1. Using aws backup with mq

    TypeScript

    AWS Backup is a fully managed backup service that makes it easy to centralize and automate the back up of data across AWS services. In the context of Amazon MQ, AWS Backup enables you to create, manage, and restore backups for your Amazon MQ brokers. Protecting your message brokers is vital for ensuring that your messaging system can be quickly restored in case of accidental deletion, loss of data, or in a disaster recovery scenario.

    Below is a Pulumi program in TypeScript which creates an AWS Backup plan to automate the backup of an Amazon MQ broker. This program involves using the aws.backup.Plan resource, which allows you to define how backups should be automatically taken, including the schedule, lifecycle policies and the resources to include.

    1. Define the Backup Plan: You will define a backup plan specifying that you want to back up resources tagged with a specific key-value pair. For example, if you have your MQ brokers tagged with "Service:mq", you can target them in your backup plan.
    2. Define Backup Rules: Backup rules are part of the backup plan. They specify the frequency of the backups, the lifecycle of the backups (e.g., when they are moved to cold storage or expired), and any backup window preferences.
    3. Assign Resources to Backup: In AWS Backup, you can assign resources to backup plans either by selecting them directly or by specifying a tag-based condition. In this case, we will backup resources that have specified tags.

    Make sure you have the AWS provider configured in your Pulumi setup before running this program. Let's go through the Pulumi program to set up AWS Backup for an Amazon MQ resource:

    import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; // Create an AWS backup vault where snapshots will be stored const mqBackupVault = new aws.backup.Vault("mqBackupVault", { // Optionally, you can specify a KMS key for encryption // kmsKeyArn: "arn:aws:kms:us-east-1:123456789012:key/abc1234-a123-456a-a12b-a123b4cd56ef", }); // Create an AWS backup plan const mqBackupPlan = new aws.backup.Plan("mqBackupPlan", { name: "mqBackupPlan", rules: [ { ruleName: "Daily", schedule: "cron(0 5 * * ? *)", // Daily at 5 AM UTC targetVaultName: mqBackupVault.name, startWindow: 120, // 2 hours start window in which backup should start completionWindow: 360, // 6 hours completion window in which backup should complete lifecycle: { deleteAfter: 35, // Number of days before deleting the recovery point coldStorageAfter: 7, // Number of days before moving the recovery point to cold storage }, recoveryPointTags: { "service": "mq", }, // Optional - if you want to use continuous backups // enableContinuousBackup: true, } ], }); // (Optional) Set region-specific settings for the AWS Backup service const regionSettings = new aws.backup.RegionSettings("regionSettings", { resourceTypeManagementPreference: { "MQ": true // Enable AWS Backup management for Amazon MQ }, resourceTypeOptInPreference: { "MQ": true // Opt-in Amazon MQ for backup }, }); export const backupVaultName = mqBackupVault.name; export const backupPlanId = mqBackupPlan.id;

    Understanding the code:

    • We define a backup vault with aws.backup.Vault where our backups will be stored.
    • We create a backup plan aws.backup.Plan that includes a rule to backup daily. The schedule field specifies when the backup should occur using a cron expression.
    • We use the recoveryPointTags to specify that this backup rule applies to resources tagged with service: mq.

    After running this Pulumi program, a backup plan and vault will be created, and resources with the specified tag of service: mq will begin to have their backups taken daily at 5 AM UTC and retained for 35 days.

    For more advanced use cases, you might want to reference the AWS Backup documentation and the Pulumi AWS Backup Package documentation.