Go to Qiita Advent Calendar 2024 Top
LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

@pioho07(mako mako)

AWS Backupでジョブの失敗を通知

Last updated at Posted at 2021-06-15

前提情報

AWSアカウントID:333333333333
SNSトピック名:demotopic

SNS設定

SNSトピック作成

  • SNSトピック作成手順は割愛します

  • アクセスポリシーを以下のように修正

{
  "Version": "2008-10-17",
  "Id": "__default_policy_ID",
  "Statement": [
    {
      "Sid": "__console_pub_0",
      "Effect": "Allow",
      "Principal": {
        "Service": "backup.amazonaws.com"
      },
      "Action": "SNS:Publish",
      "Resource": "arn:aws:sns:ap-northeast-1:333333333333:demotopic"
    },
    {
      "Sid": "__default_statement_ID",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": [
        "SNS:GetTopicAttributes",
        "SNS:SetTopicAttributes",
        "SNS:AddPermission",
        "SNS:RemovePermission",
        "SNS:DeleteTopic",
        "SNS:Subscribe",
        "SNS:ListSubscriptionsByTopic",
        "SNS:Publish",
        "SNS:Receive"
      ],
      "Resource": "arn:aws:sns:ap-northeast-1:333333333333:demotopic",
      "Condition": {
        "StringEquals": {
          "AWS:SourceOwner": "333333333333"
        }
      }
    }
  ]
}

サブスクリプション作成

  • サブスクリプション=>サブスクリプションの作成=>トピック選択、プロトコルはEメール(自身のEメールアドレスを設定)

  • サブスクリプションフィルタに以下を設定。COMPLETED以外の正常ではないっぽいのだけ通知する

{
  "State": [
    {
      "anything-but": "COMPLETED"
    }
  ]
}

AWS Backupの通知設定(コマンドライン)

通知設定

$ aws backup put-backup-vault-notifications --endpoint-url https://backup.ap-northeast-1.amazonaws.com --backup-vault-name demo-vault --sns-topic-arn arn:aws:sns:ap-northeast-1:333333333333:demotopic --backup-vault-events BACKUP_JOB_COMPLETED

通知設定確認

$ aws backup get-backup-vault-notifications --backup-vault-name demo-vault
{
    "BackupVaultName": "demo-vault",
    "BackupVaultArn": "arn:aws:backup:ap-northeast-1:333333333333:backup-vault:demo-vault",
    "SNSTopicArn": "arn:aws:sns:ap-northeast-1:333333333333:demotopic",
    "BackupVaultEvents": [
        "BACKUP_JOB_COMPLETED"
    ]
}

テスト

バックアップして中断する

  • オンデマンドバックアップジョブ実行
  • すぐにジョブ停止
  • EC2のバックアップジョブ実行し、すぐ停止してみた

通知メール確認

An AWS Backup job was stopped. Resource ARN : arn:aws:ec2:ap-northeast-1:333333333333:volume/vol-05003f8ba0f210ab3. BackupJob ID : 6edb1940-4bfd-4688-8c40-4cfd4aec7d60

補足_CW監視メトリクスと上限値

AWS Backup のCWメトリクス

この辺の失敗系のものは見といたほうがいいかも?
  • NumberOfBackupJobsAborted
  • NumberOfBackupJobsFailed
  • NumberOfCopyJobsFailed
  • NumberOfRestoreJobsFailed
  • NumberOfRecoveryPointsPartial
  • NumberOfRecoveryPointsExpired
この辺も見とくといいかも?
  • NumberOfBackupJobsExpired
  • NumberOfCopyJobsRunning

AWS Backup の上限値

参考

https://aws.amazon.com/jp/premiumsupport/knowledge-center/aws-backup-failed-job-notification/
基本はこれの通りやればできます。こっちが公式です

https://dev.classmethod.jp/articles/awsbackup-cloudwatch-event-metrics/
202102にCloudWatch Eventsい対応したので、こちらで通知も出来るし、他のサービスとの連携であればこちらがよい

https://docs.aws.amazon.com/ja_jp/aws-backup/latest/devguide/sns-notifications.html
SNS を使用して AWS Backup イベントを追跡する公式ドキュメント

https://docs.aws.amazon.com/ja_jp/aws-backup/latest/devguide/cloudwatch.html
他にもCWのメトリクスを監視しアラーム飛ばす通知も出来ます

AWS Backupの薄い教科書
https://qiita.com/pioho07/items/68ccbc7b974b1466e7a6

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?