Amazon web services 如何从AWS备份构建AWS云数据库

我正在使用AWS备份服务为我的DynamoDB创建备份，但我不喜欢这个解决方案，因为它非常手动，不可复制

现在，我如何（从CloudFormation Designer或模板）构建AWS备份

我正在寻找，但我做不到

注意：我不想使用lambda的任何计划事件进行备份。我需要使用AWS备份，但哪里可以有一个CloudFormation模板，以便轻松创建/更新

Description: "Backup Plan template to back up all resources tagged with backup=daily daily at 5am UTC."
Resources:
  KMSKey:
    Type: AWS::KMS::Key
    Properties:
      Description: "Encryption key for daily"
      EnableKeyRotation: True
      Enabled: True
      KeyPolicy:
        Version: "2012-10-17"
        Statement:
        - Effect: Allow
          Principal:
            "AWS": { "Fn::Sub": "arn:${AWS::Partition}:iam::${AWS::AccountId}:root" }
          Action:
          - kms:*
          Resource: "*"

  BackupVaultWithDailyBackups:
    Type: "AWS::Backup::BackupVault"
    Properties:
      BackupVaultName: "BackupVaultWithDailyBackups"
      EncryptionKeyArn: !GetAtt KMSKey.Arn

  BackupPlanWithDailyBackups:
    Type: "AWS::Backup::BackupPlan"
    Properties:
      BackupPlan:
        BackupPlanName: "BackupPlanWithDailyBackups"
        BackupPlanRule:
          -
            RuleName: "RuleForDailyBackups"
            TargetBackupVault: !Ref BackupVaultWithDailyBackups
            ScheduleExpression: "cron(0 5 ? * * *)"

    DependsOn: BackupVaultWithDailyBackups

  DDBTableWithDailyBackupTag:
    Type: "AWS::DynamoDB::Table"
    Properties:
      TableName: "TestTable"
      AttributeDefinitions:
        -
          AttributeName: "Album"
          AttributeType: "S"
      KeySchema:
        -
          AttributeName: "Album"
          KeyType: "HASH"
      ProvisionedThroughput:
        ReadCapacityUnits: "5"
        WriteCapacityUnits: "5"
      Tags:
        - 
          Key: "backup"
          Value: "daily"

  BackupRole:
    Type: "AWS::IAM::Role"
    Properties:
     AssumeRolePolicyDocument:
       Version: "2012-10-17"
       Statement:
         -
          Effect: "Allow"
          Principal:
            Service:
              - "backup.amazonaws.com"
          Action:
            - "sts:AssumeRole"
     ManagedPolicyArns:
       -
        "arn:aws:iam::aws:policy/service-role/service role"

  TagBasedBackupSelection:
    Type: "AWS::Backup::BackupSelection"
    Properties:
      BackupSelection:
        SelectionName: "TagBasedBackupSelection"
        IamRoleArn: !GetAtt BackupRole.Arn
        ListOfTags:
         -
           ConditionType: "STRINGEQUALS"
           ConditionKey: "backup"
           ConditionValue: "daily"
      BackupPlanId: !Ref BackupPlanWithDailyBackups
    DependsOn: BackupPlanWithDailyBackups 

参考资料：

注意：为您的AWS帐户ID替换

*********

您需要添加dynamoDB标记，如：

DDBTableWithDailyBackupTag:
        Type: "AWS::DynamoDB::Table"
        Properties:
          TableName: "TestTable"
          AttributeDefinitions:
            -
              AttributeName: "Album"
              AttributeType: "S"
          KeySchema:
            -
              AttributeName: "Album"
              KeyType: "HASH"
          ProvisionedThroughput:
            ReadCapacityUnits: "5"
            WriteCapacityUnits: "5"
          Tags:
            -
              Key: "backup"
              Value: "daily"

DDBTableWithDailyBackupTag:
        Type: "AWS::DynamoDB::Table"
        Properties:
          TableName: "TestTable"
          AttributeDefinitions:
            -
              AttributeName: "Album"
              AttributeType: "S"
          KeySchema:
            -
              AttributeName: "Album"
              KeyType: "HASH"
          ProvisionedThroughput:
            ReadCapacityUnits: "5"
            WriteCapacityUnits: "5"
          Tags:
            -
              Key: "backup"
              Value: "daily"