Guided Walkthroughs

By Implementation

Service Control PoliciesConfig RulesAuto Remediation RulesConformance PacksAmazon GuardDutyAmazon InspectorAWS Security HubAWS Network FirewallRoute53 Resolver SecurityAmazon MacieS3 Bucket PoliciesCloudWatch Alarms and Event RulesAWS WAFAWS Secrets ManagerAWS Systems ManagerSecurity Groups & NACLsAWS KMSIAM PoliciesVPC Endpoint PoliciesAmazon ECRRDS Event SubscriptionsAWS Resource Access Manager (RAM)

By Service Protected

Configuration Packages

Strategy Guides


Backups & DR

AWS Backup

Configuration to create AWS Backup plans and vaults. AWS Backup automates the process of backing up of data across AWS services including EFS, DynamoDB, EC2, EBS, Aurora, RDS, and Storage Gateway, as well as setting custom retention policies, access policies, and encryption

This configuration template includes the following options: 

  • Backup Plans: A backup plan requires the following configuration options:
    • Plan Rules: Specify the schedule, frequency, lifecycle rules, copy actions, and backup vault to store backups. 
    • Resource Selection: Specify how which AWS resources to be included in the backup plan. Resources can be specified by resource Id or by Tags. 
  • Backup Vaults: AWS Backup includes a default vault, but additional vaults can be created with their specific access policies and encryption settings. 

This configuration assumes that the service-linked role for AWS Backup AWSBackupDefaultServiceRole already exists in the account. If the role does not exist, you can create it manually using these instructions, or select the option from the configuration below to create a new IAM role.

Premium: Get the state of backups report for your environment
0.3 KB
Missing Parameters
AWSTemplateFormatVersion: "2010-09-09"
Description: ""
    Type: "AWS::Backup::BackupPlan"
        BackupPlanName: "CustomBackupPlan"
        BackupPlanRule: []
Parameters: {}
Metadata: {}
Conditions: {}


Customize Template

Backup Plan

Backup Plan Rules*

Resource Selection

New Backup Vaults

* Required field