Ensure Amazon EFS has an AWS Backup backup plan
Error: Amazon EFS does not have an AWS Backup backup plan
Bridgecrew Policy ID: BC_AWS_GENERAL_48
Checkov Check ID: CKV2_AWS_18
Severity: LOW
Amazon EFS does not have an AWS Backup backup plan
Description
Ensure that Elastic File System (Amazon EFS) file systems are included in your backup plans for the AWS Backup.
Fix - Buildtime
Terraform
- Resource: aws_backup_plan, aws_backup_selection, aws_efs_file_system
- Argument: plan_id and resources of aws_backup_selection
resource "aws_backup_plan" "example" {
name = "tf_example_backup_plan"
rule {
rule_name = "tf_example_backup_rule"
target_vault_name = aws_backup_vault.test.name
schedule = "cron(0 12 * * ? *)"
}
advanced_backup_setting {
backup_options = {
WindowsVSS = "enabled"
}
resource_type = "EC2"
}
}
resource "aws_backup_selection" "ok_backup" {
iam_role_arn = aws_iam_role.example.arn
name = "tf_example_backup_selection"
plan_id = aws_backup_plan.example.id
resources = [
aws_db_instance.example.arn,
aws_ebs_volume.example.arn,
aws_efs_file_system.ok_efs.arn,
]
}
resource "aws_efs_file_system" "ok_efs" {
creation_token = "my-product"
tags = {
Name = "MyProduct"
}
}
Updated over 1 year ago