AWS backup Terraform Module
Terraform module to provision AWS Backup Resources.
Usage
Simple setup
Create a simple Backup Vault with default configurations.
module "backup_vault" {
source = "app.terraform.io/ncodelibrary/backup/aws"
version = "0.1.1"
identifier = "example"
create_backup_policy = true
backup_vault_policy = <<POLICY
{
"Version": "2012-10-17",
"Id": "default",
"Statement": [
{
"Sid": "default",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"backup:DescribeBackupVault",
"backup:DeleteBackupVault",
"backup:PutBackupVaultAccessPolicy",
"backup:DeleteBackupVaultAccessPolicy",
"backup:GetBackupVaultAccessPolicy",
"backup:StartBackupJob",
"backup:GetBackupVaultNotifications",
"backup:PutBackupVaultNotifications"
],
"Resource": "${module.backup_vault.output.vault.arn}"
}
]
}
POLICY
tags = {
Owner = "sysops"
env = "dev"
Cost_Center = "XYZ"
}
}
For more details on a working example, please visit examples/simple
Advanced Setup
If you want to create an advanced configuration with Backup Vault, plan and selection of resources, you can use the module like this:
module "backup_vault" {
source = "app.terraform.io/ncodelibrary/backup/aws"
version = "0.1.1"
identifier = "example"
create_backup_policy = true
backup_vault_policy = <<POLICY
{
"Version": "2012-10-17",
"Id": "default",
"Statement": [
{
"Sid": "default",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"backup:DescribeBackupVault",
"backup:DeleteBackupVault",
"backup:PutBackupVaultAccessPolicy",
"backup:DeleteBackupVaultAccessPolicy",
"backup:GetBackupVaultAccessPolicy",
"backup:StartBackupJob",
"backup:GetBackupVaultNotifications",
"backup:PutBackupVaultNotifications"
],
"Resource": "${module.backup_vault.output.vault.arn}"
}
]
}
POLICY
tags = {
Owner = "sysops"
env = "dev"
Cost_Center = "XYZ"
}
}
module "backup_plan" {
source = "app.terraform.io/ncodelibrary/backup/aws//modules/backup-plan?ref=v0.1.0"
version = "0.1.1"
identifier = "example"
target_vault_name = module.backup_vault.output.vault.id
tags = {
Owner = "sysops"
env = "dev"
Cost_Center = "XYZ"
}
}
module "backup_selection" {
source = "app.terraform.io/ncodelibrary/backup/aws//modules/backup-selection?ref=v0.1.0"
version = "0.1.1"
identifier = "example"
plan_id = module.backup_plan.output.plan.id
iam_role_arn = "arn:aws:iam::XXXXXXXXXXX:role/example-backup-role-default"
resources = []
selection_tags = [{
type = "STRINGEQUALS"
key = "Name"
value = "example"
}
]
}
For more options refer to a working example at examples/advanced
Examples
Here are some working examples of using this module:
Requirements
No requirements.
Providers
| Name | Version |
|---|---|
| aws | n/a |
Modules
No Modules.
Resources
| Name |
|---|
| aws_backup_vault |
| aws_backup_vault_policy |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| append_workspace | Appends the terraform workspace at the end of resource names, |
bool |
true |
no |
| backup_vault_policy | The backup vault access policy document in JSON format | string |
"" |
no |
| create_backup_policy | Specify whether to create a backup policy or not | bool |
false |
no |
| identifier | Identifier for all the resource | string |
"" |
no |
| kms_key_arn | The server-side encryption key that is used to protect your backups | string |
null |
no |
| tags | Tags to be applied to the resource | map |
{} |
no |
Outputs
| Name | Description |
|---|---|
| output | n/a |
Contributing
If you want to contribute to this repository check all the guidelines specified here before submitting a new PR.
Authors
Module managed by nClouds.