How-To

Creating AWS Backups, Part 1: A Plan, Rules and More

Brien Posey begins a series of tutorials on AWS backups, starting with formulating a plan and establishing rules.

• By Brien Posey
• 02/02/2021

Although a third-party backup application is often the preferred mechanism for backing up your resources within the Amazon Web Services (AWS) cloud, AWS does include native backup capabilities thanks to a service called AWS Backup. You can find AWS Backup on the list of services in the Storage section.

Before you will be able to use AWS Backup to run any backup jobs, you will need to create a backup plan. To do so, select the Backup Plans tab, and then click the Create Backup Plan button, shown in Figure 1.

At this point, you will be taken to the Create Backup Plan screen, shown in Figure 2. As you can see in the figure, this screen gives you three options for creating a backup plan. You can start with a template, build a new plan from scratch, or you can define a plan using a JSON file. All three are viable options, but using a template is the easiest approach. Creating a backup plan involves specifying the backup frequency and the retention period, and the templates set these values for you. In the figure for example, you can see that the templates have names reflecting their frequency and retention periods.

Once you select a template, you will be prompted to provide a name for the backup plan. It's best to use a descriptive name that conveys the plan's intended purpose.

Scroll down and you will be taken to the Backup Rules section, shown in Figure 3. Assuming that you started with a template, one or more rules will already exist. You can delete or modify these existing rules by selecting them and then clicking on the Delete or Edit button. Similarly, you can add an additional rule by clicking the Add Backup Rule button.

Even if it seems that the template that you selected aligns perfectly with your needs, it's still a good idea to at least review the backup rules. Simply click on a backup rule to look at the settings that are contained within it. As you can see in Figure 4, backup rules control things such as when the backup is created, when the backup is moved to cold storage, and when the backup expires.

The rules also determine which backup vault your backups will be saved to. Amazon provides a default backup vault that is used by default, but you do have the option of creating additional backup vaults. Having multiple backup vaults can be useful in situations in which there are multiple administrators, each of whom are responsible for a subset of your organization's AWS resources.

When you finish evaluating the backup rules, there are two more things that you need to do as a part of creating the backup plan. First, you will need to apply any required tags to the backup plan. Tagging can be useful if you have complex backup requirements and will be creating multiple plans.

The second thing that you will need to do is to determine whether or not you will need to perform application consistent backups.

As you have seen so far, a backup plan is primarily used to define the backup frequency and the retention requirements. A backup plan does not define the resources that are to be backed up. That's something that you will do later on. Even so, you should have at least some idea of how your backup plan is ultimately going to be used.

If your backup plan will eventually be used to back up EC2 instances and you have Windows running on at least one of those instances, then I strongly recommend selecting the Windows VSS checkbox. You can see what this checkbox looks like in Figure 3.

Selecting the Windows VSS checkbox tells AWS Backup that you want to use the Volume Shadow Copy Service to back up Windows instances. This service is what makes it possible to create application consistent backups on Windows machines. If you neglect to select this checkbox, then AWS will resort to creating a crash consistent EC2 backup. Keep in mind that the selecting the Windows VSS checkbox alone does not tell AWS Backup to back up your EC2 instances. It only tells AWS Backup that if the backup plan is ultimately applied to EC2 instances then Windows VSS should be used where appropriate.

When you have finished configuring the backup plan settings, go ahead and click the Create Plan button. I will show you how to associate AWS resources with the backup plan in Part 2.