Skip to content

Restore S3 backup

This guide shows you how to restore a S3 backup to the source S3 bucket, a new S3 bucket or an existing S3 bucket.

You could also look at the AWS S3 Restore documentation

Things to consider

You will need to make some decisions before you start the restore:

  • Where do you want to restore the backup to (source, new or existing S3 bucket)?
  • Do you want to restore the entire backup or just specific folders? Do you have the URI of the folders you want to restore?
  • If you have point-in-time-restore: from when do you want to restore the backup?

Before you begin

You need to:

  • Complete Configure AWS Backup
  • Have at least one snapshot available (by default a S3 backup is completed nightly)
  • Have enough time - a restore can take up to hours

Step 1: Have the right permissions

If you want to restore to an existing bucket, you need to temporarily enable ACL on that bucket:

  • Go to the AWS S3 service
  • Select the bucket you want to restore to
  • Select Permissions > Object Ownership > Edit
  • Select ACLs enabled and Save changes
Enable

Info

If you are using Golden Path boilerplate:backup v3.2.0 or later, you have the necessary permissions.

If you are NOT using Golden Path boilerplate:backup v3.2.0 or later, you need to either:

  • Upgrade to the latest version of the boilerplate

Or add extra permissions to the role used for the restore (for example: aws-backup-<timestamp>):

  • Go to the AWS IAM service
  • Select Roles > aws-backup-
  • In Permissions policies > Add permissions > Attach policies
  • Select AWSBackupServiceRolePolicyForS3Restore and Add permissions

Step 2: Find a snapshot to restore

In the AWS console find the AWS Backup. Under Protected resources you will find the backup resources.

Select the resource you want to restore. Under Recovery points you will find the snapshots available.

Select the recovery point you want to restore and click Restore.

Step 3: Configure restore

  1. Under Settings > Restore type you can choose between Restore entire bucket or Item level restore.

  2. Under Settings > Restore destination you can choose between Restore to source bucket, Use existing bucket or Create new bucket.

  3. Under Restore role you need to choose an IAM role with the necessary permissions. If you are using golden path boilerplate:backup v3.2.0 or later, the role aws-backup- contains the necessary permissions.

  4. Select Restore backup

Settings for restore backup
Restore role

Step 4: Verify

You will be taken to a page where you could monitor the progress. The restore can take up to hours, but the restored files will be available as soon as they are restored.

Enable

Question

If the restore went OK but the files are still missing, you should check the following:

  • Did you restore to the correct bucket?
  • Did you restore the correct folders?
  • Did you restore from the correct snapshot?
  • Did the files exist at the time of the snapshot?

Step 5: Clean up

If you have turned on the ACL on the existing bucket, you should turn it off again in one of two ways:

Either run Terraform to restore the settings of your S3 bucket.

Or turn it off manually:

  • Go to the AWS S3 service
  • Select the bucket you restored to
  • Select Permissions > Object Ownership > Edit
  • Select ACLs disabled (recommended) and Save changes