Learn DevOps

About possible failures, detection methods, and performance limits with AWS Backup

Hải Yến Trịnh's photo
Hải Yến Trịnh
·

4 min read

Hello,

Greetings for the day, I hope you are doing well.

Thank you for contacting AWS Premium Support. I am Prasanna and I will be assisting you on this case today.

From the case correspondence, I understand that for a testing purpose, you would like to know the few errors that occurs in AWS Backup and how to detect and reproduce those errors. Please do correct me if I misunderstood your query.

Thank you for explaining your context elaborately.

Responding to your queries:
\==========================

->It is assumed that AWS Backup will execute a job for full DB backup of Aurora and interregional copy of the target bucket of S3.

I would like to mention that RDS, Aurora, DocumentDB, and Neptune do not support a single copy action that performs both cross-Region and cross-account backup. You can either choose cross-account or cross-region.

To see a list of services and the supported functionalities, I request to please check the below documentation for \”Feature availability by AWS Region\”
[+]https://docs.aws.amazon.com/aws-backup/latest/devguide/whatisbackup.html#features-by-resource

->Please tell us about the error that can occur during backup, how to detect the error, and how to intentionally create and reproduce the error from the viewpoint of failure test.

There could be multiple errors that can occur if the settings is not properly configured while configuring the AWS backup.

[1] AWS Backup requires service IAM role to perform backup operations on your behalf. A service role is a role that an AWS service assumes to perform actions. If an IAM role missing permission to backup or restore an AWS service then you will be encountering with permission errors, so we always recommended to use default service role for AWS Backup. Please refer the following documentation on \”IAM service roles\”.
https://docs.aws.amazon.com/aws-backup/latest/devguide/iam-service-roles.html

Below are the few error you will be encountering, If enough permissions are not granted to S3.

->Can’t access the S3 bucket.
->Unable to perform s3:PutBucketNotification on bucket The backup job failed to create a recovery point for your resource due to missing permissions on role.

Please try to miss few permissions to the service role and see if you receive any permission errors.
\t
[2] When you configure overlapping rules for a backup plan, then you might encounter with errors according to the rules that were configured. Please refer the following documentation for more information about overlapping rules.
[+]https://docs.aws.amazon.com/aws-backup/latest/devguide/creating-a-backup-plan.html

[3]You will usually encounter with errors due to encryption of AWS backup. They are only few resource types that supports Independent AWS Backup encryption. Please refer the following documentation for supported resource types.
[+]https//docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html

->Also, please let us know if there is a limit value of backup data capacity for each backup and the upper limit of the number of files and the capacity per file for S3 file copy.

Below are the metrics that you can expect from AWS backup

->100 MB/s for file systems composed of mostly large files
->500 files/s for file systems composed of mostly small files
The maximum duration for a backup or a restore operation in AWS Backup is seven days. Please note that the restore job takes more time than backup job.

Please refer the following documentation for more information on Limitations of AWS Backup for Amazon S3
[+]https://docs.aws.amazon.com/aws-backup/latest/devguide/s3-backups.html#S3-backup-limitations

I request you please refer the below link which explains in detailed the most common errors that will be encountered from AWS backup and the troubleshooting steps.

[+]https://docs.aws.amazon.com/aws-backup/latest/devguide/troubleshooting.html

I hope above information serves you well.

In case you feel I have misunderstood your concern here or If you have any follow-up questions relating to this, with regards to the information shared above, Please don’t hesitate to reach back to me, I will be happy to assist you until everything is successfully addressed.

Hope you have a great day ahead, take care and stay safe!

We value your feedback. Please share your experience by rating this correspondence using the AWS Support Center link at the end of this correspondence. Each correspondence can also be rated by selecting the stars in top right corner of each correspondence within the AWS Support Center.

Best regards,
Prasanna P.
Amazon Web Services

AWS