i have a site connected with amazon AWS to upload the pictures, and it's connected with IAM service, but im really worry if any accident happen and i didn't make any backup, after that i will lose everything and im in big trouble cuz i have no copy, so i need to make a copy with AWS Backup and make it, ''Always'', bt in fact i have no idea how to do it or what options should i chose, should i make Backup vaults or not?, i have Default Backup vaults, should i Create on-demand backup for Default Backup vaults or not?, please please i need help with that,

i need someone help me to setup the AWS Backup without any mistakes, cuz there is no fields for mistakes,

thank you so much

If you just want one backup and keep it forever, please create an on demand backup job and select the Retention period as "Always". Please follow the document below. https://docs.aws.amazon.com/aws-backup/latest/devguide/create-on-demand-backup.html

If you want to take periodic backups like daily, you can create a backup plan and a rule and assign resources to the backup plan. Please follow the document below. https://docs.aws.amazon.com/aws-backup/latest/devguide/creating-a-backup-plan.html

If you have no intentions of copying the backups to a different account, you can use Default Backup vaults.

  • really thanks for your answer...

    okey i just want to know,

    -about Resource type, what should i use?, just to note, in IAM permissions, i use AmazonS3FullAccess, so in this case i use S3?, or make it as a Default option "DynamoDB"?

    -about IAM role, i make it as a Default option "Default role", or "Choose an IAM role"?

    sorry cuz i really don't know!, i learn from you now :)


For resource type, it depends on the resource you are backing up. Example: To backup EC2, you select EC2 Instance ID. For IAM role: You can use the Default IAM role. The Default role is automatically created when you create a first backup job in the console. (The first backup job may fail due to the fact that the Role will be in creating status) You may have to create a new job with the default role after the first failed job. Teh Default role has all the necessary permissions. https://docs.aws.amazon.com/aws-backup/latest/devguide/iam-service-roles.html#default-service-roles

  • ok, everything is good, but when i clicked on Submit, i faced this:

    Bucket name Choose a bucket "Select a value <<< in Red Color text,

    how to handle this?


If you want to backup the S3 bucket, Please select the bucket which you want to backup.

Also, You have to add these two policies to the role:AWSBackupDefaultServiceRole once it is created. With out these two policies the backup would fail. AWSBackupServiceRolePolicyForS3Backup AWSBackupServiceRolePolicyForS3Restore

