Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
Tetapkan AWS Backup sumber daya melalui AWS CloudFormation
end-to-end AWS CloudFormation Template ini membuat penetapan sumber daya, rencana cadangan, dan brankas cadangan tujuan:
-
Sebuah brankas cadangan bernama
CloudFormationTestBackupVault. -
Rencana cadangan bernama
CloudFormationTestBackupPlan. Rencana ini akan menjalankan dua berisi dua aturan cadangan, yang keduanya mengambil cadangan setiap hari pada jam 12 siang UTC dan menyimpannya selama 210 hari. -
Sebuah pilihan sumber daya bernama
BackupSelectionName. -
-
Penugasan sumber daya mencadangkan sumber daya berikut:
-
Sumber daya apa pun yang ditandai dengan pasangan kunci-nilai.
backupplan:dsi-sandbox-daily -
Setiap sumber daya yang ditandai dengan nilai
prodatau nilai yang dimulai denganprod/.
-
-
Penugasan sumber daya tidak mencadangkan sumber daya berikut:
-
Kluster apa sajaRDS, Aurora, Neptunus, atau DocumentDB.
-
Setiap sumber daya yang ditandai dengan nilai
testatau nilai yang dimulai dengantest/.
-
-
Description: "Template that creates Backup Selection and its dependencies" Parameters: BackupVaultName: Type: String Default: "CloudFormationTestBackupVault" BackupPlanName: Type: String Default: "CloudFormationTestBackupPlan" BackupSelectionName: Type: String Default: "CloudFormationTestBackupSelection" BackupPlanTagValue: Type: String Default: "test-value-1" RuleName1: Type: String Default: "TestRule1" RuleName2: Type: String Default: "TestRule2" ScheduleExpression: Type: String Default: "cron(0 12 * * ? *)" StartWindowMinutes: Type: Number Default: 60 CompletionWindowMinutes: Type: Number Default: 120 RecoveryPointTagValue: Type: String Default: "test-recovery-point-value" MoveToColdStorageAfterDays: Type: Number Default: 120 DeleteAfterDays: Type: Number Default: 210 Resources: CloudFormationTestBackupVault: Type: "AWS::Backup::BackupVault" Properties: BackupVaultName: !Ref BackupVaultName BasicBackupPlan: Type: "AWS::Backup::BackupPlan" Properties: BackupPlan: BackupPlanName: !Ref BackupPlanName BackupPlanRule: - RuleName: !Ref RuleName1 TargetBackupVault: !Ref BackupVaultName ScheduleExpression: !Ref ScheduleExpression StartWindowMinutes: !Ref StartWindowMinutes CompletionWindowMinutes: !Ref CompletionWindowMinutes RecoveryPointTags: test-recovery-point-key-1: !Ref RecoveryPointTagValue Lifecycle: MoveToColdStorageAfterDays: !Ref MoveToColdStorageAfterDays DeleteAfterDays: !Ref DeleteAfterDays - RuleName: !Ref RuleName2 TargetBackupVault: !Ref BackupVaultName ScheduleExpression: !Ref ScheduleExpression StartWindowMinutes: !Ref StartWindowMinutes CompletionWindowMinutes: !Ref CompletionWindowMinutes RecoveryPointTags: test-recovery-point-key-1: !Ref RecoveryPointTagValue Lifecycle: MoveToColdStorageAfterDays: !Ref MoveToColdStorageAfterDays DeleteAfterDays: !Ref DeleteAfterDays BackupPlanTags: test-key-1: !Ref BackupPlanTagValue DependsOn: CloudFormationTestBackupVault TestRole: Type: "AWS::IAM::Role" Properties: AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Principal: Service: - "backup.amazonaws.com" Action: - "sts:AssumeRole" ManagedPolicyArns: - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSBackupServiceRolePolicyForBackup" BasicBackupSelection: Type: 'AWS::Backup::BackupSelection' Properties: BackupPlanId: !Ref BasicBackupPlan BackupSelection: SelectionName: !Ref BackupSelectionName IamRoleArn: !GetAtt TestRole.Arn ListOfTags: - ConditionType: STRINGEQUALS ConditionKey: backupplan ConditionValue: dsi-sandbox-daily NotResources: - 'arn:aws:rds:*:*:cluster:*' Conditions: StringEquals: - ConditionKey: 'aws:ResourceTag/path' ConditionValue: prod StringNotEquals: - ConditionKey: 'aws:ResourceTag/path' ConditionValue: test StringLike: - ConditionKey: 'aws:ResourceTag/path' ConditionValue: prod/* StringNotLike: - ConditionKey: 'aws:ResourceTag/path' ConditionValue: test/*
