Backup and Restore
Implement the lowest-cost DR tier by automating snapshots, S3 Cross-Region Replication, and AWS Backup policies, and walk through a restore drill.
Backup and Restore Fundamentals
Backup and Restore is the simplest and most cost-effective disaster recovery strategy. You create regular backups of your data and infrastructure, store them in a durable location (typically S3 in another region), and restore from those backups when a disaster occurs. While cheap to maintain, it results in the longest RTO (hours) and potentially significant RPO (time since last backup). It is appropriate for non-critical workloads where downtime of several hours is acceptable.
# Backup and Restore workflow:
# 1. Create snapshots/backups on a schedule
# 2. Replicate backups to a secondary region
# 3. On disaster:
# a. Launch new infrastructure in DR region
# b. Restore data from most recent backup
# c. Update DNS to point to DR region
# 4. Failback when primary is restoredAWS Backup: Centralised Backup Management
AWS Backup is a fully managed service that centralises and automates data protection across AWS services. It supports EBS volumes, RDS databases, DynamoDB tables, EFS file systems, FSx, EC2 instances, Aurora clusters, and S3. You define backup plans with schedules, retention periods, and vault destinations. AWS Backup enforces backup policies across multiple accounts via AWS Organizations, making it the go-to service for enterprise backup management.
# Create AWS Backup vault
aws backup create-backup-vault \
--backup-vault-name production-dr-vault \
--encryption-key-arn arn:aws:kms:us-east-1:123:key/abc
# Assign resources to backup plan
aws backup create-backup-selection \
--backup-plan-id <plan-id> \
--backup-selection '{
"SelectionName": "all-production",
"IamRoleArn": "arn:aws:iam::123:role/BackupRole",
"ListOfTags": [{"ConditionType":"STRINGEQUALS","ConditionKey":"Environment","ConditionValue":"production"}]
}'