AWS Backup Vault
This page shows how to write Terraform and CloudFormation for AWS Backup Vault and write them securely.
aws_backup_vault (Terraform)
The Vault in AWS Backup can be configured in Terraform with the resource name aws_backup_vault
. The following sections describe 4 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_backup_vault" "daily" {
count = local.daily_backup_count
name = "daily"
tags = merge(var.tags, var.tags_vault)
}
resource "aws_backup_vault" "daily_cross_region" {
resource "aws_backup_vault" "jenkins_vault" {
provider = aws.use1
name = "jenkins_vault"
kms_key_arn = "arn:aws:kms:us-east-1:143269240300:key/cb211a28-db0b-4355-83f6-b824067811d5"
}
resource "aws_backup_vault" "usage" {
name = "aws_backup_vault"
}
resource "aws_backup_vault" "non_usage" {
name = "aws_backup_vault"
resource "aws_backup_vault" "usage" {
name = "aws_backup_vault"
}
resource "aws_backup_vault" "non_usage" {
name = "aws_backup_vault"
Parameters
-
arn
optional computed - string -
id
optional computed - string -
kms_key_arn
optional computed - string -
name
required - string -
recovery_points
optional computed - number -
tags
optional - map from string to string
Explanation in Terraform Registry
Provides an AWS Backup vault resource.
AWS::Backup::BackupVault (CloudFormation)
The BackupVault in Backup can be configured in CloudFormation with the resource name AWS::Backup::BackupVault
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: "AWS::Backup::BackupVault"
Properties:
BackupVaultName: "BackupVaultWithDailyBackups"
EncryptionKeyArn: !GetAtt KMSKey.Arn
BackupVaultWithWeeklyBackups:
Type: "AWS::Backup::BackupVault"
Properties:
BackupVaultName: "BackupVaultWithDailyBackups"
EncryptionKeyArn: !GetAtt KMSKey.Arn
BackupVaultWithWeeklyBackups:
Type: "AWS::Backup::BackupVault"
Properties:
BackupVaultName: "BackupVaultWithDailyBackups"
EncryptionKeyArn: !GetAtt KMSKey.Arn
BackupPlanWithDailyBackups:
Type: "AWS::Backup::BackupVault"
Properties:
BackupVaultName: "BackupVault-01"
AccessPolicy:
Version: '2012-10-17'
Statement:
Type: "AWS::Backup::BackupVault"
Properties:
BackupVaultName: "AurorabackupVault"
BackupPlan:
Type: "AWS::Backup::BackupPlan"
"Type": "AWS::Backup::BackupVault",
"Properties": {
"BackupVaultName": {
"Ref": "UniqueIdentifierParam"
},
"BackupVaultTags": {
"Type": "AWS::Backup::BackupVault",
"Properties": {
"BackupVaultName": {
"Ref": "UniqueIdentifierParam"
},
"BackupVaultTags": {
"Type" : "AWS::Backup::BackupVault",
"Properties" : {
"BackupVaultName": "0x4447_SFTP"
}
}
"ValueType": "AWS::Backup::BackupVault.BackupVaultName"
}
},
{
"op": "add",
"path": "/PropertyTypes/AWS::Backup::BackupSelection.BackupSelectionResourceType/Properties/IamRoleArn/Value",
"ValueType": "AWS::Backup::BackupVault.BackupVaultName"
}
},
{
"op": "add",
"path": "/PropertyTypes/AWS::Backup::BackupSelection.BackupSelectionResourceType/Properties/IamRoleArn/Value",
Parameters
-
AccessPolicy
optional - Json -
BackupVaultName
required - String -
BackupVaultTags
optional - Map -
EncryptionKeyArn
optional - String -
Notifications
optional - NotificationObjectType -
LockConfiguration
optional - LockConfigurationType
Explanation in CloudFormation Registry
Creates a logical container where backups are stored. A
CreateBackupVault
request includes a name, optionally one or more resource tags, an encryption key, and a request ID.Note Do not include sensitive data, such as passport numbers, in the name of a backup vault.
Frequently asked questions
What is AWS Backup Vault?
AWS Backup Vault is a resource for Backup of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Backup Vault?
For Terraform, the USSBA/terraform-aws-backup-plans, devopsbynaresh/alsac-raja-automation-jenkins and gilyas/infracost source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the mynameisakash/aws-service-catalog-reference-architectures, aws-samples/aws-service-catalog-reference-architectures and mobious999/Cloudformation source code examples are useful. See the CloudFormation Example section for further details.