AWS announces preview of AWS Interconnect - multicloud

AWS announces AWS Interconnect – multicloud (preview), providing simple, resilient, high-speed private connections to other cloud service providers. AWS Interconnect - multicloud is easy to configure and provides high-speed, resilient connectivity with dedicated bandwidth, enabling customers to interconnect AWS networking services such as AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC to other cloud service providers with ease.

How do I use AWS Backup to perform an S3 restore job?

3 minute read

I want to use AWS Backup to restore my Amazon Simple Storage Service (Amazon S3) data from a recovery point.

Resolution

Prerequisite: Verify that your AWS Identity and Access Management (IAM) role has the required permissions.

Important:

You must activate access control lists (ACLs) in the destination bucket so that the Amazon S3 restore job doesn't fail.
If Block Public Access is active on the destination bucket, then AWS Backup doesn't restore objects with public ACLs.
If the destination bucket has an object with the same name or version ID, then AWS Backup skips the objects.

You can use either the AWS Backup console or the AWS Command Line Interface (AWS CLI) to restore your S3 data.

Use the AWS Backup console

Complete the steps in Restore through the AWS Backup console.

Use the AWS CLI

Note: If you receive errors when you run AWS CLI commands, then see Troubleshooting errors for the AWS CLI. Also, make sure that you're using the most recent AWS CLI version.

Complete the following steps:

Run the list-recovery-points-by-backup-vault command to list all recovery points in your backup vault:

aws backup list-recovery-points-by-backup-vault \
    --backup-vault-name Default \
    --output json \
    --query 'RecoveryPoints[].[BackupVaultName,RecoveryPointArn]'

Note: Replace backup-vault-name with your backup vault's name.

From the command's output, note the RecoveryPointArn of the recovery point that you want to restore. The Amazon Resource Name (ARN) format is arn:aws:backup:region:1234567890:recovery-point:example-bucket-f24fe343.

Create a JSON file that includes the following metadata:
DestinationBucketName: The destination bucket for your restore.
(Only object-level retore) ItemsToRestore: A list of up to five paths of individual objects to restore.
NewBucket: A Boolean value that specifies whether to create a new bucket.
Encrypted: A Boolean value that specifies whether to encrypt the restored data.
CreationToken: An idempotency token.
EncryptionType: The type of encryption for your restored objects. You can specify the same encryption as the original object, server-side encryption with Amazon S3 managed keys (SSE-S3), or server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS).
(Only for continuous recovery points) RestoreTime: The restore time in the format 2021-11-27T03:30:27Z.
(Optional) RestoreLatestVersionUpTo: You can specify 1 to restore to the latest object version or n to restore to a positive integer that's greater than 1 or all versions less than n. Or, specify all to restore all versions.
Example JSON file:

{
    "DestinationBucketName": "TestBucket",
    "ItemsToRestore": "[\"s3://example-bucket/abc.jpg\",\"s3://example-bucket/abcd.jpeg\",\"s3://example-bucket/bucket.txt\"]",
    "Encrypted": "true",
    "NewBucket": "true",
    "CreationToken": "test",
    "EncryptionType": "SSE_KMS",
    "KMSKey": "arn:aws:kms:us-east-1:1234567890:key/abf95f23-4f2d-4fe9-8177-a311da3179c5"
}

Run the start-restore-job command:

aws backup start-restore-job \
    --recovery-point-arn "arn:aws:backup:us-east-1:1234567890:recovery-point:example-bucket-f24fe343" \
    --iam-role-arn "arn:aws:iam::1234567890:role/service-role/AWSBackupDefaultServiceRole" \
    --metadata file://s3-restore-metadata.json

Note: Replace recovery-point-arn with your recovery point's ARN and iam-role-arn with your IAM role's ARN. Also, include your JSON metadata file.
If you must include the metadata directly in the start-restore-job command instead of the JSON file, then use the following format:

aws backup start-restore-job \
    --recovery-point-arn "arn:aws:backup:us-east-1:1234567890:recovery-point:example-bucketf24fe343" \
    --iam-role-arn "arn:aws:iam::1234567890:role/service-role/AWSBackupDefaultServiceRole" \
    --metadata '{
        "DestinationBucketName": "TestBucket",
        "ItemsToRestore": "[\"s3://example-1/abc.jpg\",\"s3://example-2/abcd.jpeg\",\"s3://example-3/bucket.txt\"]",
        "Encrypted": "true",
        "NewBucket": "true",
        "CreationToken": "test",
        "EncryptionType": "SSE_KMS",
        "KMSKey": "arn:aws:kms:us-east-1:1234567890:key/abf95f23-4f2d-4fe9-8177-a311da3179c5"
    }'

Related information

How can I restore a previous version of an Amazon S3 object in AWS Backup?

Restore Amazon S3 recovery points through AWS CLI

Restoring a continuous backup

Streamline search and item-level recovery with AWS Backup

Amazon S3 restore considerations

Topics: Storage
Tags: AWS Backup Amazon Simple Storage Service
Language: English

AWS OFFICIALUpdated 2 months ago

No comments

Relevant content

Difficulty with AWS Backup Restoration: Incomplete Restores and Delete Markers in S3 Buckets
Marcelo
asked a year ago
How do i stop a restore job that's running for a week.
Gercho
asked 4 years ago
Some AWS Backup S3 Restores Fail with "Access denied to KMS Key"
stjustin
asked 2 years ago
S3 Backup and Restore Issue
Dmytro
asked 10 months ago
Issues using an AWS Managed key (aws/backup) and trying to restore
Accepted Answer
CajunD
asked 4 days ago
How do I resolve "insufficient privileges" and "access denied" errors when I use AWS Backup to perform an Amazon EFS restore?
AWS OFFICIALUpdated 2 months ago
How do I troubleshoot the “You are not authorized to perform this operation" error when I try to restore my Amazon EC2 instance?
AWS OFFICIALUpdated 2 years ago
Why don't I see objects restored into my bucket after my Amazon S3 restore job completes in AWS Backup?
AWS OFFICIALUpdated a month ago
How do I use AWS Backup to restore an Amazon FSx file system?
AWS OFFICIALUpdated 2 months ago
Customizing the Network Settings When Using AWS Backup to Restore VMware-Based Instances to Amazon EC2
EXPERT
Darren Roback
published 6 months ago