andresriancho / aws-backup Goto Github PK
View Code? Open in Web Editor NEWAWS Backup implementation in terraform
License: GNU General Public License v3.0
AWS Backup implementation in terraform
License: GNU General Public License v3.0
context.get_remaining_time_in_millis() (documentation here can be used to get the remaining time in ms for the current context.
In some cases where there are MANY resources I found that the lambda function times out. Sadly this was found manually via CloudWatch Events logs. I would like to see these errors being reported to the admins.
Have the possibility to notify sysadmins of any untagged resource or error (see #1) using slack webhook.
In 3ca7f20 I explain one of the most annoying limitations of the AWS Backup service: it will only backup resources in the region where the backup plan was created, if you want to backup resources in 5 regions, you'll need to duplicate all the configuration for each region.
The problem I've found is that running these won't work:
terraform plan -var profile=awsbackup -var region=us-east-1
terraform apply -var profile=awsbackup -var region=us-east-1
...
terraform plan -var profile=awsbackup -var region=us-west-2
terraform apply -var profile=awsbackup -var region=us-west-2
Because the solution uses IAM resources which are global, thus on the second call to apply terraform will find the already existing user and exit. There are ways around it, but it would be nice to provide the users with an easy to use solution like:
terraform apply -var profile=awsbackup -var region=global
terraform apply -var profile=awsbackup -var region=us-east-1,us-west-2
The first command would deploy all global resources, the second will deploy the solution to the command separated regions.
Implement multiple regions
SES secrets
Error: error reading Secrets Manager Secret Version: AccessDeniedException: Access to KMS is not allowed
status code: 400, request id: 4ff6091e-fc13-4e0c-8805-24820cb106f6
on ses.tf line 41, in resource "aws_secretsmanager_secret_version" "ses_smtp_user":
41: resource "aws_secretsmanager_secret_version" "ses_smtp_user" {
Right now the whole thing is broken:
resource "aws_lambda_function" "backup_auto_tagging" {
filename = "lambda_functions/backup_auto_tagging.zip"
function_name = "backup_auto_tagging"
role = aws_iam_role.iam_role_lambda_backup_auto_tagging.arn
handler = "lambda.handler"
source_code_hash = filebase64sha256("lambda_functions/backup_auto_tagging.zip")
lambda_functions
directory doesn't exist
backup_auto_tagging.zip
doesn't exist
The current implementation completely ignores errors during the backup creation. As a sysadmin I would like to receive a notification when a backup fails, so that I can investigate what went wrong and potentially trigger it manually.
Do I need to perform pagination in any of these functions?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.