Elastic File System Should Be In Backup Plan
More Info:
This rule checks if Amazon Elastic File System (Amazon EFS) file systems are added in the backup plans of AWS Backup. The rule is NON_COMPLIANT if EFS file systems are not included in the backup plans.Risk Level
MediumAddress
ConfigurationCompliance Standards
CBP,SEBI,RBI_MD_ITF,RBI_UCBTriage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration of Elastic File System (EFS) not being included in the backup plan for AWS EC2 instances, you can follow these steps using the AWS Management Console:
-
Create an EFS Backup Plan:
- Go to the AWS Management Console and navigate to the AWS Backup service.
- Click on “Create backup plan” and provide a name for your backup plan.
- Select the resources you want to include in the backup plan, in this case, select the Elastic File System (EFS) that you want to backup.
- Configure the backup settings such as backup frequency, retention period, and backup window according to your requirements.
- Review and create the backup plan.
-
Associate EC2 Instances with the Backup Plan:
- Go to the AWS Backup service in the AWS Management Console.
- Click on “Protected resources” and then “Add resource”.
- Select the EC2 instances that are using the EFS that you want to backup.
- Associate these EC2 instances with the backup plan you created in the previous step.
-
Verify Backup Configuration:
- Once the backup plan is created and EC2 instances are associated with it, verify that the EFS is now included in the backup plan.
- Check the backup schedule and retention period to ensure that it meets your backup requirements.
Using CLI
Using CLI
To remediate the misconfiguration of Elastic File System (EFS) not being included in the backup plan for AWS EC2 instances using AWS CLI, you can follow these steps:
-
Create an EFS Backup Plan:
- Use the following AWS CLI command to create a backup plan for the EFS file system:
- In the above command, replace
MyBackupVaultwith the name of your existing backup vault.
- Use the following AWS CLI command to create a backup plan for the EFS file system:
-
Assign EFS to Backup Plan:
- Associate the EFS file system with the backup plan created in the previous step using the following AWS CLI command:
- Replace
<BackupPlanId>with the ID of the backup plan created in step 1 and<EFSFileSystemARN>with the ARN of the EFS file system that needs to be included in the backup plan.
- Associate the EFS file system with the backup plan created in the previous step using the following AWS CLI command:
-
Verify Backup Plan:
- Check the backup plan to ensure that the EFS file system is included in the backup schedule using the following AWS CLI command:
- Verify that the EFS file system is listed under the resources included in the backup plan.
- Check the backup plan to ensure that the EFS file system is included in the backup schedule using the following AWS CLI command:
Using Python
Using Python
To remediate the misconfiguration of Elastic File System not being included in the backup plan for AWS EC2 using Python, you can follow these steps:By following these steps, you can remediate the misconfiguration of not including the Elastic File System in the backup plan for AWS EC2 using Python.
- Import necessary libraries: First, you need to import the required Python libraries to interact with AWS services. You can use the
boto3library for this purpose.
- Initialize AWS client: Create an AWS client for the EC2 service using
boto3.
- Get EFS file system ID: Retrieve the EFS file system ID that needs to be included in the backup plan. You can either provide this ID as input or fetch it programmatically.
- Create a backup plan: Define a backup plan that includes the EFS file system for backup. You can specify the backup schedule, retention policy, etc., as per your requirements.
- Add EFS file system to the backup plan: Associate the EFS file system with the backup plan created in the previous step.
- Verify the backup plan: You can verify the backup plan settings and ensure that the EFS file system is included in the plan.