diff --git a/modules/storage/aws-backup/README.md b/modules/storage/aws-backup/README.md index 31a2ddb..29a1aa5 100644 --- a/modules/storage/aws-backup/README.md +++ b/modules/storage/aws-backup/README.md @@ -32,9 +32,10 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| backup-plan-name | Backup plan name | `string` | n/a | yes | -| backup-plan-retention | Backup retention period | `number` | n/a | yes | -| backup-rule-cron | Backup rule cron expression | `string` | n/a | yes | +| daily-backup-cron | Daily backup rule cron expression | `string` | n/a | yes | +| daily-backup-retention | Daily backup retention period | `number` | n/a | yes | +| monthly-backup-cron | Monthly backup rule cron expression | `string` | n/a | yes | +| monthly-backup-retention | Monthly backup retention period | `number` | n/a | yes | | service-opt-in | n/a |
map(object({
enabled = bool
}))
|
{
"Aurora": {
"enabled": false
},
"DynamoDB": {
"enabled": true
},
"EBS": {
"enabled": false
},
"EC2": {
"enabled": true
},
"EFS": {
"enabled": true
},
"FSx": {
"enabled": false
},
"RDS": {
"enabled": true
},
"Redshift": {
"enabled": true
},
"S3": {
"enabled": false
},
"VirtualMachine": {
"enabled": false
}
}
| no | ## Outputs diff --git a/modules/storage/aws-backup/main.tf b/modules/storage/aws-backup/main.tf index 3bf5cd1..0b92017 100644 --- a/modules/storage/aws-backup/main.tf +++ b/modules/storage/aws-backup/main.tf @@ -99,20 +99,39 @@ resource "aws_backup_plan" "ab-plan" { for_each = aws_backup_vault.ab-vault name = "BackupPlan-${replace(each.value.name, "BackupVault-", "")}" + # daily backup rule { - rule_name = var.backup-plan-name + rule_name = "Daily" target_vault_name = each.value.name - schedule = var.backup-rule-cron + schedule = var.daily-backup-cron start_window = 60 completion_window = 240 lifecycle { - delete_after = var.backup-plan-retention + delete_after = var.daily-backup-retention } recovery_point_tags = { "CreatedBy" : "AWSBackup" - "AWSBackupPlan" : "BackupPlan-${replace(each.value.name, "BackupVault-", "")}" + "AWSBackupPlan" : "BackupPlan-${replace(each.value.name, "BackupVault-", "")}-Daily" + } + } + + # monthly backup (takes precedence than daily) + rule { + rule_name = "Monthly" + target_vault_name = each.value.name + schedule = var.monthly-backup-cron + start_window = 60 + completion_window = 240 + + lifecycle { + delete_after = var.monthly-backup-retention + } + + recovery_point_tags = { + "CreatedBy" : "AWSBackup" + "AWSBackupPlan" : "BackupPlan-${replace(each.value.name, "BackupVault-", "")}-Monthly" } } diff --git a/modules/storage/aws-backup/variables.tf b/modules/storage/aws-backup/variables.tf index cc568cf..ea30eb4 100644 --- a/modules/storage/aws-backup/variables.tf +++ b/modules/storage/aws-backup/variables.tf @@ -1,16 +1,21 @@ -variable "backup-plan-name" { +variable "daily-backup-cron" { type = string - description = "Backup plan name" + description = "Daily backup rule cron expression" } -variable "backup-rule-cron" { +variable "monthly-backup-cron" { type = string - description = "Backup rule cron expression" + description = "Monthly backup rule cron expression" } -variable "backup-plan-retention" { +variable "daily-backup-retention" { type = number - description = "Backup retention period" + description = "Daily backup retention period" +} + +variable "monthly-backup-retention" { + type = number + description = "Monthly backup retention period" } variable "service-opt-in" {