Configuration to create AWS Backup plans and vaults. AWS Backup automates the process of backing up of data across AWS services including EFS, DynamoDB, EC2, EBS, Aurora, RDS, and Storage Gateway, as well as setting custom retention policies, access policies, and encryption

This configuration template includes the following options: 

  • Backup Plans: A backup plan requires the following configuration options:
    • Plan Rules: Specify the schedule, frequency, lifecycle rules, copy actions, and backup vault to store backups. 
    • Resource Selection: Specify how which AWS resources to be included in the backup plan. Resources can be specified by resource Id or by Tags. 
  • Backup Vaults: AWS Backup includes a default vault, but additional vaults can be created with their specific access policies and encryption settings. 

This configuration assumes that the service-linked role for AWS Backup AWSBackupDefaultServiceRole already exists in the account. If the role does not exist, you can create it manually using these instructions, or select the option from the configuration below to create a new IAM role.

BackupPlan
AWS::Backup::BackupPlan


BackupPlan *
AdvancedBackupSettings
BackupPlanRule *
CopyActions
Lifecycle
Lifecycle

BackupResourceSelection1
AWS::Backup::BackupSelection


BackupSelection *
Conditions
StringEquals
StringLike
StringNotEquals
StringNotLike
ListOfTags

NotResources

Resources

CloudFormation Template

Share Template