Skip to content

How to enable backups of a GCS bucket to AWS S3

This guide describes how to enable or disable the automatic backup synchronisation serice for a Google Cloud Storage (GCS) bucket.

Overview

The Data Backup Service provides an automated way to enroll a GCS bucket for regular backups to an AWS S3 bucket. This is useful for disaster recovery purposes, ensuring that critical data stored in GCS is also available in a different cloud provider.

Enabling the bucket backup service is as simple as adding a label to the GCS bucket you wish to back up.

Disabling the backup service is equally straightforward, involving the removal of the label from the GCS bucket. This doesn't remove the existing backups in S3, but it does stop any future backups from being created.

Prerequisites

  • Your GCP product folder / project(s) are under the following folders in GCP:
    • DevOps
  • You have the necessary permissions to add or remove labels on GCS buckets you wish to back up, preferably automating the label management using Terraform. The role required for this is:
    • roles/storage.admin
    • Use your gcloudadmin account to perform these operations which will require deploy or admin permissions.

Enable backup of a GCS bucket to AWS S3

Add the following label to the GCS bucket you wish to back up:

  • ucam-devops-backup-destination

Set the value of the label to:

  • production – to enable backups to the production S3 bucket.

Disable backup of a GCS bucket to AWS S3

To disable backups for a GCS bucket, simply remove the ucam-devops-backup-destination label from the bucket. This will stop any future backups from being created, but it will not delete any existing backups in S3.