Continuous backups and point-in-time restore (PITR)
For some resources, Amazon Backup supports continuous backups and point-in-time recovery (PITR) in addition to snapshot backups.
With continuous backups, you can restore your Amazon Backup-supported resource by rewinding it back to a specific time that you choose, within 1 second of precision (going back a maximum of 35 days). Continuous backup works by first creating a full backup of your resource, and then constantly backing up your resource’s transaction logs. PITR restore works by accessing your full backup and replaying the transaction log to the time that you tell Amazon Backup to recover.
Alternatively, snapshot backups can be taken as frequently as every hour. Snapshot backups can be stored for up to a maximum of 100 years. Snapshots can be copied for full or incremental backups.
Because continuous and snapshot backups offer different advantages, we recommend that you protect your resources with both continuous and snapshot backup rules.
An on-demand backup begins to back up your resource immediately. You can choose an on-demand backup if you wish to create a backup at a time other than the scheduled time defined in a backup plan. An on-demand backup can be used, for example, to test backup and functionality at any time.
You can't use on-demand backups with point-in-time restore (PITR), because an on-demand backup preserves resources in the state they are in when the backup is taken, while PITR uses continuous backups, which record changes over a period of time.
You can opt in to continuous backups for supported resources when you create a backup plan in Amazon Backup using the Amazon Backup console or the API. The continuous backup plan creates one continuous recovery point and updates that recovery point whenever the job runs.
Contents
- Supported services for continuous backup / point in time restore (PITR)
- Finding a continuous backup
- Restoring a continuous backup
- Stopping or deleting continuous backups
- Copying continuous backups
- Changing your retention period
- Removing the only continuous backup rule from a backup plan
- Overlapping continuous backups on the same resource
- Point-in-time recovery considerations
Supported services for continuous backup / point in time restore (PITR)
Amazon Backup supports continuous backups and point-in-time recovery for the following services and applications:
Amazon S3
To turn on PITR for S3 backups, continuous backups need to part of the backup plan.
While this original backup of the source bucket can have PITR active, cross-Region or cross-account destination copies will not have PITR, and restoring from these copies will restore to the time they were created (the copies will be snapshot copies) instead of restoring to a specified point in time.
RDS
Backup schedules: When an Amazon Backup plan creates both Amazon RDS snapshots and continuous backups, Amazon Backup will intelligently schedule your backup windows to coordinate with the Amazon RDS maintenance window to prevent conflicts. To further prevent conflicts, manual configuration of the Amazon RDS automated backup window is unavailable. RDS takes snapshots once per day regardless if a backup plan has a frequency for snapshot backups other than once per day.
Settings: After you apply an Amazon Backup continuous backup rule to an Amazon RDS instance, you can't create or modify continuous backup settings to that instance in Amazon RDS; modifications must be done through the Amazon Backup console or the Amazon Backup CLI.
Transition control of continuous backup for an Amazon RDS instance back to Amazon RDS:
IAM permissions required for Amazon RDS continuous backups
-
To use Amazon Backup to configure continuous backups for your Amazon RDS database, verify that the API permission
rds:ModifyDBInstance
exists in the IAM role defined by your backup plan configuration. To restore Amazon RDS continuous backups, you must add the permissionrds:RestoreDBInstanceToPointInTime
to the IAM role that you submitted for the restore job. You can use theAmazon Backup default service role
to perform backups and restores. -
To describe the range of times available for point-in-time recovery, Amazon Backup calls
rds:DescribeDBInstanceAutomatedBackups
. In the Amazon Backup console, you must have therds:DescribeDBInstanceAutomatedBackups
API permission in your Amazon Identity and Access Management (IAM) managed policy. You can use theAWSBackupFullAccess
orAWSBackupOperatorAccess
managed policies. Both policies have all required permissions. For more information, see Managed Policies.
Retention periods: When you change your PITR retention period,
Amazon Backup calls ModifyDBInstance
and applies that change immediately. If you
have other configuration updates pending the next maintenance window, changing your PITR
retention period will also apply those configuration updates immediately. For more
information, see ModifyDBInstance
in the Amazon Relational Database Service API Reference.
Copies of Amazon RDS continuous backups:
-
Incremental snapshot copy jobs process faster than full snapshot copy jobs. Keeping a previous snapshot copy until the new copy job is complete may reduce the copy job duration. If you choose to copy snapshots from RDS database instances, it is important to note that deleting previous copies first will cause full snapshot copies to be made (instead of incremental). For more information on optimizing copying, see Incremental snapshot copying in the Amazon RDS User Guide
-
Creating copies of Amazon RDS continuous backups — You can't create copies of Amazon RDS continuous backups because Amazon Backup for Amazon RDS does not allow copying transaction logs. Instead, Amazon Backup creates a snapshot and copies it with the frequency specified in the backup plan.
Restores: You can perform a point-in-time restore using either Amazon Backup or Amazon RDS. For Amazon Backup console instructions, see Restoring an Amazon RDS Database. For Amazon RDS instructions, see Restoring a DB Instance to a specified time in the Amazon RDS User Guide.
Tip
A multi AZ (availability zone) database instance set to Always On
should not have a backup retention set to zero. If errors occur, use Amazon CLI command
disassociate-recovery-point
instead of
delete-recovery-point
, then change the retention setting to 1 in your
Amazon RDS settings.
For general information about working with Amazon RDS, see the Amazon RDS User Guide.
Aurora
To enable continuous backup of your Aurora resources, see the steps in the first section of this page.
The procedure to restore an Aurora cluster to a point in time is a variation of the steps to restore a snapshot of an aurora cluster.
When you conduct a point in time restore, the console displays a restore time section. See Restoring a continuous backup further down on this page in Working with Continuous backups.
SAP HANA on Amazon EC2 instances
You can make continuous backups , which can be used with point-in-time restore (PITR) (note that on-demand backups preserve resources in the state in which they are taken; whereas PITR uses continuous backups which record changes over a period of time).
With continuous backups, you can restore your SAP HANA database on an EC2 instance by rewinding it back to a specific time that you choose, within 1 second of precision (going back a maximum of 35 days). Continuous backup works by first creating a full backup of your resource, and then constantly backing up your resource’s transaction logs. PITR restore works by accessing your full backup and replaying the transaction log to the time that you tell Amazon Backup to recover.
You can opt in to continuous backups when you create a backup plan in Amazon Backup using the Amazon Backup console or the API.
To enable continuous backups using the console
Sign in to the Amazon Web Services Management Console, and open the Amazon Backup console at https://console.amazonaws.cn/backup
. -
In the navigation pane, choose Backup plans, and then choose Create Backup plan.
-
Under Backup rules, choose Add Backup rule.
-
In the Backup rule configuration section, select Enable continuous backups for supported resources.
After you disable PITR (point-in-time
restore) for SAP HANA database backups, logs will continue to be sent to Amazon Backup
until the recovery point expires (status equals EXPIRED)
. You can change to
an alternative log backup location in SAP HANA to stop the transmission of logs to
Amazon Backup.
A continuous recovery point with a status of STOPPED
indicates that a
continuous recovery point has been interrupted; that is, the logs transmitted from SAP
HANA to Amazon Backup that show the incremental changes to a database have a gap. The recovery
points that occur within this timeframe gap have a status of
STOPPED.
.
For issues you may encounter during restore jobs of continuous backups (recovery points), see the SAP HANA Restore troubleshooting section of this guide.
Point-in-time recovery considerations
Be aware of the following considerations for point-in-time recovery:
-
Automatic fallback to snapshots — If Amazon Backup is unable to perform a continuous backup, it tries to perform a snapshot backup instead.
-
No support for on-demand continuous backups — Amazon Backup doesn't support on-demand continuous backup because on-demand backup records a point in time, whereas continuous backup records changes over a period of time.
-
No support for transition to cold storage — Continuous backups don't support transition to cold storage because transition to cold requires a minimum transition period of 90 days, whereas continuous backups have a maximum retention period of 35 days.
Restoring recent activity — Amazon RDS activity allows restores up until the most recent 5 minutes of activity; Amazon S3 allows restores up until the most recent 15 minutes of activity.