AWS Backup not creating backups with AWS Organizations
I’m trying to set up AWS Backup with AWS Organizations and I’m having trouble getting the backups to be created. Here are the steps I’ve taken:
In AWS Organizations, I went to policies and enabled backup policies.
I created a backup policy with the following JSON:
{
"plans": {
"main-backup-plan-eu-central-1": {
"regions": {
"@@assign": [
"eu-central-1"
]
},
"rules": {
"main-backup-vault-eu-central-1": {
"schedule_expression": {
"@@assign": "cron(6 20/1 ? * * *)"
},
"start_backup_window_minutes": {
"@@assign": "60"
},
"complete_backup_window_minutes": {
"@@assign": "120"
},
"lifecycle": {
"delete_after_days": {
"@@assign": "14"
}
},
"target_backup_vault_name": {
"@@assign": "backup-vault"
}
}
},
"selections": {
"tags": {
"backup-assignment": {
"iam_role_arn": {
"@@assign": "arn:aws:iam::$account:role/cross-account-backup-role"
},
"tag_key": {
"@@assign": "bkp_schedule"
},
"tag_value": {
"@@assign": [
"hourly"
]
}
}
}
}
}
}
}
I set the target to my AWS dev account.
In the dev account, I created a backup vault and an IAM role named cross-account-backup-role with the AWSBackupServiceRolePolicyForBackup and AWSBackupServiceRolePolicyForRestores policies attached.
Then i added the tag to an EC2.
Despite these steps, the backup plan is running but no backups are being created. The resources I want to back up have the bkp_schedule tag with the value hourly.
Does anyone know what might be causing this issue or how I can troubleshoot it further?
The problem was because of vault name. The name in the account was backup_vault instead of backup-vault.
- How to pass multi value query string parameter to lambda on api gateway?
- AWS Cognito - User pool xxxx does not exist
- AWS: Problem accessing metadata tags from within EC2
- How to restrict AWS Cognito users from taking certain actions?
- Is the object URL in s3 only for public access?
- Allocate configuration for the cluster in ECS, where each instance receives a unique value
- Lambda authorizer response using async/await in Node.js
- What is the difference between using a load balancer and a NAT Gateway on AWS?
- How to properly replace resource in Terraform
- AWS InvalidSignatureException, Signature expired when running from docker container
- Signature expired: is now earlier than error : InvalidSignatureException
- SQL Error [1114] [HY000]: The table '/rdsdbdata/tmp/#sql161_17a011_a' is full
- How to Automate Redshift Cluster Start/Stop for night time?
- ActiveRecord::StatementInvalid: PG::InsufficientPrivilege: ERROR: permission denied for relation schema_migrations
- Moving RedShift Query to Sub Query Causes Problem
- AWS S3 filter by tags. search by tags
- How do I set the name of the default profile in AWS CLI?
- AWS CodeCommit with git-remote-codecommit
- What languages are Amazon's AWS Management Console written?
- How can I use multible terraform tf files in one jenkins script?
- I can't delete my VPC
- 1 subdomain doesn't support HSTS
- Missing NVMe SSD in AWS Kubernetes
- How to resolve the 'Application Error: A Server-Side Exception Has Occurred' while deploying a Next.js website on Amplify?
- How do I run the config command on aws elasticache (redis)
- AWS Elastic Beanstalk + Laravel, Nginx Configuration
- rsyslogd using 100% CPU Utilization on all RHEL EC2 Instances
- How to upload local files to S3 quickly?
- How to update lambda@edge ARN in cloudfront distribution using CLI
- How to pass API Gateway authorizer context to a HTTP integration