Creating backup copies across Amazon Web Services Regions - Amazon Backup
Cross-Region copy considerations with specific resourcesPerforming on-demand cross-Region backupScheduling cross-Region backup
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Creating backup copies across Amazon Web Services Regions

Using Amazon Backup, you can copy backups to multiple Amazon Web Services Regions on demand or automatically as part of a scheduled backup plan. Cross-Region replication is particularly valuable if you have business continuity or compliance requirements to store backups a minimum distance away from your production data. For a video tutorial, see Managing cross-Region copies of backups.

When you copy a backup to a new Amazon Web Services Region for the first time, Amazon Backup copies the backup in full. In general, if a service supports incremental backups, subsequent copies of that backup in the same Amazon Web Services Region will be incremental. Amazon Backup will re-encrypt your copy using the customer managed key of your destination vault.

An exception is Amazon EBS, which states that, changing the encryption status of a snapshot during a copy operation results in a full (not incremental) copy.

Requirements

Cross-Region copy considerations with specific resources

Amazon RDS

You can't copy an option group to another Amazon Web Services Region. If this attempted, you can get an error, such as "The snapshot requires a target option group with the following options: ...."

You must input the same option groups in the target Amazon Web Services Region when you create a new cross-Region copy of an Amazon RDS snapshot.

Performing on-demand cross-Region backup

To copy an existing backup on-demand

  1. Open the Amazon Backup console at https://console.amazonaws.cn/backup.

  2. Choose Backup vaults.

  3. Choose the vault that contains the recovery point you want to copy.

  4. In the Backups section, select a recovery point to copy.

  5. Using the Actions dropdown button, choose Copy.

  6. Enter the following values:

    Copy to destination

    Choose the destination Amazon Web Services Region for the copy. You can add a new copy rule per copy to a new destination.

    Destination Backup vault

    Choose the destination backup vault for the copy.

    Transition to cold storage

    Choose when to transition the backup copy to cold storage. Backups transitioned to cold storage must be stored there for a minimum of 90 days. This value cannot be changed after a copy has transitioned to cold storage.

    To see the list of resources that you can transition to cold storage, see the "Lifecycle to cold storage" section of the Feature availability by resource table. The cold storage expression is ignored for other resources.

    Retention period

    Choose specifies the number of days after creation that the copy is deleted. This value must be greater than 90 days beyond the Transition to cold storage value. The Always retention period retains your copy indefinitely.

    IAM role

    Choose the IAM role that Amazon Backup will use when creating the copy. The role must also have Amazon Backup listed as a trusted entity, which enables Amazon Backup to assume the role. If you choose Default and the Amazon Backup default role is not present in your account, one will be created for you with the correct permissions.

  7. Choose Copy.

Scheduling cross-Region backup

You can use a scheduled backup plan to copy backups across Amazon Web Services Regions.

To copy a backup using a scheduled backup plan

  1. Open the Amazon Backup console at https://console.amazonaws.cn/backup.

  2. In My account, choose Backup plans, and then choose Create Backup plan.

  3. On the Create Backup plan page, choose Build a new plan.

  4. For Backup plan name, enter a name for your backup plan.

  5. In the Backup rule configuration section, add a backup rule that defines a backup schedule, backup window, and lifecycle rules. You can add more backup rules later.

    1. For Backup rule name, enter a name for your rule.

    2. For Backup vault, choose a vault from the list. Recovery points for this backup will be saved in this vault. You can create a new backup vault.

    3. For Backup frequency, choose how often you want to take backups.

    4. For services that support PITR, if you want this feature, choose Enable continuous backups for point-in-time recovery (PITR). For a list a services that support PITR, see that section of the Feature availability by resource table.

    5. For Backup window, choose Use backup window defaults - recommended. You can customize the backup window.

    6. For Copy to destination, Choose the destination Amazon Web Services Region for your backup copy. Your backup will be copied to this Region. You can add a new copy rule per copy to a new destination. Then enter the following values:

      Copy to another account's vault

      Do not toggle this option. To learn more about cross-account copy, see Creating backup copies across Amazon Web Services accounts

      Destination Backup vault

      Choose the backup vault in the destination Region where Amazon Backup will copy your backup.

      If you would like to create a new backup vault for cross-Region copy, choose Create new Backup vault. Enter the information in the wizard. Then choose Create Backup vault.

  6. Choose Create plan.