Get all AWS Backup protected resources across all profiles and regions

By Saad Khamis

November 17, 2023

33562 views

In this blog, I will share one way to get all AWS Backup protected resources across all profiles and regions. Additionally, I will show how to query the backed-up EC2 state and the Backup tag.

Other blogs I wrote that may interest you:

Introduction

AWS Backup is a fully-managed service that makes it easy to centralize and automate data protection across AWS services, in the cloud, and on premises.

Would you like to know resources protected by AWS Backup across all profiles and regions?

In this blog I will share one way to get all AWS protected resources across all profiles and regions. Also, query the backed up EC2 state and Backup tag.

Prerequisites

To run the AWS Backup and the EC2 commands in this blog, you need to:

  1. Install and configure AWS Tools for PowerShell.
  2. Log in to all required AWS accounts/profiles.
  3. Set your IAM permissions to allow for AWS Backup and Amazon EC2 access.

PowerShell Cmdlets

This is a list of PowerShell cmdlets we will use.

  1. Get-AWSCredential Returns an AWSCredentials object initialized with from either credentials currently set as default in the shell or saved and associated with the supplied name from the local credential store.
  2. Get-BAKProtectedResourceList Returns an array of resources successfully backed up by Backup, including the time the resource was saved, an Amazon Resource Name (ARN) of the resource, and a resource type.
  3. Get-Culture Gets the current culture set in the operating system.
  4. Get-EC2Instance Describes the specified instances or all instances.
  5. Get-EC2Region Describes the Regions that are enabled for your account, or all Regions.
  6. Set-AWSCredential Saves AWS credentials to persistent store (-StoreAs) or temporarily for the shell using shell variable $StoredAWSCredentials.
  7. Set-DefaultAWSRegion Sets a default AWS region into the shell environment, accessible as $StoredAWSRegion.

List Protected Resources

First, we will get a list of protected resource using Get-BAKProtectedResourceList. The cmdlet returns LastBackupTime, ResourceArn, ResourceName and ResourceType. To prepare for next steps, we will use a collection to save the returned list.

Get Backed up EC2 Information

Second, for the backed up EC2, we would like to query the EC2 state and Backup tag. To do that we need to query the EC2 information using Get-EC2Instance. We use $EC2.State.Name to get the EC2 state and $EC2.Tags to get the Backup tag value.

List Protected Resources across all Regions

Third, we will list protected resources across all regions for the active account. To start, we will get a list of supported regions then repeat the previous process for each region.

List Protected Resources for all Profiles across all Regions

Last, we will list protected resources for all profiles across all regions. To start, we will get a list of all profiles then repeat the previous process for each profile.

Conclusion

Can you believe it? You’ve made it to the end of this blog. The code may be challenging, difficult or lengthy but you have made it. Congratulations.

We looked at how to get all AWS protected resources across all profiles and regions. Also, query the backed up EC2 state and Backup tag.

Did you find this blog easy to follow and helpful to you? I certainly would love to hear your feedback and suggestions. So, let me know in the comments below. Happy PowerShelling.

Disclaimer

Purpose of the code contained in blog is solely for learning and demo purposes. Author will not be held responsible for any failure or damages caused due to any other usage.

Comments

There's no comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

List all AWS Certificate Manager certificates

By Saad Khamis 14076 views July 31, 2024

Get all AWS EBS snapshots across all profiles and regions

By Saad Khamis 18434 views June 26, 2024