FAQ Flashcards
What is AWS Backup?
A fully managed service that enables you to centralize and automate data protection across on-premises and AWS services.
How does AWS Backup work?
Allows you to define a central data protection policy (called a backup plan) that works across AWS services for compute, storage, and databases.
Why should I use AWS Backup?
Protecting your data is an important step towards ensuring that you meet your business and regulatory compliance requirements.
What are the key features of AWS Backup?
AWS Backup provides a centralized console, automated backup scheduling, backup retention management, and backup monitoring and alerting.
What can I back up using AWS Backup?
Amazon Elastic Block Store (EBS) volumes,
Amazon Elastic Compute Cloud (EC2) instances (including Windows applications),
Amazon Relational Database Service (RDS) databases (including Amazon Aurora clusters),
Amazon DynamoDB tables,
Amazon Elastic File System (EFS) file systems,
Amazon FSx for Windows File Server file systems,
Amazon FSx for Lustre file systems,
Amazon Neptune databases,
Amazon DocumentDB (with MongoDB compatibility) databases,
AWS Storage Gateway volumes,
Amazon Simple Storage Service (S3).
Can I use AWS Backup to back up on-premises data?
Yes, you can use AWS Backup to back up your on-premises Storage Gateway volumes and VMware virtual machines, providing a common way to manage the backups of your application data both on premises and on AWS.
Can I use AWS Backup to access backups created by services with existing backup capabilities?
Yes. Backups created using services with existing backup capabilities, such as EBS Snapshots, can be accessed using AWS Backup.
How does AWS Backup work with other AWS services that have backup capabilities?
All existing per-service backup capabilities remain unchanged. AWS Backup provides a common way to manage backups across AWS services both on AWS and on premises.
How does AWS Backup relate to Amazon Data Lifecycle Manager and when should I use one over the other?
DLM provides a simple way to manage the lifecycle of EBS resources, such as volume snapshots. You should use DLM when you want to automate the creation, retention, and deletion of EBS Snapshots.
You should use AWS Backup to manage and monitor backups across the AWS services you use, including EBS volumes, from a single place.
What is a recovery point?
A recovery point represents the content of a resource at a specified time.
What is a backup plan?
A backup plan is a policy expression that defines when and how you want to back up your AWS resources, such as DynamoDB tables or EFS file systems.
What is a backup vault?
A backup vault (or backup storage vault) is an encrypted storage location in your AWS account that stores and organizes your backups (recovery points).
How does the AWS Backup lifecycle feature work?
The AWS Backup lifecycle feature allows you to automatically transition your recovery points from a warm storage tier to a lower-cost cold storage tier.
How does encryption work in AWS Backup?
Backups for Amazon EFS, Amazon DynamoDB, Amazon S3, and VMware virtual machines are encrypted in transit and at rest independently from the source services, giving your backups an additional layer of protection.
How do I use access policies in a backup vault to control access to backups?
AWS Backup allows you to set resource-based policies on backup vaults, enabling you to control access to the backup vault and the backups in it.
What services provide support for AWS Backup advanced features?
Services that have backup functionality built on AWS Backup support additional backup features, such as lifecycle tiering of backups to a low-cost storage tier, backup storage and encryption that is independent from its source data, and backup access policies.
What is AWS Backup Audit Manager?
AWS Backup Audit Manager allows you to audit and report on the compliance of your data protection policies to help you meet your business and regulatory needs.
Why should I use AWS Backup Audit Manager?
You should use AWS Backup Audit Manager if you want to verify that the workloads that you create in (or migrate to) AWS meet your data protection requirements.
How can I use AWS Backup Audit Manager?
You can use AWS Backup Audit Manager via the AWS Management Console, CLI, API, or SDK. AWS Backup Audit Manager provides built-in compliance controls and allows you to customize these controls to define your data protection policies.
What is a Backup Audit Manager control and framework?
An AWS Backup Audit Manager control is a procedure designed to audit the compliance of a backup requirement, such as backup frequency or backup retention period.
How does a Backup Audit Manager control work?
An AWS Backup Audit Manager control evaluates the configuration of your backup resources against your defined configuration settings.
How can I view the compliance results of my Backup Audit Manager controls and frameworks?
On the AWS Backup console, you can navigate to the Backup Audit Manager Frameworks section and click on the framework name to view the compliance status of your framework and controls.
What kind of reports can I create in Backup Audit Manager?
You can create reports related to your AWS Backup activity. These reports help you get details of your backup, copy, and restore jobs.
How does AWS Backup Audit Manager work with other AWS services?
AWS Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.
Which compliance programs does AWS Backup support?
AWS has the longest-running compliance program in the cloud and is committed to helping customers navigate their requirements.
Is AWS Backup PCI compliant?
Yes. AWS Backup is PCI-DSS compliant, which means you can use it to transfer payment information.
Is AWS Backup HIPAA eligible?
Yes. AWS Backup is HIPAA eligible, which means if you have a HIPAA BAA in place with AWS, you can use AWS Backup to transfer protected health information (PHI).
What is AWS Backup Vault Lock?
AWS Backup Vault Lock is a feature that enables you to prevent changes to backup lifecycle as well as prevent manual deletion of backups, helping you meet your compliance requirements.
Why should I use AWS Backup Vault Lock?
You should use AWS Backup Vault Lock to ensure that no user, including administrators or perpetrators of malicious actions, can delete your backups or change their lifecycle settings such as retention periods and transition to cold storage.
How does AWS Backup Vault Lock differ from Amazon S3 Glacier Vault Lock?
While AWS Backup Vault Lock applies to data residing in your AWS Backup backup vault, Amazon S3 Glacier Vault Lock applies to an individual Amazon S3 Glacier Vault.
How does AWS Backup Vault Lock work?
AWS Backup Vault Lock is an optional configuration at the AWS Backup vault level and comprises three properties: minimum acceptable retention days, maximum acceptable retention days, and a cooling-off period. It blocks backup deletion operations and changes to their lifecycle.
How does AWS Backup for Amazon S3 work?
AWS Backup allows you to define a central backup policy to manage backup and restore for your application across AWS services for compute, storage, and database services.
How are these capabilities different from what Amazon S3 provides?
Both AWS Backup and Amazon S3 offer capabilities that help you manage the business continuity of your applications.
Can I use an existing backup plan in AWS Backup to start backing up Amazon S3?
Yes, if you already have a backup plan for your application and you want to use the same backup plan for S3, simply add your S3 resources to the existing backup plan using tags or S3 bucket ARNs.
What backup options are available in AWS Backup for Amazon S3?
You have two backup options available for S3 resources in AWS Backup: continuous and periodic. Continuous backups allow you to restore S3 resources to any point in time within the last 35 days.
Are there any prerequisites to creating backups of S3 buckets?
Yes, turning on S3 Versioning is a prerequisite to creating backups of S3 buckets and objects.
How does AWS Backup help with VMware data protection?
AWS Backup extends its in-cloud, fully managed service capabilities to your VMware environment, helping you provide a unified view of backups across your AWS and on-premises AWS environments.
How does AWS Backup support for VMware work?
AWS Backup connects to VMware workloads using AWS Backup gateway, which you’ll deploy in your VMware environment.
Which VMware versions and features do you support using AWS Backup?
AWS Backup supports VMware ESXi 6.7.X, and 7.0.X VMs running on NFS, VMFS, and VSAN datastores on premises, in VMware CloudTM on AWS, and on VMware CloudTM on AWS Outposts.