Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn how to implement truly immutable cloud backups using AWS Backup service to protect against ransomware and accidental deletion in this 26-minute conference talk from fwd:cloudsec Europe 2025. Discover the complexities and limitations of AWS Backup through real-world experience from The National Archives, the UK Government's official archive responsible for protecting critical digital records including those from government departments and public bodies. Explore why AWS Backup compliance mode vault locks aren't always truly immutable, understand which KMS key types support backup and restore to central vaults, and learn about the importance of Logically Air Gapped (LAG) vaults. Examine how different AWS services implement backups differently, identify which popular AWS database option doesn't support centralized backup, and consider cost implications for backup plans. Understand the deployment requirements for a centralized solution including configuring AWS Backup vaults and vault policies, deploying components to workload accounts with EventBridge and IAM roles, and selecting appropriate vault types for different AWS resource types. Gain insights into the speakers' open-source Terraform Module solution that simplifies deploying immutable AWS Backups across AWS Organizations, handling complexity while streamlining onboarding of new accounts and resources for backup protection.
