Skip to content

Terraform module for creating AWS Organization Backup Policies

License

Notifications You must be signed in to change notification settings

appvia/terraform-aws-backup

Appvia Banner

Terraform Registry Latest Release Slack Community Contributors

Github Actions

Terraform AWS Organizations Backup

Description

This module creates an AWS Organization Backup Policy consisting of one or more backup plans to be deployed to accounts within the specified Organizational Unit.

Usage

The following example creates a generalised backup policy targeting all compatible AWS Backup resources. Resources are matched if they have a tag with the key BackupPolicy and a value matching the plan name - in this case daily. This policy is applied to all accounts within the specified organizational unit and is run on a daily schedule starting at 3am.

module "basic" {
  source  = "appvia/backup/aws"
  version = "1.0.0"

  name                = "general-backup"
  organizational_unit = "ou-1tbg-wpzfzxb7"

  plans = [{
    name                    = "daily"
    schedule                = "cron(0 3 ? * * *)"
    start_window_minutes    = "60"
    complete_window_minutes = "300"
  }]
}

resource "aws_s3_bucket" "data_pending_processing" {
  bucket = "io-appvia-data-pending-processing"

  tags = {
    BackupPolicy = "daily"
  }
}

Update Documentation

The terraform-docs utility is used to generate this README. Follow the below steps to update:

  1. Make changes to the .terraform-docs.yml file
  2. Fetch the terraform-docs binary (https://terraform-docs.io/user-guide/installation/)
  3. Run terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .

Providers

Name Version
aws >= 5

Inputs

Name Description Type Default Required
name Name of the backup policy string n/a yes
plans List of plan definitions. Each definition defines a backup plan governing the frequency, destinations and retention settings.
list(object({
name = string
schedule = string
start_window_minutes = optional(number, 60)
complete_window_minutes = optional(number, 360)
backup_tag_name = optional(string, "BackupPolicy")
backup_role_name = optional(string, "lza-backup-service-linked-role")
vault_name = optional(string, "Default")

copy_backups = optional(list(object({
target_vault = string

lifecycle = optional(object({
cold_storage_after_days = optional(number)
delete_after_days = optional(number)
}))
})), [])

lifecycle = optional(object({
cold_storage_after_days = optional(number)
delete_after_days = optional(number)
}))
}))
n/a yes
deployment_targets The accounts or organizational unit to attach the backup policy to. list(string) [] no
regions List of regions where resources to be backed up are located list(string) [] no
tags Map of tags to apply to resources create by this module. These are also passed down to individual backups. map(string) {} no
vaults List of Backup Vaults to be created along with their lock configuration
list(object({
name = string
change_grace_days = optional(number)
min_retention_days = optional(number)
max_retention_days = optional(number)
}))
[] no

Outputs

No outputs.

About

Terraform module for creating AWS Organization Backup Policies

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •