如何從備份中排除附加到 EC2 實例的某些 EBS 卷?
[英]How do I exclude certain EBS volumes attached to an EC2 instance from being backed up?
問題描述
我正在開發一個系統范圍的備份解決方案,以備份在 AWS Backup 環境中運行的所有 EC2 實例。 其中一些附加了似乎也與實例一起備份的 EBS 卷。 下面是我的 terraform 代碼,它允許每周拍攝快照:
resource "aws_backup_region_settings" "legacy" {
resource_type_opt_in_preference = {
"Aurora" = false
"DynamoDB" = false
"EFS" = false
"FSx" = false
"RDS" = false
"Storage Gateway" = false
"EBS" = true
"EC2" = true
"DocumentDB" = false
"Neptune" = false
"VirtualMachine" = false
}
}
resource "aws_backup_vault" "legacy" {
name = "Legacy${var.environment_tag}"
kms_key_arn = aws_kms_key.mgn.arn
tags = merge(
local.tags, {
"Name" = "Legacy${var.environment_tag}"
}
)
}
resource "aws_iam_role" "legacy_backup" {
name = "AWSBackupService"
permissions_boundary = data.aws_iam_policy.role_permissions_boundary.arn
assume_role_policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Action": ["sts:AssumeRole"],
"Effect": "allow",
"Principal": {
"Service": ["backup.amazonaws.com"]
}
}
]
}
POLICY
}
resource "aws_iam_role_policy_attachment" "legacy_backup" {
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup"
role = aws_iam_role.legacy_backup.name
}
###############################################################################
##
## Weekly Backups
##
###############################################################################
resource "aws_backup_plan" "weekly" {
name = "Legacy${var.environment_tag}Weekly"
rule {
enable_continuous_backup = false
rule_name = "Legacy${var.environment_tag}Weekly"
target_vault_name = aws_backup_vault.legacy.name
schedule = var.backup_plan_weekly_schedule
start_window = 60 # minutes
completion_window = 180 # minutes
lifecycle {
cold_storage_after = 30 # days
delete_after = 120 # days
}
copy_action {
destination_vault_arn = aws_backup_vault.legacy.arn
lifecycle {
cold_storage_after = 30 # days
delete_after = 120 # days
}
}
copy_action {
destination_vault_arn = aws_backup_vault.secondary.arn
lifecycle {
cold_storage_after = 30 # days
delete_after = 120 # days
}
}
}
advanced_backup_setting {
backup_options = {
WindowsVSS = "enabled"
}
resource_type = "EC2"
}
tags = merge(
local.tags, {
"Name" = "Legacy${var.environment_tag}Weekly"
}
)
}
resource "aws_backup_selection" "weekly" {
iam_role_arn = aws_iam_role.legacy_backup.arn
name = "Legacy${var.environment_tag}Weekly"
plan_id = aws_backup_plan.weekly.id
selection_tag {
type = "STRINGEQUALS"
key = "AWSBackup"
value = "weekly"
}
}
在 EC2 代碼中,我將使用“AWSBackup”和“Weekly”標記實例,這似乎工作正常 - 適用於所有實例和附加卷。 如果我不想備份其中一個 EBS 卷 - 有沒有辦法將其排除在備份之外?
1 個解決方案
解決方案1
0 已采納 2021-12-07 19:30:58
如何啟動EC2實例並使其得到實例支持而不支持EBS?
[英]How do I launch an EC2 instance and have it be instance-backed and not EBS-backed?
如果我丟失了 Amazon EC2 EBS 支持的實例的 SSH 密鑰該怎么辦?
[英]What to do if I lose my SSH key for an Amazon EC2 EBS backed instance?
是否可以將新的EC2實例附加到當前已附加到可訪問性檢查失敗的另一個EC2實例的EBS卷上?
[英]Can a new EC2 instance attach to EBS volumes that are currently attached to another EC2 instance that's failed in reachability check?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.