Skip to content

Commit 71c8d72

Browse files
katebobyn-nhsmattdean3-nhs
katebobyn-nhs
authored and
mattdean3-nhs
committed
NRL-853 set up DynamoDB backup plan for weekly and monthly with transitions to cold storage
1 parent a343037 commit 71c8d72

File tree

3 files changed

+34
-6
lines changed

3 files changed

+34
-6
lines changed

terraform/account-wide-infrastructure/dev/aws-backup.tf

Lines changed: 28 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,7 @@ module "source" {
109109
"compliance_resource_types" : [
110110
"S3"
111111
],
112-
"enable" = true,
112+
"enable" : true,
113113
"rules" : [
114114
{
115115
"copy_action" : {
@@ -132,14 +132,39 @@ module "source" {
132132
"enable" : true,
133133
"rules" : [
134134
{
135+
"name" : "daily",
136+
"schedule" : "cron(0 0 * * ? *)",
135137
"copy_action" : {
136138
"delete_after" : 4
137139
},
140+
138141
"lifecycle" : {
139142
"delete_after" : 2
143+
}
144+
},
145+
{
146+
"name" : "monthly"
147+
"schedule" : "cron(30 0 * * 4#1)" # first Thursday each month from 00:30
148+
"copy_action" : {
149+
"cold_storage_after" : 3,
150+
"delete_after" : 100 # ensures there will always be min 3
140151
},
141-
"name" : "daily_kept_for_2_days",
142-
"schedule" : "cron(0 0 * * ? *)"
152+
"lifecycle" : {
153+
"delete_after" : 2
154+
}
155+
156+
},
157+
{
158+
"name" : "weekly" # overlaps with monthly
159+
"schedule" : "cron(30 0 * * 4)" # every Thursday from 00:30 to precede releases
160+
"copy_action" : {
161+
"cold_storage_after" : 14 # ensures 2 warm including one from previous release
162+
"delete_after" : 100
163+
},
164+
"lifecycle" : {
165+
"delete_after" : 2
166+
}
167+
143168
}
144169
],
145170
"selection_tag" : "NHSE-Enable-DDB-Backup"

terraform/account-wide-infrastructure/modules/backup-source/backup_plan.tf

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,8 @@ resource "aws_backup_plan" "default" {
2020
for_each = rule.value.copy_action != null ? rule.value.copy_action : {}
2121
content {
2222
lifecycle {
23-
delete_after = copy_action.value
23+
delete_after = copy_action.value.lifecycle.delete_after
24+
cold_storage_after = copy_action.value.lifecycle.cold_storage_after
2425
}
2526
destination_vault_arn = var.backup_copy_vault_arn
2627
}
@@ -51,7 +52,8 @@ resource "aws_backup_plan" "dynamodb" {
5152
for_each = rule.value.copy_action != null ? rule.value.copy_action : {}
5253
content {
5354
lifecycle {
54-
delete_after = copy_action.value
55+
delete_after = copy_action.value.delete_after
56+
cold_storage_after = copy_action.value.cold_storage_after
5557
}
5658
destination_vault_arn = var.backup_copy_vault_arn
5759
}

terraform/account-wide-infrastructure/modules/backup-source/variables.tf

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,8 @@ variable "backup_plan_config_dynamodb" {
107107
cold_storage_after = optional(number)
108108
})
109109
copy_action = optional(object({
110-
delete_after = optional(number)
110+
delete_after = optional(number)
111+
cold_storage_after = optional(number)
111112
}))
112113
})))
113114
})

0 commit comments

Comments
 (0)