使用AWS re:Post即您表示您同意 AWS re:Post 使用条款

S3 Backup Copy to destination no errors yet nothing copied

0

I have a S3 backup job that successfully runs each day without any errors being reported, but it is configured to copy to another region and when I go to the vault in that region there is nothing there.

  • It is not another organisation
  • The region (Melbourne) supports backups as an opt-in and the option is checked.
  • The required policies have been added to the role

I've run out of ideas, can anyone help me determine why it doesn't work without having any error information?

已提问 2 个月前102 查看次数
3 回答
1

There are a few potential reasons why your S3 backup job might be running successfully without errors, yet failing to copy the backup to the destination region. Here are some areas to investigate:

  1. IAM Role Permissions: Ensure that the IAM role used for the backup job has the necessary permissions not only for creating the backup but also for copying it to the destination region. The role should have the appropriate S3 permissions (such as s3:PutObject) for the destination bucket in the Melbourne region.

  2. Backup Vault Configuration: Verify that the backup vault in the destination region (Melbourne) is correctly configured and accessible. Make sure the IAM role has the required permissions to write to this vault.

  3. EventBridge Configuration: AWS Backup relies on receiving S3 events through Amazon EventBridge. Check if EventBridge is properly configured and enabled for your S3 buckets. If this setting is disabled in the S3 bucket notification settings, it could prevent the copy operation from occurring.

  4. Lifecycle Rules: Confirm that there are no conflicting lifecycle rules in the destination bucket that might be immediately moving or deleting the copied backups.

  5. KMS Key Policies: If you're using AWS Key Management Service (KMS) for encryption, ensure that the KMS key policy in the destination region allows the backup role to use the key for encryption.

  6. Cross-Region Replication Settings: Double-check the cross-region replication settings in your backup plan. Make sure the destination region, backup vault, and IAM role are correctly specified.

  7. S3 Versioning: Verify that S3 versioning is enabled on both the source and destination buckets, as this is a requirement for AWS Backup to work with S3.

  8. CloudTrail Logs: Consider reviewing CloudTrail logs for the backup job and the copy operation. Even if no errors are reported in the AWS Backup console, CloudTrail might provide more detailed information about any failed API calls.

  9. AWS Support: If you've verified all the above and still can't identify the issue, it may be worth contacting AWS Support. They can help investigate the problem more deeply, especially if there's an underlying service issue.

Remember to check both the source and destination regions for any relevant logs or metrics that might provide clues about the copy operation's failure.

Sources
Troubleshoot errors for Amazon S3 backups that fail | AWS re:Post
Amazon S3 backups - AWS Backup
Community | Protecting Amazon S3 Using AWS Backup

profile picture
已回答 2 个月前
profile picture
专家
已审核 2 个月前
profile pictureAWS
专家
已审核 2 个月前
  • Regarding "7. S3 Versioning: Verify that S3 versioning is enabled on both the source and destination buckets, as this is a requirement for AWS Backup to work with S3", the destination is not an S3 bucket - it is a Backup vault - so "versioning" can't be enabled.

    Same applies to "The role should have the appropriate S3 permissions (such as s3:PutObject) for the destination bucket in the Melbourne region." It's not an s3 bucket so it is literally impossible to assign s3:PutObject permissions to it.

0
已接受的回答

I enabled Cloudwatch which just gave me reams and reams of unfathomable random data - nothing at all that I could use to diagnose this problem. Solution: I've disable the remote copy. I'll just have to live with the local copy. I don't have time to waste trying to debug other peoples systems that don't contain basic error reporting.

已回答 1 个月前
0

Hello,

In the source region AWS Backup console, check the status of the S3 copy jobs (Jobs > Copy Jobs).

  • If there are failed jobs, review the status message and take action as per the error.
  • If there are no copy jobs, then your backup plan/policy is unable to initiate copy jobs. Review the copy configuration in your backup plan/policy.
  • In cases where copy job is successful but still no recovery points in destination vault could be due to the retention setting applied for the copy. Retention for the copy is calculated from the start day of backup. Example, Day1 backup completed and on Day5 if you copy to another vault with 1 day retention, then upon copy job completion the recovery point gets deleted in destination vault.
AWS
已回答 2 个月前
  • There are no failed jobs, there are no "completed with issues" jobs. Every day the job successfully completes according to the dashboard and the recovery points are all there. The retention period for the primary backup is 1 month warm / 3 months cold. The retention period for the remote copy is 5 months warm / 10 years cold.

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则