Subscription filter policy for AWS backup failures


I have created a topic and subscribed with an email endpoint, targeting to be mailed for any anomalies such as aborted backups and failed backups through an email. Have created a rule in Event bridge to collect backup job state change event and pointed to the SNS topic.

Have tried a subscription filtering policy on the topic as below:

{ "state": [ { "anything-but": [ "CREATED", "PENDING", "RUNNING", "COMPLETED" ] } ] }

yet the result is not as expected.

1 Answer

We would have to use a custom event pattern in order to get notifications just for getting alerts when a backup job failed and aborted.

  1. Create an event pattern and use below customer Pattern using Json editor. { "source": ["aws.backup"], "detail-type": ["Backup Job State Change"], "detail": { "state": ["FAILED", "ABORTED"] } }
  2. Create SNS topic and add the below statement to the Access policy. Modify the Resource name with your SNS topic { "Sid": "My-statement-id", "Effect": "Allow", "Principal": { "Service": "" }, "Action": "SNS:Publish", "Resource": "arn:aws:sns:eu-west-1:111111111111:exampletopic" }
  3. There is no need to use any subscription filtering policy with this event bridge pattern.
  4. Once the SNS created do not forget to confirm the subscription.
  5. Once the subscription confirmed, create a backup and abort it and create another backup job such that it get fails.
  6. You should see only email alerts for failed backup job and aborted backup job
profile picture
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions