This Terraform Module launches a Backup Vault that you can use to store, organize and, optionally, preserve your AWS Backup recovery points against deletion.
How do you use this module?
See the root README for instructions on using Terraform modules.
See variables.tf for all the variables you can set on this module.
See the backup-plan module for how to configure plans and resource selections.
What is a Backup Vault?
A backup vault is a container for securing and organizing your Backup artifacts, such as EC2 AMIs, RDS Database recovery points, EBS volumes, et cetera. You can specify an AWS KMS key ID that will be used to encrypt resources in this vault that support encryption. Learn more in the official AWS Backup encryption guide.
Note that, once you have enabled AWS Backup support in a given region for your account, there will always be a default vault named "Default" (note the casing). You cannot delete the default backup vault.
You can opt to either associate Backup plans and selections with your default vault, or any custom vaults you create.
What is a Backup Vault Lock?
Locks are an optional means of adding an additional layer of protection for your recovery points stored in a Backup Vault. If you opt to lock a vault, you will secure its recovery points against delete operations and any updates that would otherwise alter their retention period. This means you can use locks to enforce retention periods, prevent early or accidental deletions by privileged users, and generally meet any compliance and data protection requirements you may have.
Backup vaults can publish notifications to an SNS topic. This is useful when you want to monitor for any problems with your backup workflows. To enable notifications for a vault when configuring a new vault with this module, set the enable_notifications attribute to true like so:
module"backup_vault" {
...
vaults = {
"vault-with-notifications-enabled" = {
enable_notifications = true
# If you wish to specify which AWS Backup events to listen to, you can pass them like so# If you do not pass events_to_listen_for, then all AWS Backup events will be listened for!
events_to_listen_for = ["BACKUP_JOB_STARTED", "BACKUP_JOB_COMPLETED"]
}
}
}
WARNING - It is important to understand that misuse of locks could lead to high AWS spend
For example, the following common conditions could all be true when you are developing against or testing AWS Backup. If:
You create a lock for a vault
the vault has a plan selecting many resources, for example, via widely used tags such as Snapshot: true
Your account has many resources with matching tags
Your lock takes effect, because you did not delete it during the 3 day cool-down period
then you will end up with many potentially large recovery points that you cannot delete and must pay for the storage of. Use extreme caution when testing, developing or studying!
Questions? Ask away.
We're here to talk about our services, answer any questions, give advice, or just to chat.
{"treedata":{"name":"root","toggled":true,"children":[{"name":".circleci","children":[{"name":"config.yml","path":".circleci/config.yml","sha":"4932b02a0653f378f1c557b7e06bc8046f488ecc"}]},{"name":".github","children":[{"name":"ISSUE_TEMPLATE","children":[{"name":"bug_report.md","path":".github/ISSUE_TEMPLATE/bug_report.md","sha":"d2e87e27c601e423865ed660ec697082470ca60f"},{"name":"feature_request.md","path":".github/ISSUE_TEMPLATE/feature_request.md","sha":"023a33099be2336476930c96e17ff1ba5dc55348"}]},{"name":"pull_request_template.md","path":".github/pull_request_template.md","sha":"1ed18daca8d8613b91574ddd1641f2d129204f50"}]},{"name":".gitignore","path":".gitignore","sha":"4c3b4ca1c64636908768c4d6c450069c924ecb69"},{"name":".pre-commit-config.yaml","path":".pre-commit-config.yaml","sha":"23068872ca60d7f40ae10c05ea8e5915d04056dc"},{"name":"CODEOWNERS","path":"CODEOWNERS","sha":"c19c648a9fdcb79b477d2b38566355ad09c9aef5"},{"name":"LICENSE.txt","path":"LICENSE.txt","sha":"f4e3d9bd4717a044ed31ad847a300eee74371a78"},{"name":"README.adoc","path":"README.adoc","sha":"f2a6a646efc328497ed86d4db5d541144cf50bf8"},{"name":"_docs","children":[{"name":"aurora-serverless.png","path":"_docs/aurora-serverless.png","sha":"5a53145be56705c76f7f7aa6a25aa0ddee78e4a3"},{"name":"aurora.png","path":"_docs/aurora.png","sha":"fc218831bfa34097a56f1b0e47fe05521bdb4a8a"},{"name":"backup-architecture.png","path":"_docs/backup-architecture.png","sha":"61b138cd6ad58c7a37fa1b37fef43c44a371a97c"},{"name":"data-backup-architecture.png","path":"_docs/data-backup-architecture.png","sha":"fcc7ce8753e28c19af87ea5cea96e6ded648d429"},{"name":"data-backup.png","path":"_docs/data-backup.png","sha":"116b10f231073f8c52255ca98e48cc228c48a2c3"},{"name":"mariadb.png","path":"_docs/mariadb.png","sha":"d540d3d3ff8797c4a4c3a62c65e7d3f63621568f"},{"name":"mysql.png","path":"_docs/mysql.png","sha":"73b55bd0d517dcba53c878712544abf96be3a66e"},{"name":"oracle.png","path":"_docs/oracle.png","sha":"b5f1ca801f5af4a30f1b812eea17cec516c1fe6c"},{"name":"postgresql.png","path":"_docs/postgresql.png","sha":"fd9c7ec282aef38a5813e8542d92227b96bd5be8"},{"name":"rds-architecture.png","path":"_docs/rds-architecture.png","sha":"8f2b1b5b4015a5777032c6aa64627ceee24330fc"},{"name":"redshift-architecture.png","path":"_docs/redshift-architecture.png","sha":"0ebffc1b1fbecdb0335a09c6bf7fe7c5f073d16e"},{"name":"redshift-icon.png","path":"_docs/redshift-icon.png","sha":"add0f05edb29726e62c784edf428eef60aed4d5f"},{"name":"sqlserver.png","path":"_docs/sqlserver.png","sha":"a800d188398262593f4f89f27c8f3ce2ce1e76a4"}]},{"name":"examples","children":[{"name":"aurora-global-cluster","children":[{"name":"README.md","path":"examples/aurora-global-cluster/README.md","sha":"e9f2c25730df4a914f8cacc493ff988ad39f3391"},{"name":"main.tf","path":"examples/aurora-global-cluster/main.tf","sha":"760c3a006a2e8860261f45558f21c6181111e4af"},{"name":"outputs.tf","path":"examples/aurora-global-cluster/outputs.tf","sha":"ad1a6164878d086b7aba2e2d6dcece92b57db2e6"},{"name":"variables.tf","path":"examples/aurora-global-cluster/variables.tf","sha":"57a4493ec46c7f0d1cf113a0765906c5fc7d2265"}]},{"name":"aurora-serverless","children":[{"name":"README.md","path":"examples/aurora-serverless/README.md","sha":"98662b8765774b68a963e71f48a167f0281c24ef"},{"name":"main.tf","path":"examples/aurora-serverless/main.tf","sha":"8d511ce42aeaf0bb84deb9d51f386dc6db52ffb6"},{"name":"outputs.tf","path":"examples/aurora-serverless/outputs.tf","sha":"7da44a91e9ac6e14a5c7c144c60c5ad0ceb5ce1b"},{"name":"variables.tf","path":"examples/aurora-serverless/variables.tf","sha":"121ec7d62c6ac37994d5e21c07edcba83cb42cce"}]},{"name":"aurora-with-cross-region-replica","children":[{"name":"README.md","path":"examples/aurora-with-cross-region-replica/README.md","sha":"ea3fbab79d4537541becf92d30a2e620daf8a308"},{"name":"main.tf","path":"examples/aurora-with-cross-region-replica/main.tf","sha":"d41dd780a4b1040080a594067708ca8ce9d31588"},{"name":"outputs.tf","path":"examples/aurora-with-cross-region-replica/outputs.tf","sha":"58a3862180d107c3d0501ec9b289b08ed09af3a8"},{"name":"variables.tf","path":"examples/aurora-with-cross-region-replica/variables.tf","sha":"a9326e5c167be4666653c2553265195171be30ed"}]},{"name":"aurora","children":[{"name":"README.md","path":"examples/aurora/README.md","sha":"3ffae862906cf9daf61599e6ad694b45ac8946c4"},{"name":"main.tf","path":"examples/aurora/main.tf","sha":"6fecef9275e5c04ea1de3eb16d288713f6ef0385"},{"name":"outputs.tf","path":"examples/aurora/outputs.tf","sha":"142569b7d9772c741ee28846de617f5a4b7f0d84"},{"name":"variables.tf","path":"examples/aurora/variables.tf","sha":"767be4c3468fb461c5bd7cd05a7b41164367697a"}]},{"name":"default-vault-plan-and-selection","children":[{"name":"README.md","path":"examples/default-vault-plan-and-selection/README.md","sha":"654dff28a302481e32e4a9985afd6fced0d55d7e"},{"name":"main.tf","path":"examples/default-vault-plan-and-selection/main.tf","sha":"bf32fb86e865f84c6f8a816701539e25a0b27d8e"},{"name":"variables.tf","path":"examples/default-vault-plan-and-selection/variables.tf","sha":"b41526930c798d19c4dd3d744a3ffcce4538535d"}]},{"name":"efs","children":[{"name":"README.md","path":"examples/efs/README.md","sha":"d7c254b633663051e6a56e7b05092cd09fdf06b2"},{"name":"main.tf","path":"examples/efs/main.tf","sha":"77c45e75be2adb216ce4dd63b47f51602d5422e5"},{"name":"outputs.tf","path":"examples/efs/outputs.tf","sha":"b5a6400d4a67e1e6f6773c513acaa8784ceda46b"},{"name":"variables.tf","path":"examples/efs/variables.tf","sha":"3c49e13f2e303786c32ca45a0408a270b4a43bae"}]},{"name":"lambda-rds-snapshot-multiple-schedules","children":[{"name":"README.md","path":"examples/lambda-rds-snapshot-multiple-schedules/README.md","sha":"77a88fa879f0ac2eae47319bb35a6b25126975d2"},{"name":"main.tf","path":"examples/lambda-rds-snapshot-multiple-schedules/main.tf","sha":"d8ec2ba32cf891c4158fef2a138ee464a691ae7b"},{"name":"outputs.tf","path":"examples/lambda-rds-snapshot-multiple-schedules/outputs.tf","sha":"7a8f966782c659d1568f35684197f232939ea9ec"},{"name":"variables.tf","path":"examples/lambda-rds-snapshot-multiple-schedules/variables.tf","sha":"f6ae16692c02a1ae6ed95d58e16bd3e02b98f703"}]},{"name":"lambda-rds-snapshot","children":[{"name":"README.md","path":"examples/lambda-rds-snapshot/README.md","sha":"9e24c56c01d3d8b4dd220ca1b7bde62b3aa9272a"},{"name":"main.tf","path":"examples/lambda-rds-snapshot/main.tf","sha":"6d13ffeb55d1334ce0e6c6eae4ae4f6e2f5e8071"},{"name":"outputs.tf","path":"examples/lambda-rds-snapshot/outputs.tf","sha":"375c8bb979dd4133c3675d9e6263e1138c448973"},{"name":"variables.tf","path":"examples/lambda-rds-snapshot/variables.tf","sha":"b777711ea9860aa43f766a5e5edf8b817e994885"}]},{"name":"rds-mariadb","children":[{"name":"README.md","path":"examples/rds-mariadb/README.md","sha":"f283eaf0f935ca3ea4becf713208cd33acb214da"},{"name":"main.tf","path":"examples/rds-mariadb/main.tf","sha":"c1a7e6148c19322a64fbf0266ba646619117d576"},{"name":"outputs.tf","path":"examples/rds-mariadb/outputs.tf","sha":"bd45b0035943021763d0365da3fe0d1e9f9b16b9"},{"name":"variables.tf","path":"examples/rds-mariadb/variables.tf","sha":"f44c101e55767db60dde0a98b32288ac044cea8c"}]},{"name":"rds-mysql-with-cross-region-replica","children":[{"name":"README.md","path":"examples/rds-mysql-with-cross-region-replica/README.md","sha":"038ec07d0a108e9b6a574449c7199bf77e56aebf"},{"name":"main.tf","path":"examples/rds-mysql-with-cross-region-replica/main.tf","sha":"1dfbe5645410c343fbafc8822fb74505c6296f31"},{"name":"outputs.tf","path":"examples/rds-mysql-with-cross-region-replica/outputs.tf","sha":"2d79e34b6bc52c934a62e40e38e3cdcace5196a0"},{"name":"variables.tf","path":"examples/rds-mysql-with-cross-region-replica/variables.tf","sha":"2f6029d38ccc605f9cad77e7005e0600a881b503"}]},{"name":"rds-mysql","children":[{"name":"README.md","path":"examples/rds-mysql/README.md","sha":"35cc3616e954dcbe71cc1895856acaf48b2d01d6"},{"name":"main.tf","path":"examples/rds-mysql/main.tf","sha":"255f9579a46f71518728528110c35446e8a5c11c"},{"name":"outputs.tf","path":"examples/rds-mysql/outputs.tf","sha":"e2ae2afdbcc0d27baa5d50be333f9d0a717e1a33"},{"name":"variables.tf","path":"examples/rds-mysql/variables.tf","sha":"0ee52281448e95f13fcaacf427bed62600a32c23"}]},{"name":"rds-postgres","children":[{"name":"README.md","path":"examples/rds-postgres/README.md","sha":"cb6bac1c7d45eca775e9c1095ad7a6f3a718a7fb"},{"name":"main.tf","path":"examples/rds-postgres/main.tf","sha":"36756c7eb97e9453a6dcf54119517e402d5739f7"},{"name":"outputs.tf","path":"examples/rds-postgres/outputs.tf","sha":"5371c2284c0ea3d4de5790077ba45d9d445c2965"},{"name":"variables.tf","path":"examples/rds-postgres/variables.tf","sha":"0f2541c42ceef4f29fcfdc4aa8141d18b854f7f5"}]},{"name":"rds-sqlserver","children":[{"name":"README.md","path":"examples/rds-sqlserver/README.md","sha":"747d59f4bea76727dbc533578bb0a785b90a6a3f"},{"name":"main.tf","path":"examples/rds-sqlserver/main.tf","sha":"7cbe7a9e3d47ae520bc6d25a06f36cf2ac09905c"},{"name":"outputs.tf","path":"examples/rds-sqlserver/outputs.tf","sha":"a1726fd73528af38b436c053128f24a17da740c3"},{"name":"variables.tf","path":"examples/rds-sqlserver/variables.tf","sha":"d5d575f8672595a94340621adac52280101924fb"}]},{"name":"rds-with-replicas","children":[{"name":"README.md","path":"examples/rds-with-replicas/README.md","sha":"e1f7e7f834c4260ec8c5b836474ca7934965826f"},{"name":"main.tf","path":"examples/rds-with-replicas/main.tf","sha":"d397a75debb0f6b17196c19826dd25514599ea2c"},{"name":"outputs.tf","path":"examples/rds-with-replicas/outputs.tf","sha":"991d5436a635194fec1ad1476eb7be6616032c7a"},{"name":"variables.tf","path":"examples/rds-with-replicas/variables.tf","sha":"708a5aaed525a4d6668607e9948f61329c17e29f"}]},{"name":"redshift","children":[{"name":"README.md","path":"examples/redshift/README.md","sha":"56b2a89cf6ee0ac8dd785d0496f758fa6251f00d"},{"name":"main.tf","path":"examples/redshift/main.tf","sha":"54c36ffe622ca36d3c6a2785c0d02a3117a47925"},{"name":"outputs.tf","path":"examples/redshift/outputs.tf","sha":"779c37290dc1c986bfd8d629cc9b2ba1d98c68aa"},{"name":"variables.tf","path":"examples/redshift/variables.tf","sha":"e89ac7c94a3aa6fd900dc5a31a17923c84091fab"}]},{"name":"vault-locks","children":[{"name":"README.md","path":"examples/vault-locks/README.md","sha":"7a49496e40c5bc5c8d2f1cacc23573e2d50ccc94"},{"name":"main.tf","path":"examples/vault-locks/main.tf","sha":"8ce5f9302261e936e8637eeba66fe14fd8fb670c"},{"name":"outputs.tf","path":"examples/vault-locks/outputs.tf","sha":"dd9af28381868df768797dad02f01224c08bc0a1"},{"name":"variables.tf","path":"examples/vault-locks/variables.tf","sha":"c10e2df32d32c72fcd591b75bb9cc4d1ae7a0eb0"}]},{"name":"vault-notifications","children":[{"name":"README.md","path":"examples/vault-notifications/README.md","sha":"0cb4cfa60f1f9da100d2e9c3320deb1bae4ace6f"},{"name":"main.tf","path":"examples/vault-notifications/main.tf","sha":"606218c36e4ed5b8b8a52bbe4d9d99090c84c3b5"},{"name":"outputs.tf","path":"examples/vault-notifications/outputs.tf","sha":"dd9af28381868df768797dad02f01224c08bc0a1"},{"name":"variables.tf","path":"examples/vault-notifications/variables.tf","sha":"c10e2df32d32c72fcd591b75bb9cc4d1ae7a0eb0"}]},{"name":"vault-plan-and-selection","children":[{"name":"README.md","path":"examples/vault-plan-and-selection/README.md","sha":"afc643feb33c59a100a059a391449a2c010359f1"},{"name":"main.tf","path":"examples/vault-plan-and-selection/main.tf","sha":"683877648a373fb90f889d03f00ca2dd434cb28e"},{"name":"outputs.tf","path":"examples/vault-plan-and-selection/outputs.tf","sha":"dd9af28381868df768797dad02f01224c08bc0a1"},{"name":"variables.tf","path":"examples/vault-plan-and-selection/variables.tf","sha":"c10e2df32d32c72fcd591b75bb9cc4d1ae7a0eb0"}]},{"name":"vault-recovery-points","children":[{"name":"README.md","path":"examples/vault-recovery-points/README.md","sha":"175e9a8c304f9e04a0735289c0c9abfaa4c1a595"},{"name":"main.tf","path":"examples/vault-recovery-points/main.tf","sha":"769d01586b12cd621485db66a957c24b7c3c437e"},{"name":"outputs.tf","path":"examples/vault-recovery-points/outputs.tf","sha":"b39a216ef2dfa3a71a2aca8d34a78843d459a4bd"},{"name":"variables.tf","path":"examples/vault-recovery-points/variables.tf","sha":"c10e2df32d32c72fcd591b75bb9cc4d1ae7a0eb0"}]}]},{"name":"modules","children":[{"name":"aurora","children":[{"name":"README-Aurora-Serverless.adoc","path":"modules/aurora/README-Aurora-Serverless.adoc","sha":"3dd7815fa25c87bd6317131485479a2f62378293"},{"name":"README-Aurora.adoc","path":"modules/aurora/README-Aurora.adoc","sha":"89ebb7a7c5aa8632a930c34993fc6c4cebe7efb4"},{"name":"README.adoc","path":"modules/aurora/README.adoc","sha":"380362d1284fb85791188b0171dc3ad2d24924ce"},{"name":"core-concepts.md","path":"modules/aurora/core-concepts.md","sha":"2f9326da75f970bb3a6452f907032d6f24c5505c"},{"name":"main.tf","path":"modules/aurora/main.tf","sha":"40f57a35cdb4b762b458ccd7588a3ff9396a6c88"},{"name":"outputs.tf","path":"modules/aurora/outputs.tf","sha":"7d26a713a297ec98e8c14a65e8a10f357dd0fe5a"},{"name":"variables.tf","path":"modules/aurora/variables.tf","sha":"f3014e4e24d7956098889a24c22ab14774789743"}]},{"name":"backup-plan","children":[{"name":"README.md","path":"modules/backup-plan/README.md","sha":"bbfdb5f91ff5c469e755ba5dacac21b80e01c175"},{"name":"core-concepts.md","path":"modules/backup-plan/core-concepts.md","sha":"f72addac44723e0037bdb5d4f4c4f253454fa0dc"},{"name":"main.tf","path":"modules/backup-plan/main.tf","sha":"484ea97057cd238d368083c8827e3787e7f83e07"},{"name":"outputs.tf","path":"modules/backup-plan/outputs.tf","sha":"7baaa43ded4ab3597ce120c202611ca7d1379a0b"},{"name":"variables.tf","path":"modules/backup-plan/variables.tf","sha":"a5bb4d9e5177649f5c041c2ba9cb88925176e713"}]},{"name":"backup-vault","children":[{"name":"README.md","path":"modules/backup-vault/README.md","sha":"9b4fb120d06fb5008825052f9263cd85814bc9ab","toggled":true},{"name":"core-concepts.md","path":"modules/backup-vault/core-concepts.md","sha":"f72addac44723e0037bdb5d4f4c4f253454fa0dc"},{"name":"main.tf","path":"modules/backup-vault/main.tf","sha":"25d11bc484ba3176bd84feeff11744005b4af183"},{"name":"outputs.tf","path":"modules/backup-vault/outputs.tf","sha":"6f9126dc37e7ffabb067ecc02fd9614d32be8c03"},{"name":"variables.tf","path":"modules/backup-vault/variables.tf","sha":"4ea933f74434ee4ec0840a36dda45a8a7a1cb714"}],"toggled":true},{"name":"efs","children":[{"name":"README.adoc","path":"modules/efs/README.adoc","sha":"79210e39496c6a731f4e469ba681d48aac2bc058"},{"name":"main.tf","path":"modules/efs/main.tf","sha":"8994cdcdd59dc7915b49f0f47cdc1fa4b93c4dd1"},{"name":"outputs.tf","path":"modules/efs/outputs.tf","sha":"b505b3d3c4ade32e06286ebea60be1a5f67ce77a"},{"name":"variables.tf","path":"modules/efs/variables.tf","sha":"203810287c25c3532fe9d442ac6e5afae0324a4e"}]},{"name":"lambda-cleanup-snapshots","children":[{"name":"README.md","path":"modules/lambda-cleanup-snapshots/README.md","sha":"f3a630bf25ce804716a4bf4e509a7888cf2570c4"},{"name":"cleanup-rds-snapshots","children":[{"name":"index.py","path":"modules/lambda-cleanup-snapshots/cleanup-rds-snapshots/index.py","sha":"9e651d2d57310054e21d891aec481d02c9d79489"}]},{"name":"main.tf","path":"modules/lambda-cleanup-snapshots/main.tf","sha":"9ce459f05dfa3d46a9607457d71e4f2ff2133ca4"},{"name":"outputs.tf","path":"modules/lambda-cleanup-snapshots/outputs.tf","sha":"a99c0265d859dd0c87a6eba62aaf2b013e224873"},{"name":"variables.tf","path":"modules/lambda-cleanup-snapshots/variables.tf","sha":"6a8d68f55cf51d75ec84caed75ebcb2ea25a5dab"}]},{"name":"lambda-copy-shared-snapshot","children":[{"name":"README.md","path":"modules/lambda-copy-shared-snapshot/README.md","sha":"1f592e4de130eb5deb9bd1b2732bb5747f82d1fe"},{"name":"copy-shared-rds-snapshot","children":[{"name":"index.py","path":"modules/lambda-copy-shared-snapshot/copy-shared-rds-snapshot/index.py","sha":"6b1a0331ee9ffc57c95e0923a4b1db46dec0b2c5"}]},{"name":"main.tf","path":"modules/lambda-copy-shared-snapshot/main.tf","sha":"2cf0feff6f1b3e1886654d4736e73e0311de9fb5"},{"name":"outputs.tf","path":"modules/lambda-copy-shared-snapshot/outputs.tf","sha":"f4833d96fa6d47190b9d2c3af243142aefc59d59"},{"name":"variables.tf","path":"modules/lambda-copy-shared-snapshot/variables.tf","sha":"d2256cb15149dbbcfc3593312e532e1a3323b22d"}]},{"name":"lambda-create-snapshot","children":[{"name":"README.adoc","path":"modules/lambda-create-snapshot/README.adoc","sha":"8884535dc6bbccb7427babefcfe005c17ec3b88f"},{"name":"core-concepts.md","path":"modules/lambda-create-snapshot/core-concepts.md","sha":"46c9c56f3d622c66244be9ab76bd3e2da0a2e7d2"},{"name":"create-rds-snapshot","children":[{"name":"index.py","path":"modules/lambda-create-snapshot/create-rds-snapshot/index.py","sha":"16bc7d1b67dcee20577808cdbf39b1938972c5cb"}]},{"name":"main.tf","path":"modules/lambda-create-snapshot/main.tf","sha":"8b0cda4b946828fe044f3bf758ceb3728e6f59f0"},{"name":"outputs.tf","path":"modules/lambda-create-snapshot/outputs.tf","sha":"a0f5ffafa8ef11d00b72f1858b81e182ab2471dd"},{"name":"variables.tf","path":"modules/lambda-create-snapshot/variables.tf","sha":"f18942d85d2e7c5dc4c629b1503a1c32a52e4b56"}]},{"name":"lambda-share-snapshot","children":[{"name":"README.md","path":"modules/lambda-share-snapshot/README.md","sha":"f00a0ab9745632e85d5f4c8e7a9389e1a8608b6b"},{"name":"main.tf","path":"modules/lambda-share-snapshot/main.tf","sha":"2cb639edd9c7d8ccee3d839ca9d6374827f2caad"},{"name":"outputs.tf","path":"modules/lambda-share-snapshot/outputs.tf","sha":"c0d2854f967a6c963662c660d6ae96d8cabe471a"},{"name":"share-rds-snapshot","children":[{"name":"index.py","path":"modules/lambda-share-snapshot/share-rds-snapshot/index.py","sha":"b4e784ff72172d1f3e84f0f97a48fdf60405ed27"}]},{"name":"variables.tf","path":"modules/lambda-share-snapshot/variables.tf","sha":"683571dbf98c2fb4f8077e7adadcb4df4241b9b4"}]},{"name":"rds","children":[{"name":"README-MariaDb.adoc","path":"modules/rds/README-MariaDb.adoc","sha":"52c88eedb3410b14c6ccc4db8ea3eaa484b7c13a"},{"name":"README-MySQL.adoc","path":"modules/rds/README-MySQL.adoc","sha":"75a2e92b04368988ffe7fb405a99155881f2c4f7"},{"name":"README-Oracle.adoc","path":"modules/rds/README-Oracle.adoc","sha":"a9f084cfbd084413bbcc818fd9f438a4faee367b"},{"name":"README-PostgreSQL.adoc","path":"modules/rds/README-PostgreSQL.adoc","sha":"2486401acaa724eba2f0a8814ef9dfa19c510ae0"},{"name":"README-SqlServer.adoc","path":"modules/rds/README-SqlServer.adoc","sha":"76d7220a727d84567e819102617bd01a3bda0cb2"},{"name":"README.adoc","path":"modules/rds/README.adoc","sha":"9ff6257dc966c5f7b9e5b08b71a97315cf10309b"},{"name":"core-concepts.md","path":"modules/rds/core-concepts.md","sha":"4746ffc4e601826c215bbcf636af45d95631f5b8"},{"name":"main.tf","path":"modules/rds/main.tf","sha":"03edb74292aa1f61a13d1c385bdbcc333f9752b5"},{"name":"outputs.tf","path":"modules/rds/outputs.tf","sha":"9d073f913ac9b972681753c6831d93bb133f830f"},{"name":"variables.tf","path":"modules/rds/variables.tf","sha":"d705e8f0ed2004dc4578779d63de9873305f81b6"}]},{"name":"redshift","children":[{"name":"README.adoc","path":"modules/redshift/README.adoc","sha":"f1fb41158dbcead7e6871b451ea811485e2dfeeb"},{"name":"main.tf","path":"modules/redshift/main.tf","sha":"9b1110f52515d6eb61c7b41dfa55623abc0f53ee"},{"name":"outputs.tf","path":"modules/redshift/outputs.tf","sha":"a58d5730738046153b5f73edee78cee1a0e76fd9"},{"name":"variables.tf","path":"modules/redshift/variables.tf","sha":"71b62776e88dd328adade081ad65eb2e62ced245"}]}],"toggled":true},{"name":"terraform-cloud-enterprise-private-module-registry-placeholder.tf","path":"terraform-cloud-enterprise-private-module-registry-placeholder.tf","sha":"ae586c0fe830819580e1009d41a9074f16e65bed"},{"name":"test","children":[{"name":"README.md","path":"test/README.md","sha":"ebcf2313b7664113168ca7e73d01acbd232d8f39"},{"name":"backup_test_helpers.go","path":"test/backup_test_helpers.go","sha":"51bdc48c508abbae30da4079e7a4e58318afa268"},{"name":"db_util.go","path":"test/db_util.go","sha":"8caa917a2446fa22a60d6374d6a1673ecbec57fb"},{"name":"example_aurora_global_test.go","path":"test/example_aurora_global_test.go","sha":"3ee53e6e6d8f35a8f0775d313b7334b8c012c545"},{"name":"example_aurora_test.go","path":"test/example_aurora_test.go","sha":"14485405d1f5899ca61bea11ba4b7f41d6234d6e"},{"name":"example_aurora_with_cross_region_replica_test.go","path":"test/example_aurora_with_cross_region_replica_test.go","sha":"7eccb1f8257accf5e4ec9871b320820cdedec051"},{"name":"example_backup_default_vault_and_plan_test.go","path":"test/example_backup_default_vault_and_plan_test.go","sha":"f6515478de142db5982821083e112f798af39055"},{"name":"example_backup_recovery_point_test.go","path":"test/example_backup_recovery_point_test.go","sha":"944035130d5cc776f5a2c6846684fc286fef62ab"},{"name":"example_backup_vault_and_plan_test.go","path":"test/example_backup_vault_and_plan_test.go","sha":"1abb1d062efc20d7bd18ca80e91a0b4815133896"},{"name":"example_backup_vault_notifications_test.go","path":"test/example_backup_vault_notifications_test.go","sha":"88a035ae086ffb5ac932ea5abc48cf1d90524fc4"},{"name":"example_efs_test.go","path":"test/example_efs_test.go","sha":"c84d706017cb7ca512c4a4070b470ecc586ffc89"},{"name":"example_lambda_rds_snapshot_create_resources_test.go","path":"test/example_lambda_rds_snapshot_create_resources_test.go","sha":"542c9e0154660daeba8990a16cfa66d5359927ef"},{"name":"example_lambda_rds_snapshot_multiple_schedules_test.go","path":"test/example_lambda_rds_snapshot_multiple_schedules_test.go","sha":"094a8a691f259f79943e7fbf672d2ff8b40b65e4"},{"name":"example_lambda_rds_snapshot_test.go","path":"test/example_lambda_rds_snapshot_test.go","sha":"a8f8a0119eb3c072ff6803e2b9307f69be28aa57"},{"name":"example_rds_mariadb_test.go","path":"test/example_rds_mariadb_test.go","sha":"72d53a587b47c05cbb9c9c96f2094a70b7882f19"},{"name":"example_rds_mysql_test.go","path":"test/example_rds_mysql_test.go","sha":"cfc6ef03fb0a9ae01f889f6a5db83ed49b008ed2"},{"name":"example_rds_mysql_with_cross_region_replica_test.go","path":"test/example_rds_mysql_with_cross_region_replica_test.go","sha":"62096d069fae76882b712aec89161e5f1d34a2c3"},{"name":"example_rds_postgres_test.go","path":"test/example_rds_postgres_test.go","sha":"d301ebc1542294b294eb299038abff9d305da804"},{"name":"example_rds_sqlserver_test.go","path":"test/example_rds_sqlserver_test.go","sha":"e31306c1a15bc3f6fa2eeddd6a61a43918527d2f"},{"name":"example_rds_with_replicas_test.go","path":"test/example_rds_with_replicas_test.go","sha":"7693e4d795ca0c1e9e4486cbee9d51cdd14c890e"},{"name":"example_redshift_test.go","path":"test/example_redshift_test.go","sha":"6e7d5773c6e66b98a0279b839ccd33dbb3899b07"},{"name":"go.mod","path":"test/go.mod","sha":"e0814f0b8ef7d48ac1c421b871d364ce6d945ebb"},{"name":"go.sum","path":"test/go.sum","sha":"77311078766f02b7238ade3938e6d9c70694535e"},{"name":"util.go","path":"test/util.go","sha":"9cb6930e3a2a8c9365c885614b37b9da81837d66"},{"name":"validation","children":[{"name":"validate_all_modules_and_examples_test.go","path":"test/validation/validate_all_modules_and_examples_test.go","sha":"74c928d0cbc2914e5cd708277bd857cb2375b660"}]}]}]},"detailsContent":"<h1 class=\"preview__body--title\" id=\"backup-vault-module\">Backup Vault Module</h1><div class=\"preview__body--border\"></div><p>This Terraform Module launches a <a href=\"https://docs.aws.amazon.com/aws-backup/latest/devguide/vaults.html\" class=\"preview__body--description--blue\" target=\"_blank\">Backup Vault</a> that you can use to store, organize and, optionally, preserve your AWS Backup recovery points against deletion.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-use-this-module\">How do you use this module?</h2>\n<ul>\n<li>See the <a href=\"/repos/v0.29.0/module-data-storage/README.adoc\" class=\"preview__body--description--blue\">root README</a> for instructions on using Terraform modules.</li>\n<li>See the <a href=\"/repos/v0.29.0/module-data-storage/examples\" class=\"preview__body--description--blue\">examples</a> folder for example usage.</li>\n<li>See <a href=\"/repos/v0.29.0/module-data-storage/modules/backup-vault/variables.tf\" class=\"preview__body--description--blue\">variables.tf</a> for all the variables you can set on this module.</li>\n<li>See the <a href=\"/repos/v0.29.0/module-data-storage/modules/backup-plan/README.md\" class=\"preview__body--description--blue\">backup-plan module</a> for how to configure plans and resource selections.</li>\n</ul>\n<h2 class=\"preview__body--subtitle\" id=\"what-is-a-backup-vault\">What is a Backup Vault?</h2>\n<p>A backup vault is a container for securing and organizing your Backup artifacts, such as EC2 AMIs, RDS Database recovery points, EBS volumes, et cetera. You can specify an AWS KMS key ID that will be used to encrypt resources in this vault that support encryption. Learn more in <a href=\"https://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html\" class=\"preview__body--description--blue\" target=\"_blank\">the official AWS Backup encryption guide</a>.</p>\n<p>Note that, once you have enabled AWS Backup support in a given region for your account, there will always be a default vault named <code>"Default"</code> (note the casing). You cannot delete the default backup vault.</p>\n<p>You can opt to either associate Backup plans and selections with your default vault, or any custom vaults you create.</p>\n<h2 class=\"preview__body--subtitle\" id=\"what-is-a-backup-vault-lock\">What is a Backup Vault Lock?</h2>\n<p>Locks are an optional means of adding an additional layer of protection for your recovery points stored in a Backup Vault. If you opt to lock a vault, you will secure its recovery points against delete operations and any updates that would otherwise alter their retention period. This means you can use locks to enforce retention periods, prevent early or accidental deletions by privileged users, and generally meet any compliance and data protection requirements you may have.</p>\n<p>See <a href=\"https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html\" class=\"preview__body--description--blue\" target=\"_blank\">the official AWS Backup Vault Lock guide</a> for more information.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-lock-a-vault\">How do you lock a vault?</h2>\n<p>To add a Vault lock when configuring a new vault with this module, set the <code>locked</code> attribute to true like so:</p>\n<pre>module <span class=\"hljs-string\">\"backup_vault\"</span> {\n\n <span class=\"hljs-attr\">vaults</span> = {\n <span class=\"hljs-attr\">locked-vault</span> = {\n <span class=\"hljs-attr\">locked</span> = <span class=\"hljs-literal\">true</span>\n <span class=\"hljs-attr\">changeable_for_days</span> = <span class=\"hljs-number\">5</span>\n <span class=\"hljs-attr\">min_retention_days</span> = <span class=\"hljs-number\">30</span>\n <span class=\"hljs-attr\">max_retention_days</span> = <span class=\"hljs-number\">120</span>\n }\n }\n}\n</pre>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-enable-vault-notifications\">How do you enable vault notifications?</h2>\n<p>Backup vaults can publish notifications to an SNS topic. This is useful when you want to monitor for any problems with your backup workflows. To enable notifications for a vault when configuring a new vault with this module, set the <code>enable_notifications</code> attribute to true like so:</p>\n<pre><span class=\"hljs-keyword\">module</span> <span class=\"hljs-string\">\"backup_vault\"</span> {\n\n ...\n\n vaults = {\n <span class=\"hljs-string\">\"vault-with-notifications-enabled\"</span> = {\n enable_notifications = true\n <span class=\"hljs-comment\"># If you wish to specify which AWS Backup events to listen to, you can pass them like so</span>\n <span class=\"hljs-comment\"># If you do not pass events_to_listen_for, then all AWS Backup events will be listened for!</span>\n events_to_listen_for = [<span class=\"hljs-string\">\"BACKUP_JOB_STARTED\"</span>, <span class=\"hljs-string\">\"BACKUP_JOB_COMPLETED\"</span>]\n }\n }\n}\n\n</pre>\n<h2 class=\"preview__body--subtitle\" id=\"warning-it-is-important-to-understand-that-misuse-of-locks-could-lead-to-high-aws-spend\">WARNING - It is important to understand that misuse of locks could lead to high AWS spend</h2>\n<p>For example, the following common conditions could all be true when you are developing against or testing AWS Backup. If:</p>\n<ol>\n<li>You create a lock for a vault</li>\n<li>the vault has a plan selecting many resources, for example, via widely used tags such as <code>Snapshot: true</code></li>\n<li>Your account has many resources with matching tags</li>\n<li>Your lock takes effect, because you did not delete it during the 3 day cool-down period</li>\n</ol>\n<p>then you will end up with many potentially large recovery points that you cannot delete and must pay for the storage of. <strong>Use extreme caution when testing, developing or studying!</strong></p>\n","repoName":"module-data-storage","repoRef":"v0.22.2","serviceDescriptor":{"serviceName":"RDS","serviceRepoName":"module-data-storage","serviceRepoOrg":"gruntwork-io","serviceMainReadmePath":"/modules/rds/foo","cloudProviders":["aws"],"description":"Terraform code and scripts for deploying data-storage resources (e.g. databases, cache) in AWS","imageUrl":"amazon_rds.png","licenseType":"subscriber","technologies":["Terraform","Bash"],"compliance":[],"tags":[""],"noDisplayInUI":true},"serviceCategoryName":"Database","fileName":"README.md","filePath":"/modules/backup-vault","title":"Repo Browser: RDS","description":"Browse the repos in the Gruntwork Infrastructure as Code Library."}
.circleci
main.tf
