Table: aws_backup_selection - Query AWS Backup Selections using SQL
The AWS Backup Selection is a component of AWS Backup, a fully managed backup service that simplifies the backup of data across AWS services. It allows you to automate and centrally manage backups, enforcing policies and monitoring backup activities for AWS resources. The selection includes a list of resources to be backed up, identified by an array of ARNs, as well as a backup plan to specify how AWS Backup handles backup and restore operations.
Table Usage Guide
The aws_backup_selection
table in Steampipe provides you with comprehensive information about backup selection resources within the AWS Backup service. This table allows you, as a DevOps engineer, security professional, or system administrator, to query backup selection-specific details, including the selection's ARN, backup plan ID, creation and modification dates, and associated creator request ID. You can utilize this table to gather insights on backup selections, such as identifying backup selections associated with specific backup plans, tracking creation and modification times of backup selections, and more. The schema outlines the various attributes of the backup selection for you, including the backup selection ARN, backup plan ID, creation date, creator request ID, and associated tags.
Examples
Basic Info
Explore which AWS backup plans are associated with specific IAM roles and regions. This can be useful for auditing and managing your AWS resources efficiently.
select selection_name, backup_plan_id, iam_role_arn, region, account_idfrom aws_backup_selection;
select selection_name, backup_plan_id, iam_role_arn, region, account_idfrom aws_backup_selection;
List EBS volumes that are in a backup plan
Identify the EBS volumes included in a backup plan to ensure crucial data is secured and maintained. This is essential for data recovery planning and to minimize potential data loss.
with filtered_data as ( select backup_plan_id, jsonb_agg(r) as assigned_resource from aws_backup_selection, jsonb_array_elements(resources) as r group by backup_plan_id)select v.volume_id, v.region, v.account_idfrom aws_ebs_volume as v join filtered_data t on t.assigned_resource ?| array [ v.arn ];
Error: SQLite does not support the ?| operator used in array operations.
Control examples
Schema for aws_backup_selection
Name | Type | Operators | Description |
---|---|---|---|
_ctx | jsonb | Steampipe context in JSON form. | |
account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
arn | text | The Amazon Resource Name (ARN) specifying the backup selection. | |
backup_plan_id | text | = | An ID that uniquely identifies a backup plan. |
conditions | jsonb | A list of conditions that you define to assign resources to your backup plans using tags. | |
creation_date | timestamp with time zone | The date and time a resource backup plan is created. | |
creator_request_id | text | An unique string that identifies the request and allows failed requests to be retried without the risk of running the operation twice. | |
iam_role_arn | text | Specifies the IAM role Amazon Resource Name (ARN) to create the target recovery point. | |
list_of_tags | jsonb | An array of conditions used to specify a set of resources to assign to a backup plan. | |
not_resources | jsonb | A list of Amazon Resource Names (ARNs) to exclude from a backup plan. | |
partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
region | text | The AWS Region in which the resource is located. | |
resources | jsonb | Contains a list of BackupOptions for a resource type. | |
selection_id | text | = | Uniquely identifies a request to assign a set of resources to a backup plan. |
selection_name | text | The display name of a resource selection document. | |
sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
sp_ctx | jsonb | Steampipe context in JSON form. | |
title | text | Title of the resource. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh
script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws
You can pass the configuration to the command with the --config
argument:
steampipe_export_aws --config '<your_config>' aws_backup_selection