Cross-Account Cross-Region Backups for Disaster Recovery
OBJECTIVE :
The objective of this blog is to outline the process of creating backups in source accounts and securely storing the copy of backups in backup accounts for disaster recovery and data protection purposes. By implementing cross-account backups, we aim to ensure that in the event of any disaster, account deletion, or resource deletion, the backups in the designated backup account will be available. The backup account will have limited access, restricted to authorized individuals, to maintain data security and confidentiality.
OVERVIEW :
In this backup strategy, we have two types: automated backups utilizing the AWS Backup service and native backups implemented through Python scripts running in AWS Lambda. These backups are scheduled to run daily using AWS Event Bridge and are stored in an Amazon S3 bucket. The below table represents the types of backups and the AWS services they cover.
PROCEDURE :
STEP: 1 Create backup vaults in AWS backup account and source accounts.
- Do not use the default backup vault and default KMS key to encrypt the data.
