Cross-Account and Cross-Region Backups with AWS Backup (and Friends)

https://tylerrussell.dev/2025/06/20/cross-account-and-region-backups-with-aws-backup-and-friends/

39•terussell85•7mo ago

Comments

sgarland•7mo ago

Cross-region backup has never made sense to me. If an entire region goes away - not a temporary outage, but GONE - then the country is probably under attack, and absolutely no one will give a shit that your SaaS product is dead.

tatersolid•7mo ago

Wildfires, hurricanes, tornadoes, blizzards and ice storms, earthquakes… many regional disasters are temporary but it can take very long to bring everything back online. AWS can also always lose a whole region for an extended period due to software and control plane bugs.

Even if all your apps and data stores are active-active multi-region you can be in a world of risk with no DR for a long time if your DR region fails. If your data size is small that vulnerability window might be small but if you’ve got petabytes you’ll be without lifeboat for a days or weeks until you can take another “full” DR copy.

jdreaver•7mo ago

There are plausible scenarios where a region can go down for days or more at a time, like natural disasters. I'm not terribly worried about a region going away _forever_, but during a regional outage long enough to start losing business, having data in multiple regions is important so you can restore in another region (if you aren't able to fail over quickly).

deepsun•7mo ago

The most common cause of the outages right now is configuration errors. Even when procedurally they must be limited to AZ only, there is always some region-shared infrastructure that can bring down the whole region altogether.

deathanatos•7mo ago

"Configuration errors" — I'm going to include "bugs" in that —, IME, tend to be global outages more often than regional. If I recount the outages >AZ that I've seen, I think the most recent ones were:

  GCP, IAM (global; just like a week and a half ago!)
  GCP, VMs etc. (regional!¹)
  Azure, application GW (global)
  Cloudflare (global)
  Azure, IAM (global)
  Azure, IAM (global)

You can tell IAM is a point of weakness. (As it kinda must be.)

¹though I wasn't affected by this one, as it was in Europe.

everfrustrated•7mo ago

Notable you don't have AWS on that list.

AWS's definitions for AZ & Regions are by far the strongest in the industry.

GCP has AZ in the same physical complex. Azure Regions would be AZ's under AWS's definition.

timewizard•7mo ago

AWS had a console login issue a while back due to the default region being us-east-1. There are a handful of other services that are exclusively available in that region as well.

deathanatos•7mo ago

I haven't worked with them in quite some time. (That's changing, so uh … looking forward to my next AWS outage?) This was more to show regional vs. global than any specific cloud provider. AWS is skating by here on account of not being sampled¹.

If I go waaaaay back (like mid 2010s), we did have an S3 outage. It was regional, even!

> GCP has AZ in the same physical complex.

I can't say if that's correct or not; GCP says,

> Zones should be considered a single failure domain within a region. To deploy fault-tolerant applications with high availability and help protect against unexpected failures, deploy your applications across multiple zones in a region.

That's an AZ, to me. (Or, alternatively & synonymously, a failure domain.)

¹IME over my career, though, AWS is fairly stable. GCP is too. AWS has its foibles, though. When last I worked with RDS (circa 2019), there were bugs.

deepsun•7mo ago

I mostly remember AWS S3 outages, usually limited to a region, but the one in 2017 was supposed to be a regional update (US-EAST-1 region), brought down like a half of AWS, because they depended on S3 in US-EAST-1 [1]

Note that even the intended configuration change was designed to be Regional, not just limited to one AZ.

https://aws.amazon.com/message/41926/

Spooky23•7mo ago

Telecom infrastructure can and does go out. And degraded performance can impact business significantly.

There’s also benefits for many apps to be closer to the customer. If you’re building out infrastructure in a remote region for that purpose, the marginal cost of getting more out of it may be compelling.

jcims•7mo ago

Cross-region backup isn't here to solve for meteor strikes and nuclear war. Most of the major AWS disruptions have been contained within a region. If you're unlucky enough to depend on one, your service is down and you don't know when it will be back up.

If you document and drill an cross-region recovery, in *most* (not all) cases you will be able to more confidently predict when things are going to be running, you'll know what information is there and what isn't and can build processes to communicate expectations to customers and/or regulators.

jasonthorsness•7mo ago

In practice I’ve seen multiple companies benefit from having a hot standby in west us and east us. The threat is not destruction the threat is the cloud provider screwing up the platform and they typically do rolling updates so only one region would be impacted at a time.

Aurornis•7mo ago

There are more failure modes for a region than “working perfectly” and “irreversibly destroyed”. Having cross-region backup leaves open the possibility of restoration of service or at least key data during an extended outage.

> then the country is probably under attack, and absolutely no one will give a shit that your SaaS product is dead.

Or there’s a severe natural disaster, or a flooded data center due to unforeseen conditions, or any number of things.

If your country is attacked, all business does not immediately halt. War is not an instantaneous phenomenon where an entire country becomes destroyed overnight. People continue living their lives as best they can because they still need to put food on the table and life must go on. I have a number of friends and past coworkers in Ukraine who can attest to how you continue doing your best and pick up the pieces and continue moving back toward normalcy.

nodesocket•7mo ago

What’s the benefits of using AWS Backup? If your infrastructure is already defined using Terraform then RDS, EBS snapshots, ElastiCache, S3 already have backup configuration options.

wiether•7mo ago

As the article shows how to do it, with AWS Backup you can do things like cross-account and cross-region backups.

Moreover, AWS Backup is the _Terraform_ of backup in AWS. You can control all your backups through a single interface, with various policies (scheduling, retention, access...)

For instance, by default, you are limited to 100 Manual RDS Snapshots per account. With AWS Backup, you can do what you want. You can define dozens of different rules for the same services/resources.

So you can let teams manage their resources as they want, and have a backup team manage backuping everything from AWS Backup without having to interact with the services/resources themselves.

time0ut•7mo ago

Nice write up. I did something similar at a company recently. The ransomware use case was the primary driver. AWS Backup felt kind of half baked. It also took a lot of work to ensure we could bring the apps up in the recovery account smoothly. Trying to retrofit this into existing stacks was kind of a pain.

There is a YC company called Arpio [0] that does this sort of thing as a service. It can replicate a ton of stuff beyond what Backup does (it also uses Backup for certain things from what I remember). It works as advertised and for most companies is probably worth it vs doing this yourself. I am not affiliated, just worked with it at a customer.

[0] https://arpio.io/

tgmatt•7mo ago

Be aware that AWS Backup is _very_ expensive. We recently stopped using it and switched to AWS DataSync, which is an order of magnitude cheaper. If you want to go even cheaper, S3 replication (not delete markers) will do it for even less.

Backup to S3, use the above to copy it elsewhere.

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

The Waymo World Model

What Is Ruliology?

How we made geo joins 400× faster with H3 indexes

Jeffrey Snover: "Welcome to the Room"

Unseen Footage of Atari Battlezone Arcade Cabinet Production

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

Monty: A minimal, secure Python interpreter written in Rust for use by AI

Show HN: I spent 4 years building a UI design tool with only the features I use

Sheldon Brown's Bicycle Technical Info

Microsoft open-sources LiteBox, a security-focused library OS

Hackers (1995) Animated Experience

Show HN: If you lose your memory, how to regain access to your computer?

An Update on Heroku

Dark Alley Mathematics

Vocal Guide – belt sing without killing yourself

Delimited Continuations vs. Lwt for Threads

Start all of your commands with a comma

PC Floppy Copy Protection: Vault Prolok

Was Benoit Mandelbrot a hedgehog or a fox?

How to effectively write quality code with AI

Introducing the Developer Knowledge API and MCP Server

I spent 5 years in DevOps – Solutions engineering gave me what I was missing

Understanding Neural Network, Visually

I now assume that all ads on Apple news are scams

Why I Joined OpenAI

Show HN: R3forth, a ColorForth-inspired language with a tiny VM

Female Asian Elephant Calf Born at the Smithsonian National Zoo

Learning from context is harder than we thought

FORTH? Really!?