Getting started 3: Create a scheduled backup - AWS Backup

Getting started 3: Create a scheduled backup

In this step of the AWS Backup tutorial, you create a backup plan, assign resources to it, and then create a backup vault.

Before you begin, ensure that you have the required prerequisites. For more information, see Getting started with AWS Backup.

Step 1: Create a backup plan based on an existing one

A backup plan is a policy expression that defines when and how you want to back up your AWS resources, such as Amazon DynamoDB tables or Amazon Elastic File System (Amazon EFS) file systems. You assign resources to backup plans, and AWS Backup then automatically backs up and retains backups for those resources according to the backup plan. For more information, see Managing backups using backup plans.

There are two ways to create a new backup plan: You can build one from scratch or build one based on an existing backup plan. This example uses the AWS Backup console to create a backup plan by modifying an existing backup plan.

To create a backup plan from an existing one
  1. Sign in to the AWS Management Console, and open the AWS Backup console at

  2. From the dashboard, choose Manage Backup plans. Or, using the navigation pane, choose Backup plans and choose Create backup plan.

  3. Choose Start with a template, choose a template from the list (for example, Daily-Monthly-1yr-Retention), and enter a name for Backup plan name.


    If you try to create a backup plan that is identical to an existing plan, you get an AlreadyExistsException error.

  4. For Backup rules, choose a backup rule and then choose Edit.

  5. Review and choose the values that you want for your rule (see Backup plan options and configuration for rule options).

  6. For the backup vault, choose Default or choose Create new Backup vault to create a new vault.

  7. (Optional)- choose an AWS Region from the list in Copy to destination to copy the backup to different Region. To add more Regions, choose Add copy.

  8. When you have finished editing the rule, choose Save Backup rule.

  9. Choose Create plan.

On the Summary page, choose Assign resources to prepare for the next section.

Step 2: Assign resources to a backup plan

After you create a backup plan, you must assign your AWS resources to that backup plan. For more information about assigning resources, see Assigning resources to a backup plan.

If you don’t already have existing AWS resources that you want to assign to a backup plan, create some new resources to use for this exercise. Create one or two resources using supported AWS resources and third-party applications.

To assign resources to a backup plan
  1. The previous steps should have taken you to the Assign resources page.

  2. Type in a Resource assignment name.

  3. For IAM role, choose Default role. If you choose another role, it must have permissions to back up all the resources you assign.

  4. In the Assign resources section, choose Include all resource types. A resource type is an AWS Backup-supported AWS service or third-party application. This backup plan will now protect all resource types that you have opted in to protect using AWS Backup

  5. Choose Assign resources.

You return to the backup plan Summary page. Choose Create backup plan to deploy your first backup plan!

Step 3: Create a backup vault

Instead of using the default backup vault that is automatically created for you on the AWS Backup console, you can create specific backup vaults to save and organize groups of backups in the same vault.

For more information about backup vaults, see Backup vaults.

To create a backup vault
  1. On the AWS Backup console, in the navigation pane, choose Backup vaults.


    If the navigation pane is not visible on the left side, you can open it by choosing the menu icon in the upper-left corner of the AWS Backup console.

  2. Choose Create backup vault.

  3. Enter a name for your backup vault. You can name your vault to reflect what you will store in it, or to make it easier to search for the backups you need. For example, you could name it FinancialBackups.

  4. Select an AWS Key Management Service (AWS KMS) key. You can use either a key that you already created, or select the default AWS Backup KMS key.


    The AWS KMS key that is specified here applies only to backups of services that support AWS Backup independent encryption. To see the list of resources types that support AWS Backup independent encryption, see the "Full AWS Backup management" section of the Feature availability by resource table.

  5. Optionally, add tags that will help you search for and identify your backup vault. For example, you could add a BackupType:Financial tag.

  6. Choose Create Backup vault.

  7. In the navigation pane, choose Backup vaults, and verify that your backup vault has been added.


You can now edit a backup rule in one of your backup plans to store backups created by that rule in the backup vault you just created.

Next steps

To back up Amazon EFS file systems specifically, proceed to Getting started 4: Create Amazon EFS automatic backups.