AWS用户通知和AWS Backup Amazon SNS 和AWS Backup活动

通知选项包括AWS Backup

可通过两种方式接收有关AWS Backup下列事件：

AWS用户通知可以发送通知，包括亚马逊CloudWatch警报和其他服务的通知。AWS Support
亚马逊简单通知服务可以将AWS Backup事件通知您。

AWS用户通知和AWS Backup

AWS Backup支持从AWS用户通知控制台管理您的备份通知。使用AWS用户通知，您可以从用户通知中心查看备份、复制和还原任务的进度以及对备份策略、文件库、恢复点和设置的更改。

亚马逊CloudWatch、亚马逊EventBridge警报和AWS Support案例更新是您可以通过控制台管理的其他类型的通知。此外，您可以设置多个传送选项，包括电子邮件、AWS Chatbot通知和AWS Console Mobile Application推送通知。

Amazon SNS 和AWS Backup活动

AWS Backup利用Amazon Simple Notification Service（Amazon SNS）提供的强大通知。您可以将 Amazon SNS 配置为从Amazon SNS 控制台向您通知AWS Backup事件。

常见用例

按照如何获得失败任务的通知中的步骤，为失败的备份AWS Backup任务设置通知来自AWS高级Support。
在下方的事件示例表中，查看已完成、失败和过期的备份任务的 Amazon SNS 通知 JSON 示例。

有关 Amazon SNS 的更多信息，请参阅 Amazon Simple N otification Service Gu ide 中的 Amazon SNS 入门。

注意

虽然 Amazon SNS 服务允许跨账户通知，但目前AWS Backup不支持此功能。您必须指定自己的AWS账户 ID 和主题的资源 ARN。

AWS Backup通知 API

使用 Amazon SNS 控制台或AWS Command Line Interface (AWS CLI) 创建主题后，您可以使用以下AWS Backup API 操作来管理您的备份通知。

DeleteBackupVaultNotifications-删除指定的备份文件库的事历文件库的事件。
GetBackupVaultNotifications— 列出指定的备份文件库的所有事件更改。
PutBackupVaultNotifications— 开启指定主题和事件的通知。

AWS Backup支持以下事件：

任务类型	事件
Backup 作业	`BACKUP_JOB_STARTED` \| `BACKUP_JOB_COMPLETED`
复制任务	`COPY_JOB_STARTED` \| `COPY_JOB_SUCCESSFUL` \| `COPY_JOB_FAILED`
还原作业	`RESTORE_JOB_STARTED` \| `RESTORE_JOB_COMPLETED`
恢复点	`RECOVERY_POINT_MODIFIED`

AWS Backupfor S3 支持另外两个事件：

S3_BACKUP_OBJECT_FAILED通知您任何在备份任务期间备份AWS Backup失败的 S3 对象。
S3_RESTORE_OBJECT_FAILED通知您任何在还原任务期间恢复AWS Backup失败的 S3 对象。

事件更改

事件 Amazon SNS 通知

Backup 任务已完成

事件	Amazon SNS 通知
Backup 任务已完成	{ "Records": [{ "EventSource": "aws: sns", "EventVersion": "1.0", "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45", "Sns": { "Type": "Notification", "MessageId": "12345678-abcd-123a-def0-abcd1a234567", "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic", "Subject": "Notification from AWS Backup", "Message": "An AWS Backup job was completed successfully. Recovery point ARN: arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012d. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123", "Timestamp": "2019-08-02T18:46:02.788Z", ... "MessageAttributes": { "EventType": {"Type":"String","Value":"BACKUP_JOB"}, "State": {"Type":"String","Value":"COMPLETED"}, "AccountId": {"Type":"String","Value":"123456789012"}, "Id": {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"}, "StartTime": {"Type":"String","Value":"2019-09-02T13:48:52.226Z"} } } }] }
Backup 任务失败	{ "Records": [{ "EventSource": "aws: sns", "EventVersion": "1.0", "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45", "Sns": { "Type": "Notification", "MessageId": "12345678-abcd-123a-def0-abcd1a234567", "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic", "Subject": "Notification from AWS Backup", "Message": "An AWS Backup job failed. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123", "Timestamp": "2019-08-02T18:46:02.788Z", ... "MessageAttributes": { "EventType": {"Type":"String","Value":"BACKUP_JOB"}, "State": {"Type":"String","Value":"FAILED"}, "AccountId": {"Type":"String","Value":"123456789012"}, "Id": {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"}, "StartTime": {"Type":"String","Value":"2019-09-02T13:48:52.226Z"} } } }] }
Backup 作业无法在备份窗口内完成	{ "Records": [{ "EventSource": "aws: sns", "EventVersion": "1.0", "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45", "Sns": { "Type": "Notification", "MessageId": "12345678-abcd-123a-def0-abcd1a234567", "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic", "Subject": "Notification from AWS Backup", "Message": "An AWS Backup job failed to complete in time. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123", "Timestamp": "2019-08-02T18:46:02.788Z", ... "MessageAttributes" : { "EventType" : {"Type":"String","Value":"BACKUP_JOB"}, "State" : {"Type":"String","Value":"EXPIRED"}, "AccountId" : {"Type":"String","Value":"123456789012"}, "Id" : {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"}, "StartTime" : {"Type":"String","Value":"2019-09-02T13:48:52.226Z"} } } }] }


{
    "Records": [{
        "EventSource": "aws: sns",
        "EventVersion": "1.0",
        "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
        "Sns": {
            "Type": "Notification",
            "MessageId": "12345678-abcd-123a-def0-abcd1a234567",
            "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
            "Subject": "Notification from AWS Backup",
            "Message": "An AWS Backup job was completed successfully. Recovery point ARN: arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012d. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
            "Timestamp": "2019-08-02T18:46:02.788Z",
            ...
            "MessageAttributes": {
                "EventType": {"Type":"String","Value":"BACKUP_JOB"},
                "State": {"Type":"String","Value":"COMPLETED"},
                "AccountId": {"Type":"String","Value":"123456789012"},
                "Id": {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"},
                "StartTime": {"Type":"String","Value":"2019-09-02T13:48:52.226Z"}
            }
        }
    }]
}

Backup 任务失败


{
    "Records": [{
        "EventSource": "aws: sns",
        "EventVersion": "1.0",
        "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
        "Sns": {
            "Type": "Notification",
            "MessageId": "12345678-abcd-123a-def0-abcd1a234567",
            "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
            "Subject": "Notification from AWS Backup",
            "Message": "An AWS Backup job failed. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
            "Timestamp": "2019-08-02T18:46:02.788Z",
            ...
            "MessageAttributes": {
                "EventType": {"Type":"String","Value":"BACKUP_JOB"},
                "State": {"Type":"String","Value":"FAILED"},
                "AccountId": {"Type":"String","Value":"123456789012"},
                "Id": {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"},
                "StartTime": {"Type":"String","Value":"2019-09-02T13:48:52.226Z"}
            }
        }
    }]
}

Backup 作业无法在备份窗口内完成


{
    "Records": [{
        "EventSource": "aws: sns",
        "EventVersion": "1.0",
        "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45",
        "Sns": {
            "Type": "Notification",
            "MessageId": "12345678-abcd-123a-def0-abcd1a234567",
            "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic",
            "Subject": "Notification from AWS Backup",
            "Message": "An AWS Backup job failed to complete in time. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123",
            "Timestamp": "2019-08-02T18:46:02.788Z",
            ...
            "MessageAttributes" : {
              "EventType" : {"Type":"String","Value":"BACKUP_JOB"},
              "State" : {"Type":"String","Value":"EXPIRED"},
              "AccountId" : {"Type":"String","Value":"123456789012"},
              "Id" : {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"},
              "StartTime" : {"Type":"String","Value":"2019-09-02T13:48:52.226Z"}
            }
        }
    }]
}

AWS Backup通知命令示例

您可以使用AWS CLI命令订阅、列出和删除AWS Backup活动的 Amazon SNS 通知。

示例：放置备份保管库通知

以下命令订阅指定备份库的 Amazon SNS 主题，该主题会在恢复任务开始或完成时或恢复点修改时通知您。


aws backup put-backup-vault-notifications 
    --backup-vault-name myBackupVault 
    --sns-topic-arn arn:aws:sns:region:account-id:myBackupTopic
    --backup-vault-events RESTORE_JOB_STARTED RESTORE_JOB_COMPLETED RECOVERY_POINT_MODIFIED

示例：获取备份保管库通知

以下命令列出了当前订阅指定备份库的 Amazon SNS 主题的所有事件。


aws backup get-backup-vault-notifications 
           --backup-vault-name myVault

示例输出如下所示：


{
    "SNSTopicArn": "arn:aws:sns:region:account-id:myBackupTopic",
    "BackupVaultEvents": [
        "RESTORE_JOB_STARTED",
        "RESTORE_JOB_COMPLETED",
        "RECOVERY_POINT_MODIFIED"
    ],
    "BackupVaultName": "myVault",
    "BackupVaultArn": "arn:aws:backup:region:account-id:backup-vault:myVault"
}

删除备份保管库通知示例

以下命令取消订阅指定的备份文件库的 Amazon SNS 主题。


aws backup delete-backup-vault-notifications 
           --backup-vault-name myVault

指定AWS Backup为服务主体

注意

要允许 AWS Backup 代表您发布 SNS 主题，您必须将 AWS Backup 指定为服务委托人。

在用于跟踪AWS Backup事件的 Amazon SNS 主题的访问策略中加入以下 JSON。您必须指定主题的资源 Amazon 资源名称 (ARN)。


{
      "Sid": "My-statement-id",
      "Effect": "Allow",
      "Principal": {
        "Service": "backup.amazonaws.com"
      },
      "Action": "SNS:Publish",
      "Resource": "arn:aws:sns:region:account-id:myTopic"
}

有关在 Amazon SNS 访问策略中指定服务主体的更多信息，请参阅《亚马逊简单通知服务开发者指南》中的 “允许任何AWS资源向主题发布”。

注意

如果您的主题已加密，则必须在策略中包含其他权限才能允许 AWS Backup 向其发布。有关使服务能够发布到加密主题的更多信息，请参阅《亚马逊简单通知服务开发者指南》中的 “启用AWS服务事件源和加密主题之间的兼容性”。

Javascript 在您的浏览器中被禁用或不可用。

要使用 Amazon Web Services 文档，必须启用 Javascript。请参阅浏览器的帮助页面以了解相关说明。

文档惯例

使用 AWS Backup 记录 CloudTrail API 调用

排除 AWS Backup 的故障