Skip to content

Instantly share code, notes, and snippets.

@fabian-ro

fabian-ro/backup-configuration.json

Created December 7, 2023 07:54
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save fabian-ro/b66b2d0587e5d201fb21f38a69cf5397 to your computer and use it in GitHub Desktop.
Save fabian-ro/b66b2d0587e5d201fb21f38a69cf5397 to your computer and use it in GitHub Desktop.
Download ZIP
Azure backup for AKS with Terraform
Raw
backup-configuration.json
{
"properties": {
"friendlyName": "${cluster_name}\\${name}",
"dataSourceInfo": {
"resourceID": "${cluster_id}",
"resourceUri": "${cluster_id}",
"datasourceType": "Microsoft.ContainerService/managedClusters",
"resourceName": "${cluster_name}",
"resourceType": "Microsoft.ContainerService/managedClusters",
"resourceLocation": "${cluster_location}",
"resourceProperties": {
"objectType": null
},
"objectType": "Datasource"
},
"dataSourceSetInfo": {
"resourceID": "${cluster_id}",
"resourceUri": "${cluster_id}",
"datasourceType": "Microsoft.ContainerService/managedClusters",
"resourceName": "${cluster_name}",
"resourceType": "Microsoft.ContainerService/managedClusters",
"resourceLocation": "${cluster_location}",
"objectType": "DatasourceSet"
},
"policyInfo": {
"policyId": "${backup_policy_id}",
"policyVersion": "",
"policyParameters": {
"dataStoreParametersList": [
{
"objectType": "AzureOperationalStoreParameters",
"dataStoreType": "OperationalStore",
"resourceGroupId": "${disk_snapshot_resource_group_id}"
}
],
"backupDatasourceParametersList": [
{
"objectType": "KubernetesClusterBackupDatasourceParameters",
"includedNamespaces": null,
"excludedNamespaces": null,
"includedResourceTypes": null,
"excludedResourceTypes": [
"v1/Secret"
],
"labelSelectors": null,
"snapshotVolumes": false,
"includeClusterScopeResources": true,
"backupHookReferences": null
}
]
}
},
"protectionStatus": {
"status": "ProtectionConfigured"
},
"currentProtectionState": "ProtectionConfigured",
"objectType": "BackupInstance"
}
}
Raw
backup-policy.json
{
"properties": {
"policyRules": [
{
"lifecycles": [
{
"deleteAfter": {
"objectType": "AbsoluteDeleteOption",
"duration": "P4W"
},
"targetDataStoreCopySettings": [],
"sourceDataStore": {
"dataStoreType": "OperationalStore",
"objectType": "DataStoreInfoBase"
}
}
],
"isDefault": false,
"name": "Weekly",
"objectType": "AzureRetentionRule"
},
{
"lifecycles": [
{
"deleteAfter": {
"objectType": "AbsoluteDeleteOption",
"duration": "P7D"
},
"targetDataStoreCopySettings": [],
"sourceDataStore": {
"dataStoreType": "OperationalStore",
"objectType": "DataStoreInfoBase"
}
}
],
"isDefault": true,
"name": "Default",
"objectType": "AzureRetentionRule"
},
{
"backupParameters": {
"backupType": "Incremental",
"objectType": "AzureBackupParams"
},
"trigger": {
"schedule": {
"repeatingTimeIntervals": [
"R/2023-11-17T13:47:10+00:00/PT4H"
],
"timeZone": "UTC"
},
"taggingCriteria": [
{
"tagInfo": {
"tagName": "Weekly",
"id": "Weekly_"
},
"taggingPriority": 20,
"isDefault": false,
"criteria": [
{
"absoluteCriteria": [
"FirstOfWeek"
],
"objectType": "ScheduleBasedBackupCriteria"
}
]
},
{
"tagInfo": {
"tagName": "Default",
"id": "Default_"
},
"taggingPriority": 99,
"isDefault": true
}
],
"objectType": "ScheduleBasedTriggerContext"
},
"dataStore": {
"dataStoreType": "OperationalStore",
"objectType": "DataStoreInfoBase"
},
"name": "BackupHourly",
"objectType": "AzureBackupRule"
}
],
"datasourceTypes": [
"Microsoft.ContainerService/managedClusters"
],
"objectType": "BackupPolicy"
}
}
Raw
backup.tf
resource "azurerm_kubernetes_cluster_extension" "aks_backup" {
name = "backup"
cluster_id = azurerm_kubernetes_cluster.this.id
extension_type = "microsoft.dataprotection.kubernetes"
release_train = "stable"
configuration_settings = {
"credentials.tenantId" = data.azurerm_client_config.this.tenant_id
"configuration.backupStorageLocation.config.subscriptionId" = data.azurerm_client_config.this.subscription_id
"configuration.backupStorageLocation.config.resourceGroup" = azurerm_storage_account.aks_backup.resource_group_name
"configuration.backupStorageLocation.config.storageAccount" = azurerm_storage_account.aks_backup.name
"configuration.backupStorageLocation.bucket" = azurerm_storage_container.aks_backup.name
}
}
resource "azapi_resource" "backup_policy" {
name = "kubernetes-policy"
parent_id = azurerm_data_protection_backup_vault.this.id
type = "Microsoft.DataProtection/backupVaults/backupPolicies@2023-08-01-preview"
schema_validation_enabled = false # to prevent invalid preview API version errors
body = file("${path.module}/azapi-resources/backup-policy.json")
}
resource "azapi_resource" "backup_configuration" {
name = "cluster-configuration"
parent_id = azurerm_data_protection_backup_vault.this.id
type = "Microsoft.DataProtection/backupVaults/backupInstances@2023-08-01-preview"
schema_validation_enabled = false # to prevent invalid preview API version errors
body = templatefile("${path.module}/azapi-resources/backup-configuration.json", {
name = "cluster-configuration"
backup_policy_id = azapi_resource.backup_policy.id
cluster_name = azurerm_kubernetes_cluster.this.name
cluster_id = azurerm_kubernetes_cluster.this.id
cluster_location = azurerm_kubernetes_cluster.this.location
disk_snapshot_resource_group_id = azurerm_kubernetes_cluster.this.node_resource_group_id
})
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment