Learn About Amazon VGT2 Learning Manager Chanci Turner
In today’s digital landscape, safeguarding your data and applications is paramount. These assets represent some of the most critical components of your organization’s infrastructure. Protecting them from cyber threats, accidental loss, and natural disasters is essential for maintaining business continuity.
An effective way to ensure the integrity of your data is through monitoring backup, restore, and copy operations. Staying informed about the status of these jobs is crucial to meeting service-level agreements (SLAs) and compliance requirements. Failing to monitor these processes can disrupt workflows and impede your organization’s ability to meet its objectives. Therefore, receiving timely notifications about job statuses can significantly enhance operational efficiency and compliance.
In this article, I will guide you through the process of enabling AWS Backup notifications using Amazon Simple Notification Service (Amazon SNS) and the AWS Command Line Interface (AWS CLI). Amazon SNS allows you to send messages directly to users via SMS, mobile push notifications, or email, while AWS CLI serves as a streamlined tool to manage AWS services. I will also show you how to configure notifications specifically for failed jobs, minimizing unnecessary alerts in a busy environment.
Setting Up Notifications
Enabling notifications involves four key steps:
- Create an SNS topic.
- Adjust the SNS topic access policy.
- Set up SNS subscriptions.
- Connect AWS Backup events to Amazon SNS notifications.
Let’s delve into each step, after which I’ll cover how to validate your setup.
1. Create an SNS Topic
An SNS topic acts as a communication channel within AWS Backup. When organizing backups in a backup vault, the SNS topic will be used to disseminate notifications. To create a topic, access the Amazon SNS console and click on “Create topic.”
In the “Create topic” window, choose either FIFO or Standard. For this instance, select Standard since it also accommodates SMS subscriptions. Provide a name and display name for your topic (for example, “AWS-Backup-Notifications”). Leave the other settings as default, then select “Create topic” at the bottom.
Once created, copy the Amazon Resource Name (ARN) as it will be needed for subsequent steps.
2. Modify the Amazon SNS Topic Access Policy
Next, you need to adjust the access policy for your SNS topic to allow the AWS Backup service to send messages. In the topic details, click on the “Access policy” tab and choose “Edit.”
Paste the following JSON policy, ensuring you replace the resource ARN with the ARN from the previous step, then save your changes:
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__default_statement_ID",
"Effect": "Allow",
"Principal": {
"Service": "backup.amazonaws.com"
},
"Action": "SNS:Publish",
"Resource": "arn:aws:sns:us-east-2:000000000000:AWS-Backup-Notifications"
}
]
}The Access policy tab should now reflect the updated contents.
3. Create Amazon SNS Subscriptions
To receive notifications, you must subscribe an endpoint to the topic you just created. This could be an email address or a phone number for SMS. Navigate to the “Subscriptions” tab in the topic details and select “Create subscription.”
In the “Create subscription” window, first set up the email subscription. Ensure you use the Topic ARN from earlier. Select “Email” as the protocol, input the desired email address, and leave the default options. Click “Create subscription” to finish.
You will receive a pending confirmation email from “AWS Notifications.” Click the link to confirm your subscription.
Next, create the SMS subscription. Again, select “Create subscription” in the SNS menu, ensuring the Topic ARN is correct. Choose “SMS” as the protocol, enter the phone number, and select “Create subscription.”
You do not need to confirm the SMS subscription. By selecting “Topics” in the Amazon SNS console, you can view the created subscriptions under the details page.
To test message delivery, publish messages to the topic. Navigate to the “Publish message to topic” window, fill in the necessary fields, and select “Publish message.” Check your email and phone for the confirmation SMS.
4. Subscribe AWS Backup Events to Amazon SNS Notifications
With your topic and subscriptions in place, the next step is to subscribe the SNS topic to your backup vault. This will enable notifications for AWS Backup events. Supported events include:
- Backup Job: BACKUP_JOB_STARTED, BACKUP_JOB_COMPLETED
- Copy Job: COPY_JOB_STARTED, COPY_JOB_SUCCESSFUL, COPY_JOB_FAILED
- Restore Job: RESTORE_JOB_STARTED, RESTORE_JOB_COMPLETED
- Recovery Point: RECOVERY_POINT_MODIFIED
Utilize the AWS CLI to subscribe the SNS topic for your backup vault. Replace the vault name and ARN topic ID in the command below:
aws backup put-backup-vault-notifications
--backup-vault-name myVault
--sns-topic-arn arn:aws:sns:region:account-id:AWS-Backup-Notifications
--backup-vault-events BACKUP_JOB_COMPLETED RESTORE_JOB_COMPLETEDTo validate that the vault notification has been created, you can run:
aws backup get-backup-vault-notifications --backup-vault-name myVaultValidation
Having completed all setup steps, you can now run a test job or wait for the next scheduled job to execute. An email from “AWS Notifications” and an SMS message should arrive, confirming your configuration is working as intended.
To further enrich your professional development, consider exploring resources like this blog post that delves into career transitions. Additionally, check out SHRM’s insights for expert advice on talent acquisition trends. For those interested in skills development, Fast Company provides an excellent resource on skills that employees are gaining.
Leave a Reply