AWS Backup of an Amazon EC2 Instance
AWS Backup is a fully managed backup services that Centralises data protection across AWS services and on-premises enviroments. It simplifies the backup process by providing a unified interfaces to manage backups, retention policies , and recovery options. In this blog article, we will provide a demo of a backup and restore job on an AWS EC2 instance.
Let’s proceed as follows.
In the left navigation pane in the AWS Backup console, under My account, choose Settings. On the Services opt-in, choose Configure resourses.
On the Configure resources page, use the toggle switches and make sure only EC2 is selected.
In the AWS Backup console, select Backup plans in the left navigation pane under My account, and then click Create Backup Plan.
For backup plan options, select Build New Plan.
Backup plan name — provide a unique backup plan name. For this demo, enter EC2-webapp.
Backup rule name — For this tutorial, enter EC2-Dailies.
Instead of using the default backup vault that is automatically created for you in the AWS Backup console, you can create specific backup vaults to save and organize groups of backups in the same vault.
To create a backup vault, choose Create new Backup vault.
Enter a name for your backup vault. Encryption move with the default one.
Backup frequency select daily, for the backup window move with the default backup window which is set to start at 5 AM UTC and lasts 8 hours.
For the retention period, select always.
Copy to destination — As part of your backup plan, you can optionally create a backup copy in another AWS Region. Select your destination region then move with the default vault.
Note: Cross-region copy incurs additional data transfer costs.
Those are the only settings we need. Click Create Plan.
Assign resources to the backup plan
Select the created backup plan and choose the Assign resources button.
Under the resource assignment name, choose a name.
For the IAM role move with the default role.
Define resource selection move as shown below.
Foe resources ID-based assignment, select the Resource type and the name of the resource.
To exclude specific resource IDs, select the Resource type and the name of the resource.
For tags-based resource assignment, provide the key-value pair of the Amazon EC2 instance.
Choose the Resource selection button to assign the resources to the backup plan.
Navigate to the AWS Backup console. The backup jobs will be seen under Jobs.
Restore an Amazon EC2 instance using AWS Backup
Navigate to the backup vault selected in the backup plan and select the latest completed backup.
To restore the EC2 instance, select the recovery point ARN and choose Restore.
The restore of the ARN will bring you to a Restore backup screen that will have the configurations for the EC2 instance using the backed-up AMI and all the attached EBS volumes.
In the Network settings pane, accept the defaults or specify the options for the Instance type, Virtual Private Cloud (VPC), Subnet, Security groups, and Instance IAM role settings.
This example proceeds with no IAM role. The IAM role can be applied to the EC2 instance after the restore process is completed.
To successfully do a restore with the original instance profile, you must edit the restore policy. If you apply an instance profile during the restore, you must update the operator role and add the PassRole permissions of the underlying instance profile role to Amazon EC2. The default service role created by AWS Backup manages creating and restoring backups.
It has two managed policies: AWSBackupServiceRolePolicyForBackup and AWSBackupServiceRolePolicyForRestores. It also allows “Action”: “I AM PassRole” to launch EC2 instances as part of a restore.
In the Restore role pane, accept the Default role or Choose an IAM role to specify the IAM role that AWS Backup will assume for this restore.
In the Advanced settings pane, accept the defaults.
AWS Backup will use the SSH key pair used at the time of backup to automatically perform your restore.
After specifying all of your settings, choose Restore Backup. The Restore jobs pane will appear, and a message at the top of the page will provide information about the restore job.
Check for your restored backup job under Restore jobs in the AWS Backup console.
Once the job status appears as completed, navigate to the Amazon EC2 console and select Instances in the left navigation pane to see the restored EC2 instance. The EC2 instance is restored using the backup of the AMI and the attached EBS volume.
This brings us to the end of this blog article.
AWS Backup empowers organizations to protect their data assets with a scalable, automated, and secure backup solution.
Thanks for reading and stay tuned for more.
If you have any questions concerning this article or have an AWS project that requires our assistance, please reach out to us by leaving a comment below or email us at [email protected]
Thank you!