Backing up S3

Forums › IT Pro and developers › Backing up S3

maffey

43 posts

Geek
+1 received by user: 20

ID Verified

Lifetime subscriber

#319582 10-May-2025 10:11

Should you back up data stored in AWS S3?

AWS S3 is meant to be very reliable using normal multizone storage tiers. You can also easily replicate to a second AWS region giving you 6 copies of your data, on two continents, with good security and minimal fuss.

Asking around, it seams I am in the minority in thinking we should suck a copy of our data out of S3 and keep it elsewhere.

I have heard several reasons to NOT backup data from S3:

1) Cost of egres

2) security. If you have a copy of the data, you need to secure it.

3) If AWS has a total failure, or even just one AWS region (eg Sydney), we will have much bigger problems than not having access to our own data. Many important government and industry functions will stop.

Thoughts?

cddt

1967 posts

Uber Geek
+1 received by user: 1904

#3372013 10-May-2025 12:02

It depends on what data it is and what the consequences of losing it would be.

My referral links: BigPipe | Mercury

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#3372092 10-May-2025 15:26

I think backing up S3 would be rare, but it depends on the criticality of the data. If your business will fail without that data and there's no other copy, i.e. it's the original, then maybe I would consider backing it up.

I backup my servers data to S3 using Restic, and I copy the restic repository back to my PC weekly mostly because it's convenient to be able to access files and run restore tests locally. I

ANglEAUT

altered-ego
2436 posts

Uber Geek
+1 received by user: 842

Trusted

Lifetime subscriber

#3372104 10-May-2025 17:31

maffey:

..

2) security. If you have a copy of the data, you need to secure it.

...

Point 2 certainly is a very important point. You'll have to weigh that against point 4

4) vendor locks you out of your account without recourse.

If they say 'we don't want you as a customer anymore' then you can practically kiss your data good bye.

To mitigate point 1), consider two destinations backing up from the source. Or, back up to your own local destination first & from there then to S3?

Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#3372105 10-May-2025 17:45

You are also protecting against human error. "Whoops I deleted the wrong bucket". There are protections you can put in place, but a human can get around all of them particularly if they are an administrator.

maffey

43 posts

Geek
+1 received by user: 20

ID Verified

Lifetime subscriber

#3372106 10-May-2025 18:13

timmmay:

You are also protecting against human error. "Whoops I deleted the wrong bucket". There are protections you can put in place, but a human can get around all of them particularly if they are an administrator.

Whoops I deleted that bucked is the most likely stuffup and should be the most feared. Replicating within AWS to another region can take care of that.

My biggest concern is a slow ransomware attack. If something encrypts/corrupts all your files quickly, a normal backup or versioning will enable you to recover. An attack which takes weeks or months to work though your files is more scary. You need long lasting versioned backups for this.

maffey

43 posts

Geek
+1 received by user: 20

ID Verified

Lifetime subscriber

#3372107 10-May-2025 18:17

ANglEAUT:

4) vendor locks you out of your account without recourse.

This is the key reason to have your data somewhere else. You can use an S3 bucket in another region owned by a different entity, paid with a different credit card. But Uncle Jeff might see though that and cut both accounts off without recourse.