Automated Deployment - EFS-to-EFS Backup Solution

Automated Deployment

Before you launch the automated deployment, please review the considerations and prerequisites discussed in this guide. Follow the step-by-step instructions in this section to configure and deploy the EFS-to-EFS backup solution into your account.

Time to deploy: Approximately five minutes


Before you start, you must have a source Amazon Elastic File System (Amazon EFS) file system with mount targets in an Amazon Virtual Private Cloud (Amazon VPC) network. The VPC network must have the following:

  • At least two subnets in different Availability Zones (AZs)

  • Public subnets or private subnets with a route to a network address translation (NAT) gateway. For more information, see Appendix C.

  • A set of DHCP options configured to use the DNS server provided by Amazon. For more information about the Amazon DNS server, see DHCP Options Sets in the Amazon VPC User Guide.

  • DNS hostnames enabled. For more information, see Viewing DNS Hostnames for Your EC2 Instance in the Amazon VPC User Guide.

  • The source file system mount targets, the Amazon EC2 Auto Scaling group, and the destination file system mount targets in the same AZs

  • Security group rules that grant the solution's Amazon EC2 instance inbound access to your source Amazon EFS file system through the mount target using the Network File System (NFS) port. In the source EFS mount target security group, allow inbound access for the NFS port to the VPC Classless Inter-Domain Routing (CIDR) block or specific subnet CIDR blocks.

Launch the Stack

This automated AWS CloudFormation template deploys the EFS-to-EFS backup solution.


You are responsible for the cost of the AWS services used while running this solution. See the Cost section for more details. For full details, see the pricing webpage for each AWS service you will be using in this solution.

  1. Sign in to the AWS Management Console and click the button below to launch the efs-to-efs-backup AWS CloudFormation template.

                                Launch button for EFS backup solution stack

    You can also download the template as a starting point for your own implementation.

  2. The template is launched in the US East (N. Virginia) Region by default. To launch the solution in a different AWS Region, use the region selector in the console navigation bar.


    This solution uses the Amazon EFS service, which is currently available in specific AWS Regions only. Therefore, you must launch this solution an AWS Region where Amazon EFS is available. For the most current Amazon EFS availability by region, see Also, you must deploy this solution in the same AWS Region as your source Amazon EFS file system.

  3. On the Select Template page, verify that you selected the correct template and choose Next.

  4. On the Specify Details page, specify a name for your solution stack.

  5. Under Parameters, review the parameters for the template, and modify them as necessary. This solution uses the following default values.

    Parameter Default Description
    Source EFS <Requires input> The source Amazon EFS file system ID
    Interval Label daily The tag that identifies your backups. Choose the applicable frequency: daily, weekly, or monthly.
    Retain 7 The number of backups you want to retain
    Folder Label efs-backup The folder name for your backups
    Backup Window 180 The maximum amount of time in minutes that the backup process has to complete
    Backup Schedule cron(0 2 * * ? *) Enter the scheduled expression (Cron syntax) that specifies when to run the CloudWatch event. All times are in UTC in 24-hour format. For example, cron(0 2 * * ? *) to run the backup at 2 a.m. UTC daily.
    Backup Prefix / The source prefix for the backup. To back up part of the source file system, specify the applicable subdirectory. For example, enter /appdata to back up the appdata directory.
    EFS Mode generalPurpose The performance mode for the backup Amazon EFS file system
    Subnet IDs <Requires input> Comma-delimited list of two subnet IDs for the Auto Scaling group. The backup mount targets will be created in these subnets.

    These subnets must be in the same Amazon VPC and Availability Zones as the source file system mount targets, and they must have outbound internet access.

    VPC ID <Requires input> The virtual private cloud (VPC) ID where the source and backup mount targets are located
    Email <Requires input> The email address to subscribe to Amazon SNS notifications
    Success Notification Yes Choose whether to be notified when backups are created successfully.

    The solution always sends notifications when backups fail.

    Dashboard Yes Choose whether to create a dashboard for metrics
    EFS Encryption Yes Choose whether to encrypt the backup Amazon EFS file system
  6. Choose Next.

  7. On the Options page, choose Next.

  8. On the Review page, review and confirm the settings. Select the checkbox acknowledging that the template will create AWS Identity and Access Management (IAM) resources.

  9. Choose Create to deploy the stack.

    You can view the status of the stack in the AWS CloudFormation console in the Status column. You should see a status of CREATE_COMPLETE in approximately five minutes.


In addition to the primary AWS Lambda function, this solution includes the solution-helper and AMIInfoFunction Lambda functions, which run only during initial configuration or when resources are updated or deleted.

When running this solution, you will see these Lambda functions in the AWS console, but only the primary function is regularly active. However, do not delete the solution-helper and AMIInfoFunction functions as they are necessary to manage associated resources.