jazlopez · November 11, 2022 08:57
diff --git a/aws.backup.restore.s3.sh b/aws.backup.restore.s3.sh
 # For instructional and non profit purposes
 # Jaziel Lopez
 # 2022

 export FMS_TESTING_USER=fms-cluster-dev
 export DESTINATION_S3_BUCKET=fms-connect-dev-restore-bucket-0001
 export ASSUMED_BACKUP_ROLE=backups-fms-cluster-dev
 export ROLE_SESSION_NAME=backup-fms-dev
 export VAULT_NAME=fms-connect-dev-backup-vault
 export TOKEN=kiwis-restore-job-test-0001
 export RECOVERY_POINT_ARN=""

 # -- AWS CONFIGURATION SETUP ~/.aws/config 

 # [$FMS_TESTING_USER]
 # aws_access_key_id=some_aws_access_key
 # aws_secret_access_key=some_aws_access_secret_key
 # region=us-east-1
 # output=json

 # [profile $ASSUMED_BACKUP_ROLE]
 # role_arn=arn:aws:iam::xxxxx:role/fms-connect-dev-backup-plan-role
 # source_profile=$FMS_TESTING_USER
 # role_session_name=$ROLE_SESSION_NAME
 # region=us-east-1
 # output=json

 """
  STEP: CREATE DESTINATION BUCKET FOR RESTORING
 """  
 aws mb s3://$DESTINATION_S3_BUCKET --profile $FMS_TESTING_USER

 """
  STEP: START BACKUP JOB
 """  
 aws backup start-backup-job --backup-vault-name $VAULT_NAME  --resource-arn arn:aws:s3:::fms-connect-dev-bucket --iam-role-arn arn:aws:iam::xxxxx:role/fms-connect-dev-backup-plan-role --profile $FMS_TESTING_USER

 """
  STEP: LIST VAULT BACKUP JOBS (COMPLETED [Ready to be restored])
 """
 aws backup list-backup-jobs --by-state COMPLETED --by-backup-vault-name $VAULT_NAME --profile $FMS_TESTING_USER

 """
  STEP: GET RECOVERY POINT ARN 
  1. Select one and copy recovery ARN to clipboard
  2. export (use copied arn from 1)
 """  
 aws backup list-recovery-points-by-backup-vault --backup-vault-name $VAULT_NAME --profile $FMS_TESTING_USER
 export RECOVERY_POINT_ARN=arn_from_step_1

 """
  STEP: CREATE RESTORE JOB (Use recovery ARN from previous step)
  1. Start restore job
  2. export (use output from 1)
  3. check restore status
 """  
 aws backup start-restore-job --recovery-point-arn $RECOVERY_POINT_ARN --iam-role-arn arn:aws:iam::xxxxx:role/fms-connect-dev-backup-plan-role --profile $FMS_TESTING_USER --metadata DestinationBucketName=$DESTINATON_S3_BUCKET,NewBucket=false,Encrypted=false,creationToken=$TOKEN
 export RESTORE_JOB_ID=Restore_Job_Id_From_Previous_Command
 aws backup describe-restore-job --restore-job-id $RESTORE_JOB_ID --profile $FMS_TESTING_USER

 """
  STEP: CHECK DESTINATION BUCKET CONTENT
  1. Assume role to access destination bucket
  2. List content
 """
 aws sts assume-role --role-arn arn:aws:iam::xxxxx:role/fms-connect-dev-backup-plan-role --role-session-name $ROLE_SESSION_NAME --profile $FMS_TESTING_USER
 aws s3 ls s3://DESTINATION_S3_BUCKET --profile $ASSUMED_BACKUP_ROLE

 # end
	# For instructional and non profit purposes
	# Jaziel Lopez
	# 2022

	export FMS_TESTING_USER=fms-cluster-dev
	export DESTINATION_S3_BUCKET=fms-connect-dev-restore-bucket-0001
	export ASSUMED_BACKUP_ROLE=backups-fms-cluster-dev
	export ROLE_SESSION_NAME=backup-fms-dev
	export VAULT_NAME=fms-connect-dev-backup-vault
	export TOKEN=kiwis-restore-job-test-0001
	export RECOVERY_POINT_ARN=""

	# -- AWS CONFIGURATION SETUP ~/.aws/config

	# [$FMS_TESTING_USER]
	# aws_access_key_id=some_aws_access_key
	# aws_secret_access_key=some_aws_access_secret_key
	# region=us-east-1
	# output=json

	# [profile $ASSUMED_BACKUP_ROLE]
	# role_arn=arn:aws:iam::xxxxx:role/fms-connect-dev-backup-plan-role
	# source_profile=$FMS_TESTING_USER
	# role_session_name=$ROLE_SESSION_NAME
	# region=us-east-1
	# output=json

	"""
	STEP: CREATE DESTINATION BUCKET FOR RESTORING
	"""
	aws mb s3://$DESTINATION_S3_BUCKET --profile $FMS_TESTING_USER

	"""
	STEP: START BACKUP JOB
	"""
	aws backup start-backup-job --backup-vault-name $VAULT_NAME --resource-arn arn:aws:s3:::fms-connect-dev-bucket --iam-role-arn arn:aws:iam::xxxxx:role/fms-connect-dev-backup-plan-role --profile $FMS_TESTING_USER

	"""
	STEP: LIST VAULT BACKUP JOBS (COMPLETED [Ready to be restored])
	"""
	aws backup list-backup-jobs --by-state COMPLETED --by-backup-vault-name $VAULT_NAME --profile $FMS_TESTING_USER

	"""
	STEP: GET RECOVERY POINT ARN
	1. Select one and copy recovery ARN to clipboard
	2. export (use copied arn from 1)
	"""
	aws backup list-recovery-points-by-backup-vault --backup-vault-name $VAULT_NAME --profile $FMS_TESTING_USER
	export RECOVERY_POINT_ARN=arn_from_step_1

	"""
	STEP: CREATE RESTORE JOB (Use recovery ARN from previous step)
	1. Start restore job
	2. export (use output from 1)
	3. check restore status
	"""
	aws backup start-restore-job --recovery-point-arn $RECOVERY_POINT_ARN --iam-role-arn arn:aws:iam::xxxxx:role/fms-connect-dev-backup-plan-role --profile $FMS_TESTING_USER --metadata DestinationBucketName=$DESTINATON_S3_BUCKET,NewBucket=false,Encrypted=false,creationToken=$TOKEN
	export RESTORE_JOB_ID=Restore_Job_Id_From_Previous_Command
	aws backup describe-restore-job --restore-job-id $RESTORE_JOB_ID --profile $FMS_TESTING_USER

	"""
	STEP: CHECK DESTINATION BUCKET CONTENT
	1. Assume role to access destination bucket
	2. List content
	"""
	aws sts assume-role --role-arn arn:aws:iam::xxxxx:role/fms-connect-dev-backup-plan-role --role-session-name $ROLE_SESSION_NAME --profile $FMS_TESTING_USER
	aws s3 ls s3://DESTINATION_S3_BUCKET --profile $ASSUMED_BACKUP_ROLE

	# end
No results found