Amazon recently announced the general availability of AWS Backup for Amazon S3, a managed option to centralize data protection for applications storing data on S3. The new feature automates the backup and restore of application data on S3 and combines it with the backup of other services, including instances and databases.
To enable AWS Backup for S3, developers must create a centralized data protection policy, choosing between continuous and periodic backups, and assign it to the S3 bucket using tags or resource IDs. AWS Backup creates encrypted backup vaults that can be restored with an API request. Continuous backups allow restore to any point in time within the last 35 days, periodic backups can be stored indefinitely and support frequencies of 1 hour, 12 hours, 1 day, 1 week and 1 month.
The new option helps meet business continuity goals and targets three main use cases: applications that need point-in-time recovery of multiple objects, recovery of S3 content after an accidental deletion and backup and recovery solutions for enterprise data lakes. Explaining how to automate and centrally manage data protection for S3, Sabith Venkitachalapathy, enterprise solutions architect at AWS, and Wali Akbari, principal solutions architect at AWS, write:
Using AWS Backup for Amazon S3 and its Backup Vault Lock feature, you can define data protection policies to create independent immutable backup copies of your data stored in an S3 data lake. This will help provide a mechanism to protect data in your data lake against accidental deletions and malicious re-encryption.
Source: https://aws.amazon.com/blogs/storage/automate-and-centrally-manage-data-protection-for-amazon-s3-with-aws-backup/
In a Reddit thread, user zilch321 compares AWS Backup with S3 versioning:
If versioning meets your requirements then you don't need AWS Backup. I have clients who have had point in time recovery requirements not easily met by individual object versions. Especially when millions of objects are involved.
Andreas Wittig, founder of cloudonaut.io, agrees that point-in-time recovery is a step forward:
Imagine you rolled out a change to the batch job. Due to a mistake the job corrupts a lot of objects. As you have versioning enabled, you want to roll back to a specific point-in-time. However, doing so requires a lot of API calls and is not trivial.
Corey Quinn, cloud economist at The Duckbill Group, warns in his newsletter about the extra costs:
Using this service means you can back up your data in S3 to AWS Backup, where the backup copy of your data alone will cost you over twice as much per gigabyte to keep around.
AWS Backup for Amazon S3 is currently available in a subset of AWS regions, including Northern Virginia and Ireland and customers must enable versioning on the S3 bucket. The service is charged separately at 0.05 USD per GB-month, a significantly higher price than the S3 storage.