vault-name xxxxxxxxx --recovery-point-arn arn:aws:backup:xxxxxxxxx:recovery-point:continuous:xxxxxxxxxxxxx
If you see this error message - work with your administrator
An error occurred (InvalidRequestException) when calling the DisassociateRecoveryPoint operation: RecoveryPoint cannot be deleted or updated (Backup vault configured with Lock)
Modifying an Amazon RDS DB instance
This is only a preview. Your comment has not yet been posted.
As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.
Having trouble reading this image? View an alternate.
Posted by: |