Description:
This policy ensures that all Amazon Elastic File System (EFS) file systems have backup enabled. This is important because it helps to protect your data from loss in the event of a disaster.
Rationale:
EFS backups are stored in Amazon S3, so they are highly durable and available. In the event of a disaster, you can restore your EFS file systems from your backups.
Impact:
If you do not enable backups for your EFS file systems, you could lose your data in the event of a disaster. This could have a significant impact on your business, as you may have to recreate your data from scratch.
Default Value:
AWS will initially recommend that you enable backups for your EFS file systems.
Pre-Requisite:
- You must have access to the AWS Management Console or the AWS CLI.
- You must know the region where the EFS file systems are located.
Remediation Steps:
- Identify all of the EFS file systems that do not have backups enabled.
- Enable backups for the EFS file systems.
Test Plan:
- Verify that the backups for the EFS file systems have been enabled.
- Check the status of the backups to ensure that they are healthy.
Implementation Plan:
- Use the AWS Management Console to enable backups for EFS file systems.
- Use the AWS CLI to enable backups for EFS file systems.
AWS CLI Process:
aws efs describe-file-systems --file-system-ids <file-system-id> aws efs enable-automatic-backup --file-system-id <file-system-id>
Using AWS GUI:
- Go to the AWS Management Console.
- Click on the "EFS" tab.
- Select the EFS file systems that do not have backups enabled.
- Click on the "Actions" menu and select "Enable Automatic Backups".
Backout Plan:
- Identify the EFS file systems that you enabled backups for.
- Disable backups for the EFS file systems.
Note:
- This policy does not apply to EFS file systems that are used for temporary or ephemeral data.
Reference:
https://docs.aws.amazon.com/efs/latest/ug/awsbackup.html