本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# 带有的通知选项 AWS Backup
有两种方式可以接收有关 AWS Backup以下内容的通知:
+ 用户通知服务 可以发送通知(包括 Amazon CloudWatch 警报)和其他服务的通知。 AWS 支持
+ Amazon 简单通知服务可以将 AWS Backup 事件通知您。
## 用户通知服务 和 AWS Backup
AWS Backup 支持通过[用户通知服务 控制台](https://console.aws.amazon.com//notifications/home?notifications#/notifications)管理备份通知。通过 [用户通知服务](https://docs.aws.amazon.com/notifications/latest/userguide/getting-started.html),您可以从 User Notifications Notification Center 查看备份、复制和还原作业的进度,以及对备份策略、保管库、恢复点和设置的更改。
您可以通过控制台管理其他类型的通知,包括亚马逊、亚马逊 EventBridge 警报和 AWS 支持 案例更新。 CloudWatch此外,您还可以设置多个配送选项,包括电子邮件、聊天应用程序中的 Amazon Q Developer 通知和 AWS Console Mobile Application 推送通知。
## 亚马逊 SNS 和活动 AWS Backup
AWS Backup 利用了亚马逊简单通知服务 (Amazon SNS) Simple Notification Service 提供的强大通知。您可以将 Amazon SNS 配置为通过亚马逊 SNS 控制台向您通知 AWS Backup 事件。
**限制**
+ 虽然 Amazon SNS 服务允许跨账户通知, AWS Backup 但目前不支持此功能。您必须指定自己的 AWS 账户 ID 和主题的资源 ARN。
+ AWS Backup 支持 SNS 尽力删除重复数据的标准主题,但目前 AWS Backup 不支持用于严格重复数据删除的 SNS FIFO 主题。
### 常见使用案例
+ 按照[如何获取失败任务的通知?中的步骤设置失败的备份 AWS Backup 任务的通知](https://repost.aws/knowledge-center/aws-backup-failed-job-notification) 来自 AWS 高级支持。
+ 在下方的事件示例表中,查看已完成、失败和已过期的备份任务的 Amazon SNS 通知 JSONs 示例。
有关一般 Amazon SNS 的更多信息,请参阅《Amazon Simple Notification Service Developer Guide》**中的 [Getting Started with Amazon SNS](https://docs.aws.amazon.com/sns/latest/dg/sns-getting-started.html)。
### AWS Backup notification APIs
使用 Amazon SNS 控制台或 AWS Command Line Interface (AWS CLI) 创建主题后,您可以使用以下 AWS Backup API 操作来管理备份通知。
+ [DeleteBackupVaultNotifications](API_DeleteBackupVaultNotifications.md) - 删除有关指定备份保管库的事件通知。
+ [GetBackupVaultNotifications](API_GetBackupVaultNotifications.md) - 列出指定的备份保管库的所有事件通知。
+ [PutBackupVaultNotifications](API_PutBackupVaultNotifications.md) - 打开指定主题和事件的通知。
AWS Backup 支持以下事件:
| 作业类型 | 事件 |
| --- | --- |
| 备份作业 | BACKUP\$1JOB\$1STARTED \$1 BACKUP\$1JOB\$1COMPLETED \$1 CONTINUOUS\$1BACKUP\$1INTERRUPTED |
| 复制作业 | COPY\$1JOB\$1STARTED \$1 COPY\$1JOB\$1SUCCESSFUL \$1 COPY\$1JOB\$1FAILED |
| 还原作业 | RESTORE\$1JOB\$1STARTED \$1 RESTORE\$1JOB\$1COMPLETED |
| 恢复点 | RECOVERY\$1POINT\$1MODIFIED |
| 恢复点索引 | RECOVERY\$1POINT\$1INDEX\$1COMPLETED \$1 RECOVERY\$1POINT\$1INDEX\$1DELETED \$1 RECOVERY\$1POINT\$1INDEXING\$1FAILED |
AWS Backup for S3 支持另外两个事件:
+ `S3_BACKUP_OBJECT_FAILED` 会通知您在备份作业期间 AWS Backup 未能备份的任何 S3 对象。
+ `S3_RESTORE_OBJECT_FAILED` 会通知您在还原作业期间 AWS Backup 未能还原的任何 S3 对象。
AWS Backup for EKS 支持另外三个事件:
+ `EKS_BACKUP_OBJECT_FAILED`会通知您任何在备份作业期间 AWS Backup 未能备份的 EKS 对象。
+ `EKS_RESTORE_OBJECT_FAILED`会通知您在还原作业期间任何 AWS Backup 未能还原的 EKS 对象。
+ `EKS_RESTORE_OBJECT_SKIPPED`会通知您恢复作业期间 AWS Backup 跳过的任何 EKS 对象。
### 事件示例
**Example 示例:已完成的备份作业**
```
{
"Records": [{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
"Sns": {
"Type": "Notification",
"MessageId": "12345678-abcd-123a-def0-abcd1a234567",
"TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
"Subject": "Notification from AWS Backup",
"Message": "An AWS Backup job was completed successfully. Recovery point ARN: arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012d. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
"Timestamp": "2019-08-02T18:46:02.788Z",
...
"MessageAttributes": {
"EventType": {"Type":"String","Value":"BACKUP_JOB"},
"State": {"Type":"String","Value":"COMPLETED"},
"AccountId": {"Type":"String","Value":"123456789012"},
"Id": {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"},
"StartTime": {"Type":"String","Value":"2019-09-02T13:48:52.226Z"}
}
}
}]
}
```
**Example 示例:失败的备份作业**
```
{
"Records": [{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
"Sns": {
"Type": "Notification",
"MessageId": "12345678-abcd-123a-def0-abcd1a234567",
"TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
"Subject": "Notification from AWS Backup",
"Message": "An AWS Backup job failed. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
"Timestamp": "2019-08-02T18:46:02.788Z",
...
"MessageAttributes": {
"EventType": {"Type":"String","Value":"BACKUP_JOB"},
"State": {"Type":"String","Value":"FAILED"},
"AccountId": {"Type":"String","Value":"123456789012"},
"Id": {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"},
"StartTime": {"Type":"String","Value":"2019-09-02T13:48:52.226Z"}
}
}
}]
}
```
**Example 示例:在备份时段内未完成的备份作业**
```
{
"Records": [{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
"Sns": {
"Type": "Notification",
"MessageId": "12345678-abcd-123a-def0-abcd1a234567",
"TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
"Subject": "Notification from AWS Backup",
"Message": "An AWS Backup job failed to complete in time. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
"Timestamp": "2019-08-02T18:46:02.788Z",
...
"MessageAttributes" : {
"EventType" : {"Type":"String","Value":"BACKUP_JOB"},
"State" : {"Type":"String","Value":"EXPIRED"},
"AccountId" : {"Type":"String","Value":"123456789012"},
"Id" : {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"},
"StartTime" : {"Type":"String","Value":"2019-09-02T13:48:52.226Z"}
}
}
}]
}
```
**Example 示例:已完成的恢复点索引**
```
{
"Records": [{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
"Sns": {
"Type": "Notification",
"MessageId": "12345678-abcd-123a-def0-abcd1a234567",
"TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
"Subject": "Notification from AWS Backup",
"Message": "An AWS Backup backup index job was completed. Indexed recovery point arn: arn:aws:backup:us-west-2:1112233445566:recovery-point:abcd1234-5678-abcd-9012-abcdef123456",
"Timestamp": "2025-05-25T18:46:02.788Z",
...
"MessageAttributes" : {
"EventType" : {"Type":"String","Value":"RECOVERY_POINT_INDEXING_COMPLETED"},
"AccountId" : {"Type":"String","Value":"123456789012"},
"IndexStatus" : {"Type":"String","Value":"ACTIVE"},
"IsIndexingContinuous" : {"Type":"String","Value":"false"},
"RecoveryPointArn" : {"Type":"String","Value":"arn:aws:backup:us-west-2:1112233445566:recovery-point:abcd1234-5678-abcd-9012-abcdef123456"}
}
}
}]
}
```
**Example 示例:EKS 备份对象失败**
```
{
"Records": [{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
"Sns": {
"Type": "Notification",
"MessageId": "12345678-abcd-123a-def0-abcd1a234567",
"TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
"Subject": "Notification from AWS Backup",
"Message": "A Kubernetes resource failed to backup from your Amazon EKS Backup. Resource: example.resource.io/v1. EKS Cluster Name: eks-cluster-name. BackupJob ID: 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
"Timestamp": "2025-05-25T18:46:02.788Z",
...
"MessageAttributes" : {
"eventType" : {"Type":"String","Value":"EKS_BACKUP_OBJECT_FAILED"},
"backupJobId" : {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"},
"clusterName" : {"Type":"String","Value":"eks-cluster-name"},
"reason" : {"Type":"String","Value":"Example failure reason."},
"resourceName" : {"Type":"String","Value":"example.resource.io/v1"}
}
}
}]
}
```
**Example 示例:EKS 恢复对象失败**
```
{
"Records": [{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
"Sns": {
"Type": "Notification",
"MessageId": "12345678-abcd-123a-def0-abcd1a234567",
"TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
"Subject": "Notification from AWS Backup",
"Message": "A Kubernetes resource failed to restore from your Amazon EKS Backup. Resource: apiextensions.k8s.io/v1/customresourcedefinitions. Resource Name: exampleresource. Destination EKS Cluster Name: eks-restore-target-cluster-name. RestoreJob ID: 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
"Timestamp": "2025-05-25T18:46:02.788Z",
...
"MessageAttributes" : {
"eventType" : {"Type":"String","Value":"EKS_RESTORE_OBJECT_FAILED"},
"clusterName" : {"Type":"String","Value":"eks-restore-target-cluster-name"},
"parentRestoreJobId" : {"Type":"String","Value":"12345678-abcd-123a-def0-abcd1a234567"},
"reason" : {"Type":"String","Value":"Example failure reason."},
"resourceName" : {"Type":"String","Value":"exampleresourceio"},
"resourceType" : {"Type":"String","Value":"apiextensions.k8s.io/v1/customresourcedefinitions"},
"restoreJobId" : {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"}
}
}
}]
}
```
**Example 示例:跳过 EKS 还原对象**
```
{
"Records": [{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
"Sns": {
"Type": "Notification",
"MessageId": "12345678-abcd-123a-def0-abcd1a234567",
"TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
"Subject": "Notification from AWS Backup",
"Message": "A Kubernetes resource was skipped from restore from your Amazon EKS Backup. This Kubernetes resource already exists in your target EKS cluster. Resource: apiextensions.k8s.io/v1/customresourcedefinitions. Resource Name: exampleresource. Destination EKS Cluster Name: eks-restore-target-cluster-name. RestoreJob ID: 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
"Timestamp": "2025-05-25T18:46:02.788Z",
...
"MessageAttributes" : {
"eventType" : {"Type":"String","Value":"EKS_RESTORE_OBJECT_SKIPPED"},
"clusterName" : {"Type":"String","Value":"eks-restore-target-cluster-name"},
"parentRestoreJobId" : {"Type":"String","Value":"12345678-abcd-123a-def0-abcd1a234567"},
"reason" : {"Type":"String","Value":"Already exists."},
"resourceName" : {"Type":"String","Value":"exampleresource"},
"resourceType" : {"Type":"String","Value":"apiextensions.k8s.io/v1/customresourcedefinitions"},
"restoreJobId" : {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"}
}
}
}]
}
```
### AWS Backup 通知命令示例
您可以使用 AWS CLI 命令订阅、列出和删除与您的 AWS Backup 活动有关的 Amazon SNS 通知。
#### 放置备份保管库通知示例
以下命令订阅指定备份保管库的 Amazon SNS 主题,该主题将在启动或完成还原作业时或修改恢复点时通知您。
```
aws backup put-backup-vault-notifications
--backup-vault-name myBackupVault
--sns-topic-arn arn:aws:sns:region:account-id:myBackupTopic
--backup-vault-events RESTORE_JOB_STARTED RESTORE_JOB_COMPLETED RECOVERY_POINT_MODIFIED
```
#### 获取备份保管库通知示例
以下命令列出了当前订阅指定备份保管库的 Amazon SNS 主题的所有事件。
```
aws backup get-backup-vault-notifications
--backup-vault-name myVault
```
示例输出如下所示:
```
{
"SNSTopicArn": "arn:aws:sns:region:account-id:myBackupTopic",
"BackupVaultEvents": [
"RESTORE_JOB_STARTED",
"RESTORE_JOB_COMPLETED",
"RECOVERY_POINT_MODIFIED"
],
"BackupVaultName": "myVault",
"BackupVaultArn": "arn:aws:backup:region:account-id:backup-vault:myVault"
}
```
#### 删除备份保管库通知示例
以下命令取消订阅指定备份保管库的 Amazon SNS 主题。
```
aws backup delete-backup-vault-notifications
--backup-vault-name myVault
```
### 指定 AWS Backup 为服务主体
**注意**
AWS Backup 要允许代表您发布 SNS 主题,您必须指定 AWS Backup 为服务委托人。
在用于跟踪 AWS Backup 事件的 Amazon SNS 主题的访问策略中加入以下 JSON。您必须指定主题资源的 Amazon 资源名称(ARN)。
```
{
"Sid": "My-statement-id",
"Effect": "Allow",
"Principal": {
"Service": "backup.amazonaws.com"
},
"Action": "SNS:Publish",
"Resource": "arn:aws:sns:region:account-id:myTopic"
}
```
有关在 Amazon SNS 访问策略中指定服务主体的更多信息,请参阅《*亚马逊简单通知服务开发者*指南》中的 “[允许任何 AWS 资源向主题发布](https://docs.aws.amazon.com/sns/latest/dg/AccessPolicyLanguage_UseCases_Sns.html#AccessPolicyLanguage_UseCase4_Sns)”。
**注意**
如果您的主题已加密,则必须在策略中包含其他权限才能 AWS Backup 向其发布内容。有关启用服务发布到加密主题的更多信息,请参阅《*Amazon 简单通知服务开发者指南》*中的 “[启用来自 AWS 服务的事件源和加密主题之间的兼容性](https://docs.aws.amazon.com//sns/latest/dg/sns-key-management.html#sns-what-permissions-for-sse)”。