AWS Backup Policy Tag Conditions

0

Does anyone know if it is possible to use tag conditions when creating AWS Backup policy syntax?

We use tag based resource allocation in the backup plans across accounts and need to have different conditions within the backup plan based on a qualifying tag. Based on what tag is applied will determine the plan conditions (frequency, retention, vault etc)

At present, we are doing this with separate backup policies and are conscious that we do not want multiple (similar) backup policies that mean we will hit the maximum allowed attached to an account or OU. Looking at example backup policy syntax here [1] we cannot see a way to use rule conditions based on a tag. If not, can we "stack" multiple backup plan syntax within a single backup policy and attach to an OU?

[1] https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_backup_syntax.html

Any help is appreciated.

asked 5 months ago218 views
2 Answers
0

Hi,

to my knowledge it is not possible.

Can you clarify your second request? => You can stack multiple backup rules and resource assignments in your backup policy.

But that means that each resource wich is attached with the required tag will have both backuprules active.

Example: 30Days 1Year 10Years

You can either create 3 backup policies or create one backup policy with all three backup rules covered.

You can set the same tag for all policies or a different one for each.

Btw. unfortunatly there is also no way currently for conditions regarding the tags in the backup policy, atleast that's what aws support told me 3 months ago and we didn't find a way to do so. (Wich is strange because in the normal backup plans you can have conditions for tags)

Sincerely Heiko

profile picture
HeikoMR
answered 5 months ago
profile picture
EXPERT
reviewed 2 months ago
0

Hi Heiko My question here was to use multiple backup plan syntax within a single backup policy and whether these would work? We would then apply one Backup Policy to an OU that would apply plans based on the resource tag.

In the console, you can't create multiple plans or conditions based on tags, so was looking to see if we can do this in backup policy code.

answered 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions