Ensure Amazon EFS has an AWS Backup backup plan
Error: Amazon EFS does not have an AWS Backup backup plan
Bridgecrew Policy ID: BC_AWS_GENERAL_48
Checkov Check ID: CKV2_AWS_18
Severity: LOW
Amazon EFS does not have an AWS Backup backup plan
Description
Ensure that Amazon Elastic File Systems (EFS) are included in your backup plans for the AWS Backup. AWS Backup is a fully managed backup service that helps you protect your data in the cloud by automatically backing up your data to a secure, durable storage location. By creating a backup plan, you can ensure that your data is regularly backed up and can be recovered in the event of data loss or corruption.
Fix - Buildtime
Terraform
- Resource: aws_backup_plan, aws_backup_selection, aws_efs_file_system
- Argument: plan_id and resources of aws_backup_selection
resource "aws_backup_plan" "example" {
name = "tf_example_backup_plan"
rule {
rule_name = "tf_example_backup_rule"
target_vault_name = aws_backup_vault.test.name
schedule = "cron(0 12 * * ? *)"
}
advanced_backup_setting {
backup_options = {
WindowsVSS = "enabled"
}
resource_type = "EC2"
}
}
resource "aws_backup_selection" "ok_backup" {
iam_role_arn = aws_iam_role.example.arn
name = "tf_example_backup_selection"
plan_id = aws_backup_plan.example.id
resources = [
aws_db_instance.example.arn,
aws_ebs_volume.example.arn,
aws_efs_file_system.ok_efs.arn,
]
}
resource "aws_efs_file_system" "ok_efs" {
creation_token = "my-product"
tags = {
Name = "MyProduct"
}
}
Updated 3 months ago