EFS Backup Policy
π¦ Overviewβ
This Terraform module provisions an AWS Backup policy targeting an existing EFS file system. It includes:
A dedicated Backup Vault, a scheduled Backup Plan, and a backup selection targeting your specified EFS file systemβall built to enforce reliable, automated backup routines.
β Key Featuresβ
- Creates a dedicated AWS Backup Vault for EFS snapshots
- Defines a scheduled Backup Plan with recurring backup rules
- Links an existing EFS file system via a Backup Selection
- Adds environment and name tags for organization and filtering
πΌ Use Casesβ
- Enabling automated daily backups for critical shared storage
- Supporting disaster recovery policies for EFS-backed workloads
- Enforcing routine data protection for compliance-driven environments
- Modular backup control without altering existing EFS configs
π₯ Input Variablesβ
| Name | Type | Description |
|---|---|---|
| region | string | AWS region where backups should be managed |
| efs_file_system_id | string | The ID of the existing EFS file system to back up |
| environment | string | Tag to specify the deployment environment (e.g., dev, staging, prod) |
| name | string | A name prefix for identifying the vault and plan |
π€ Outputsβ
| Name | Description |
|---|---|
| backup_vault_name | The name of the created Backup Vault |
| backup_plan_id | The ID of the scheduled Backup Plan |
| efs_backup_selection_id | The resource linking the backup plan to the EFS file system |
π Deployment Readinessβ
- β Compatible with Terraform 1.0+
- β Tested with AWS provider 5.x
- π§ͺ Requires existing EFS filesystem and IAM permissions for AWS Backup
π οΈ Example Usageβ
module "efs_backup_policy" {
source = "git::ssh://git@github.com/archiphire/aws-level-1-modules.git//storage/efs-backup-policy?ref=v1.0.0"
region = "us-east-1"
efs_file_system_id = "fs-12345678"
environment = "dev"
name = "efs-backup"
}
terraform init
terraform plan
terraform apply
or
tofu init
tofu plan
tofu apply
π§Ή Cleanup Optionsβ
Terraform Destroy (for test environments):
terraform destroy
or
tofu destroy
Manual Cleanup (recommended for production):
Delete the Backup Plan, Vault, and Selection via AWS Console or CLI Ensure no other systems are using shared backup configurations
π‘οΈ Notesβ
This is a Level 1 baseline module designed for modular use. It complements any EFS setup by adding automated backup protection.
For advanced backup tiering, cross-region replication, or custom lifecycle rules, compose this into a Level 2 module.
π Deployment Package Noticeβ
This module is part of the Level 1 AWS License Tier. To access the full deployment package and source code, subscribe to Archiphire.