AWS services using AWS Backup :
Reliable and consistent backup of cloud data is important to have a secure data archive and restore in the event of data loss. Traditionally, backup administrators used manual backup procedures that were difficult to scale and lowered productivity, with data distributed across multiple cloud resources. Cloud backup, along with the automation of infrastructure provisioning, are prompting organizations to improve their data protection and backup strategy.
Customers are implementing infrastructure as code (IaC) as an essential part of their digital transformation to improve productivity and govern infrastructure operations across multi-account environments. Implementing backup policies as code can help you scale your enterprise data protection strategy, reduce overhead, and easily manage organization-wide policies at scale across your cloud environment. AWS Backup offers a cost-effective, fully managed, policy-based managed service that simplifies data protection at scale. AWS Backup leverages AWS Organizations to centrally automate backup policies to implement, configure, manage, and govern backup activity across supported AWS resources.
In previous blog posts, our colleague Cher covered how AWS Backup can simplify centralized backup management with Cross-Region copy and secure data recovery with cross-account, cross-Region backup by implementing backup policies using the AWS Backup console. In this blog post, we demonstrate how you can save time using AWS CloudFormation automation to centrally automate and scale the process of implementing AWS Backup policies, backup vaults, and cross-Region, cross-account replication across your multi-account AWS environment. Using this solution, you can easily manage AWS Backup with automation and implement a data protection strategy that mitigates the risk of data loss.
Customers are implementing infrastructure as code (IaC) as an essential part of their digital transformation to improve productivity and govern infrastructure operations across multi-account environments. Implementing backup policies as code can help you scale your enterprise data protection strategy, reduce overhead, and easily manage organization-wide policies at scale across your cloud environment. AWS Backup offers a cost-effective, fully managed, policy-based managed service that simplifies data protection at scale. AWS Backup leverages AWS Organizations to centrally automate backup policies to implement, configure, manage, and govern backup activity across supported AWS resources.
In previous blog posts, our colleague Cher covered how AWS Backup can simplify centralized backup management with Cross-Region copy and secure data recovery with cross-account, cross-Region backup by implementing backup policies using the AWS Backup console. In this blog post, we demonstrate how you can save time using AWS CloudFormation automation to centrally automate and scale the process of implementing AWS Backup policies, backup vaults, and cross-Region, cross-account replication across your multi-account AWS environment. Using this solution, you can easily manage AWS Backup with automation and implement a data protection strategy that mitigates the risk of data loss.
Overview :
The architecture uses AWS Control Tower and consists of four AWS Organizations accounts: a management account, two member accounts, and a centralized backup account that belong to their respective organizational units. AWS Organizations helps to centrally manage, govern, automate, and scale AWS resources across accounts in an organization. The solution uses AWS CloudFormation stacks and StackSets to deploy resources such as backup vaults, vault access policies, AWS Key Management Service (AWS KMS) customer managed keys (CMK), and IAM roles.
AWS Backup policies define how you back up your resources using backup plans. Backup policies are written in plaintext files and structured according to the JSON rules. You can attach a backup policy to any elements of your organization’s hierarchy such as AWS accounts or organizational unit (OU). The backup policy specifies the final backup plan settings that apply to an AWS account within the organization. To facilitate the inheritance of effective backup policy in our solution, we attach the backup policies to the Root OU using an AWS Lambda function. We also leverage tags to add AWS resources in each member account to the backup policies.
A successful deployment of this solution can help you perform automated backups using centralized backup policies across your organization. You can conduct on-demand restore operation across your member accounts.
AWS Backup policies define how you back up your resources using backup plans. Backup policies are written in plaintext files and structured according to the JSON rules. You can attach a backup policy to any elements of your organization’s hierarchy such as AWS accounts or organizational unit (OU). The backup policy specifies the final backup plan settings that apply to an AWS account within the organization. To facilitate the inheritance of effective backup policy in our solution, we attach the backup policies to the Root OU using an AWS Lambda function. We also leverage tags to add AWS resources in each member account to the backup policies.
A successful deployment of this solution can help you perform automated backups using centralized backup policies across your organization. You can conduct on-demand restore operation across your member accounts.
No comments:
Post a Comment