fbpx
Search
Close this search box.

A Complete Overview of AWS Backup

overview of AWS Backup
Get an in-depth overview of AWS Backup, including its principal features and limitations, how it works, how it’s priced, and key use cases.
Share This Post

The first article in this series examined the importance of data backups and touched upon both AWS Backup, its basic features and limitations, and other backup solutions that may be more appropriate for fine tuning your backup management and for environments that are scaling, like N2WS Backup & Recovery. Because having backups of your critical data ensures business continuity, finding the tool that suits your needs is very important. This blog post will provide an in-depth look and an overview of AWS Backup, covering its principal features and limitations, how it works, how it’s priced, and some of its use cases.

A complete feature overview of AWS Backup

As was discussed in the previous article in this series, AWS Backup is an AWS service designed to provide a centralized location for automating data backups.

At the time of publication, AWS Backup works with a limited number of specific services. It can be used to back up your EBS volumes (block storage used by various AWS instances), RDS databases (Amazon’s relational database offering), DynamoDB tables (a key-value and document database), EFS file systems (a fully managed network shared storage), and Storage Gateway volumes (a hybrid cloud storage service designed to work with on-premises resources). Amazon EC2, Amazon VPC, Amazon Aurora and Amazon Redshift are still not supported with AWS Backup and therefore other solutions in order to automate your EC2 backups would need to be implemented .

AWS Backup uses backup policies, known as “backup plans,” which help you to define the various requirements that can be applied to your AWS resources. You can, for example, create a backup plan to ensure a daily, weekly, monthly, 12-hour, or even custom (created in cron format) backup schedule. You can then run that schedule using the recommended default backup window or a custom one that you prefer. 

When you choose your backup plan, you can also establish a lifecycle for your backups. They can be sent to cold storage (this option is currently only available for EFS file systems) or expired completely. These options allow you to reduce the cost of storing backups.

Your backup plan can be created from scratch by choosing one of the options mentioned above. Alternately, you can start with an existing plan and pick a premade template that suits you, such as a daily backup with a 35-day retention period or a monthly backup with a one-year retention period.

You can also define a plan from scratch using JSON. This can be used when you want to create a new plan based upon an already-existing one or when you want to share plans with your other AWS accounts.

AWS Backup only creates a complete copy of your data the first time the backup is initiated. Every subsequent backup is incremental, meaning that only the changes being made to your AWS resources will be backed up.

Assigning Resources

After you create a backup plan, you need to assign the desired resources that will be backed up. You can do this either by choosing a resource ID—the best option to select if you don’t have too many resources to add—or by specifying tags. AWS Tag-based resource selection allows you to easily create backups while also maintaining logical segmentation. Each group can have its own backup plan. For example, the EBS volumes that need daily backups can be tagged one way and added to a backup plan that will make sure they are backed up every day at a specific time. You can tag your RDS instances with a different tag and add them to another backup plan—maybe one that will back them up hourly. Finally, you can assign a tag to your EFS file system that ensures weekly backups.

AWS Backup Vaults

All data backups created by the AWS Backup service are stored in vaults, which are containers that help you organize your backups. By default, the available vault will be the one named “default;” however, you can create multiple vaults if you want to have a logical separation of resources. These vaults use AWS KMS (Key Management Service) to both encrypt your backups and provide access control for the backups stored within the vault. If your business requires multiple KMS keys to be used, you can have a different one for each of your vaults.

For compliance purposes, AWS Backup encrypts your data backups both in transit and at rest.

Hybrid Cloud Use Cases

AWS Backup is most commonly used for backing up and restoring your AWS cloud resources, but it can also be used for your on-premises resources. Its integration with AWS Storage Gateway (a hybrid cloud storage service) allows you to back up the data stored within your Storage Gateway volumes. These volumes can later be restored both on-premises and in the cloud since they are compatible with EBS volumes.

Current limitations

AWS Backup has its limitations. Most importantly, it focuses on basic backup automation but is not designed to simplify recovery nor does it address disaster recovery, granular recovery or recovery orchestration and drills.

No one-click Restore: Automation of restore operations using AWS Backup must be done programmatically using API operations. Alternatively, N2WS provides easy and near-instant one-click recovery without any need for scripts.

No Granular Recovery: With AWS Backup, recovery is all or nothing. It brings back entire servers with no ability to bring back a file/folder. Not only can N2WS drill into a backup and recovery file/folder, you can search through multiple generations to backups to locate specific files. No need to pre-plan or pre-index the categorization of backups. N2WS automatically provides drill-down access.

No Disaster Recovery: AWS Backup allows users to manually copy snapshots to another region but there are no recovery options available. There is no cross-account disaster recovery. Many companies today run multiple AWS accounts as a part of AWS Organizations, so the lack of cross-account backup will be a significant limitation for them. Cross-account disaster recovery is an essential part of any DR plan which protects against your AWS account being compromised whether that be due to ransomware, an internal malicious attack or human error.

N2WS provides full support for cross-region and cross-account disaster recovery. For example, users can fully recover an EC2 instance in another region or account in 30 seconds or less – lowering their RTO (Recovery Time Objective).

No Network Restore: Another key feature missing is the inability to clone and capture Amazon VPC, which is essential in ensuring high availability of your entire AWS infrastructure. N2WS Backup & Recovery, on the other hand, provides this feature guaranteeing that you can very quickly and completely recover your infrastructure in the event of an outage or failure in mere minutes.

No Recovery Scenarios: AWS Backup has no Recovery Scenarios or DR Drill capability (without scripting) and no ability to automate DR drills or customize restore. N2WS allows in-depth orchestration of a complete DR failover, can make changes to the resource you want to restore within Recovery Scenarios, prioritize the order of recovery and schedule DR drills.

No Archiving: AWS Backup does not allow archiving of EBS backups into affordable S3 tiering (with the exception of support for EFS). N2WS Backup and Recovery has the ability archive data into real, true S3 buckets and can be tiered into ANY S3 tier. ZERO EBS snapshot option even allows archival backups without the need for ANY AWS snapshots! Storage cost savings using N2WS can be as high as 98%.

Other standout limitations include and are not limited to :

  • the inability to see which of your resources are protected/unprotected
  • limited search function (must know the volume ID in order to search for your resources)
  • no single pane of glass – all management is done on an account-by-account basis without ability to manage multiple accounts (especially important for MSPs who are managing independent users and clients)
  • no reporting, daily summaries and alerts in case something goes wrong which are particularly important for audits
  • lack of knowledge of exact backup time (backups will be performed within a window of time)
  • no support for automatic cold tier/long-term storage (i.e. copying EBS snapshots to Amazon S3 or Amazon Glacier)
  • service limits with each account being restricted to 100 backup vaults and 100 backup plans.
  • when running backup jobs, only one concurrent job per resource can be run.
  • limited support for disaster recovery drills
  • inability to keep backup logs without keeping the backups themselves
  • no support for resource control so user cannot schedule the start/stop of their instances in order to optimize and minimize resource spend
  • no support for file or folder level recovery
  • major limitations with tag management – it’s not possible to have more than 50 tags on a resource, although this number is generally enough for most use cases.
  • no support for Amazon S3 bucket replication in other accounts/regions
  • no support for application consistency as it is in most cases highly important to guarantee that the application is brought to quiescence prior to the backup copy operation
  • no 24/7 free support. Customers generally have to wait until business hours and it may take days for a ticket to be responded to. This is a big risk to take when minutes of downtime cost companies millions of dollars, customer distrust and the potential to even completely go out of business.
The easier way to recover cloud workloads
Try N2WS Backup & Recovery to:

There are other methods for ensuring granular and more reliable backup management and it is important to explore and test out other options to see which tool covers your specific bases. AWS customers do find that the current limitations are preventing them from backing up their production environment using AWS Backup. N2WS Backup & Recovery has a 30-day free trial edition which is fully functional and incorporates all of the above missing AWS Backup features as well as other key Enterprise level features. In addition, the product is launched as an AMI giving you complete control of your AWS environment, all under one easy to use console.

Pricing

AWS Backup is priced for the backup storage being used (making incremental backups very handy) and for the data being restored.

Backing up EBS volumes costs $0.05 per GB per month, and restoring that data is free. RDS database backups and AWS Storage Gateway Volumes are both priced at $0.095 per GB per month, and restores are also free. DynamoDB tables are backed up at $0.10 per GB per month. Restoring them will cost you $0.15 per GB of data. Backing up an EFS file system costs $0.05 per GB ($0.01 if you decide to opt for cold storage), and restoring it costs $0.02 per GB ($0.03 per GB from cold storage).

AWS Backup API

An application program interface (commonly known as an API) is an intermediary that allows applications to communicate with one another. APIs are useful when you or your application needs to access some functionalities. AWS provides APIs for many of its services, and AWS Backup is no exception. 

The AWS Backup API allows you use AWS CLI or SDKs (Software Development Kits) for processes like automation, for example, so that you don’t have to do them via a web UI. The AWS Backup API offers functionalities such as creating backup plans, creating vaults, listing tags, and starting backups or restores. For a full list of these features, check out the AWS documentation.

AWS Backup: a centralized place for managing backups

This overview of AWS Backup ran through the service’s capabilities and limitations, of which we will delve deeper in future blog posts. We’ll be providing detailed how-to guides for using all of the capabilities described in this overview of AWS Backup as well as some specific use cases. Our next blog post will describe in detail how to do a backup and a restore of your AWS cloud resources.

Next step

The easier way to recover cloud workloads

Allowed us to save over $1 million in the management of AWS EBS snapshots...

N2WS vs AWS Backup

Why chose N2WS over AWS Backup? Find out the critical differences here.

N2WS in comparison to AWS Backup, offers a single console to manage backups across accounts or clouds. Here is a stylized screenshot of the N2WS dashboard.