AWS Backup

AWS Backup Cheat Sheet

  • A service that enables you to centralize and automate data protection across AWS services and hybrid workloads.


  • Backup plan

    • A policy expression that determines when and how you want your AWS resources backed up.

    • Stores periodic backups incrementally.

    • A backup plan can be created using the AWS Backup console, API, CLI, SDK, or an AWS CloudFormation template.

    • Backup plans can be assigned the following:

      • Resource type – every instance or resource.

      • Resource – a single instance of a resource type.

    • Supports multiple backup plans for workloads with different backup requirements.

    • To delete a backup plan, you must first delete all resources associated with it.

    • When you change the retention period in a backup rule, the retention period of backups created before the update remains unchanged.

  • Tutorials dojo strip
  • Backup vault

    • A container to store and organize your backups.

    • You can just create multiple backup vaults if you need different encryption keys or access policies for different groups of backups.

    • To encrypt the backups placed in the vault, you will need to use an AWS KMS encryption key.

    • AWS Backup Vault Lock allows you to enforce retention periods and prevent early deletions.

    • You cannot delete the following backup vaults:

      • AWS Backup default backup vault.

      • Amazon EFS automatic backup vault.

  • Backup

    • The backup or recovery point is the content of a resource at a specific time.

    • Recovery points are stored in backup vaults.

    • A backup can be restored using the AWS Backup console or API.

    • Backups can be created:

      • Automatically with backup plans.

      • Manually by initiating an on-demand backup.

    • You can create backup copies across:

      • AWS Regions

      • AWS accounts

    • You can configure lifecycle policies and add tags to a backup.

  • AWS Backup Audit Manager

    • Audit Frameworks

      • A framework is a set of controls that allows you to assess your backup practices.

      • Find backup activity and resources that aren’t yet in compliance with the controls you’ve set up.

      • Each framework applies to a single account and a maximum of 10 per AWS Region.

      • Frameworks are classified into two types:

        • AWS Backup framework

        • Custom framework

    • Audit Reports

      • Automatically generate an audit trail of daily and on-demand reports.

      • You must create a report plan from a report template to create daily or on-demand reports.

        • Backup report templates

        • Compliance report templates

      • Reports can only be in the same region and account as the S3 bucket.

      • Each AWS account can only have a maximum of 20 report plans.

AWS Backup Monitoring

  • AWS Organizations manage and monitor backup, restore, and copy jobs across multiple AWS accounts.

  • Amazon EventBridge to view and monitor AWS Backup events.

  • AWS CloudWatch to track metrics, create alarms, and view dashboards.

  • AWS CloudTrail to monitor AWS Backup API calls.

  • Amazon SNS to subscribe and notify you of AWS Backup events.

AWS Backup Pricing

  • You are charged for the following:

    • Amount of backup storage you use.

    • Amount of backup data that has been transferred between AWS Regions.

    • Amount of backup data you restore.

    • Number of backup evaluations.

AWS Backup Cheat Sheet References:

Tutorials Dojo portal

FREE AWS Exam Readiness Digital Courses

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?