AWS Backup 的通知选项
可通过以下两种方式接收有关 AWS Backup 的通知:
-
User Notifications 可以发送通知,包括 Amazon CloudWatch 警报、AWS 支持 和其他服务的通知。
-
Amazon Simple Notification Service 可以向您发送 AWS Backup 事件通知。
User Notifications 和 AWS Backup
AWS Backup 支持从 User Notifications 控制台
您可以通过控制台管理其他类型的通知,包括 Amazon CloudWatch、Amazon EventBridge 警报和 AWS 支持 案例更新。此外,您还可以设置多个传送选项,包括电子邮件、Amazon Q 开发者版聊天应用程序通知和 AWS Console Mobile Application 推送通知。
Amazon SNS 和 AWS Backup 事件
AWS Backup 利用 Amazon Simple Notification Service (Amazon SNS) 发送的强大通知。您可以将 Amazon SNS 配置为通过 Amazon SNS 控制台向您发送 AWS Backup 事件通知。
限制
-
虽然 Amazon SNS 服务允许跨账户通知,但 AWS Backup 目前不支持此功能。您必须指定您自己的 AWS 账户 ID 和主题的资源 ARN。
-
AWS Backup 支持 SNS 尽力重复数据删除的标准主题,但 AWS Backup 目前不支持严格重复数据删除的 SNS FIFO 主题。
常见使用案例
-
按照 AWS Premium Support 中如何获取失败 AWS Backup 作业的通知?
的步骤操作,设置失败备份作业的通知。 -
在下方的事件示例表格中,查看已完成、失败和已过期的备份作业的示例 Amazon SNS 通知 JSON。
有关一般 Amazon SNS 的更多信息,请参阅《Amazon Simple Notification Service Developer Guide》中的 Getting Started with Amazon SNS。
AWS Backup 通知 API
使用 Amazon SNS 控制台或 AWS Command Line Interface (AWS CLI) 创建主题后,您可以使用以下 AWS Backup API 操作来管理备份通知。
-
DeleteBackupVaultNotifications - 删除有关指定备份保管库的事件通知。
-
GetBackupVaultNotifications - 列出指定的备份保管库的所有事件通知。
-
PutBackupVaultNotifications - 打开指定主题和事件的通知。
AWS Backup 支持以下事件:
| 作业类型 | 事件 |
|---|---|
| 备份作业 | BACKUP_JOB_STARTED | BACKUP_JOB_COMPLETED |
CONTINUOUS_BACKUP_INTERRUPTED |
| 复制作业 | COPY_JOB_STARTED | COPY_JOB_SUCCESSFUL |
COPY_JOB_FAILED |
| 还原作业 | RESTORE_JOB_STARTED | RESTORE_JOB_COMPLETED |
| 恢复点 | RECOVERY_POINT_MODIFIED |
| 恢复点索引 | RECOVERY_POINT_INDEX_COMPLETED | RECOVERY_POINT_INDEX_DELETED |
RECOVERY_POINT_INDEXING_FAILED |
AWS Backup for S3 支持以下两个额外事件:
-
S3_BACKUP_OBJECT_FAILED会通知您在备份作业期间 AWS Backup 未能备份的任何 S3 对象。 -
S3_RESTORE_OBJECT_FAILED会通知您在还原作业期间 AWS Backup 未能还原的任何 S3 对象。
事件示例
例 示例:已完成的备份作业
{ "Records": [{ "EventSource": "aws:sns", "EventVersion": "1.0", "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45", "Sns": { "Type": "Notification", "MessageId": "12345678-abcd-123a-def0-abcd1a234567", "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic", "Subject": "Notification from AWS Backup", "Message": "An AWS Backup job was completed successfully. Recovery point ARN: arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012d. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123", "Timestamp": "2019-08-02T18:46:02.788Z", ... "MessageAttributes": { "EventType": {"Type":"String","Value":"BACKUP_JOB"}, "State": {"Type":"String","Value":"COMPLETED"}, "AccountId": {"Type":"String","Value":"123456789012"}, "Id": {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"}, "StartTime": {"Type":"String","Value":"2019-09-02T13:48:52.226Z"} } } }] }
例 示例:失败的备份作业
{ "Records": [{ "EventSource": "aws:sns", "EventVersion": "1.0", "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45", "Sns": { "Type": "Notification", "MessageId": "12345678-abcd-123a-def0-abcd1a234567", "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic", "Subject": "Notification from AWS Backup", "Message": "An AWS Backup job failed. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123", "Timestamp": "2019-08-02T18:46:02.788Z", ... "MessageAttributes": { "EventType": {"Type":"String","Value":"BACKUP_JOB"}, "State": {"Type":"String","Value":"FAILED"}, "AccountId": {"Type":"String","Value":"123456789012"}, "Id": {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"}, "StartTime": {"Type":"String","Value":"2019-09-02T13:48:52.226Z"} } } }] }
例 示例:在备份时段内未完成的备份作业
{ "Records": [{ "EventSource": "aws:sns", "EventVersion": "1.0", "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45", "Sns": { "Type": "Notification", "MessageId": "12345678-abcd-123a-def0-abcd1a234567", "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic", "Subject": "Notification from AWS Backup", "Message": "An AWS Backup job failed to complete in time. Resource ARN : arn:aws:ec2:us-west-1:123456789012:volume/vol-012f345df6789012e. BackupJob ID : 1b2345b2-f22c-4dab-5eb6-bbc7890ed123", "Timestamp": "2019-08-02T18:46:02.788Z", ... "MessageAttributes" : { "EventType" : {"Type":"String","Value":"BACKUP_JOB"}, "State" : {"Type":"String","Value":"EXPIRED"}, "AccountId" : {"Type":"String","Value":"123456789012"}, "Id" : {"Type":"String","Value":"1b2345b2-f22c-4dab-5eb6-bbc7890ed123"}, "StartTime" : {"Type":"String","Value":"2019-09-02T13:48:52.226Z"} } } }] }
例 示例:已完成的恢复点索引
{ "Records": [{ "EventSource": "aws:sns", "EventVersion": "1.0", "EventSubscriptionArn": "arn:aws:sns:...-a3802aa1ed45", "Sns": { "Type": "Notification", "MessageId": "12345678-abcd-123a-def0-abcd1a234567", "TopicArn": "arn:aws:sns:us-west-1:123456789012:backup-2sqs-sns-topic", "Subject": "Notification from AWS Backup", "Message": "An AWS Backup backup index job was completed. Indexed recovery point arn: arn:aws:backup:us-west-2:1112233445566:recovery-point:abcd1234-5678-abcd-9012-abcdef123456", "Timestamp": "2025-05-25T18:46:02.788Z", ... "MessageAttributes" : { "EventType" : {"Type":"String","Value":"RECOVERY_POINT_INDEXING_COMPLETED"}, "AccountId" : {"Type":"String","Value":"123456789012"}, "IndexStatus" : {"Type":"String","Value":"ACTIVE"}, "IsIndexingContinuous" : {"Type":"String","Value":"false"}, "RecoveryPointArn" : {"Type":"String","Value":"arn:aws:backup:us-west-2:1112233445566:recovery-point:abcd1234-5678-abcd-9012-abcdef123456"} } } }] }
AWS Backup 通知命令示例
您可以使用 AWS CLI 命令订阅、列出和删除 AWS Backup 事件的 Amazon SNS 通知。
放置备份保管库通知示例
以下命令订阅指定备份保管库的 Amazon SNS 主题,该主题将在启动或完成还原作业时或修改恢复点时通知您。
aws backup put-backup-vault-notifications --backup-vault-namemyBackupVault--sns-topic-arn arn:aws:sns:region:account-id:myBackupTopic--backup-vault-events RESTORE_JOB_STARTED RESTORE_JOB_COMPLETED RECOVERY_POINT_MODIFIED
获取备份保管库通知示例
以下命令列出了当前订阅指定备份保管库的 Amazon SNS 主题的所有事件。
aws backup get-backup-vault-notifications --backup-vault-namemyVault
示例输出如下所示:
{ "SNSTopicArn": "arn:aws:sns:region:account-id:myBackupTopic", "BackupVaultEvents": [ "RESTORE_JOB_STARTED", "RESTORE_JOB_COMPLETED", "RECOVERY_POINT_MODIFIED" ], "BackupVaultName": "myVault", "BackupVaultArn": "arn:aws:backup:region:account-id:backup-vault:myVault" }
删除备份保管库通知示例
以下命令取消订阅指定备份保管库的 Amazon SNS 主题。
aws backup delete-backup-vault-notifications --backup-vault-namemyVault
将 AWS Backup 指定为服务主体
注意
要允许 AWS Backup 代表您发布 SNS 主题,您必须将 AWS Backup 指定为服务主体。
在用于跟踪 AWS Backup 事件的 Amazon SNS 主题的访问策略中包含以下 JSON。您必须指定主题资源的 Amazon 资源名称(ARN)。
{ "Sid": "My-statement-id", "Effect": "Allow", "Principal": { "Service": "backup.amazonaws.com" }, "Action": "SNS:Publish", "Resource": "arn:aws:sns:region:account-id:myTopic" }
有关在 Amazon SNS 访问策略中指定服务主体的更多信息,请参阅《Amazon Simple Notification Service 开发人员指南》中的允许将任何 AWS 资源发布到主题。
注意
如果您的主题已加密,则必须在策略中包含其他权限才能允许 AWS Backup 向其发布。有关启用服务以发布到加密主题的更多信息,请参阅《Amazon Simple Notification Service 开发人员指南》中的实现 AWS 服务中的事件源与加密主题之间的兼容性。
