Cross account DR of EFS may fail with error: Error: EFS DR, backup fs-xxxxxxxx missing matching vault name on target region US West (Oregon) (original vault: Default)
Problem:
When doing a DR copy of EFS file systems across regions the following error may occur:
Error: EFS DR, backup fs-ea2d99a2 missing matching vault name on target region US West (N. California) (original vault: Default)
Resolution:
EFS Backup and
Restore is performed by AWS Backup Service. When adding an EFS target for the first time in a region,
you must create the default backup vault in AWS for each and every region.
Go to the AWS Backup console and choose Backup
vaults.
For more information regarding the
AWS Backup Service, refer to https://docs.aws.amazon.com/efs/latest/ug/awsbackup.html
1. Go to the AWS Backup console and choose the correct Region in the upper right-hand corner.
2. Choose Backup vaults
3. Create a Backup Vault
4. Name the vault "default" and then click on "Create Backup Vault"
5. Once that is done then go back into the CPM Console and run the EFS job again and this time the DR copy will succeed.
This is what is in the backup log:
Related Articles
Cross-Region DR RDS backup may fail with "Copy failed due to an AWS limitation regarding default encryption key” error
RDS DR backup of encrypted snapshots between different regions may fail with the following error in the Backup log: Error - RDS DR, copy snapshot failed (to DR account) due to an AWS limitation regarding default encryption key (source US East (Ohio), ...Cross region copy of RDS snapshots may fail with error: RDS DR copy snapshot failed (in Backup account). No matching KMS alias in target region
Issue: The Following error may appear in the CPM Server logs: ERROR: start_copy_region(dr_rds.py:301) RDS DR copy snapshot failed (in Backup account). No matching KMS alias on target region (source EU (Frankfurt), target Asia Pacific (Singapore), RDS ...Cross-region DR copy of encrypted snapshot may fail with "Copy failed due to an AWS limitation regarding default encryption key” error
DR of encrypted snapshots may fail with the following error in the Backup log: Error - <DR Policy>, copy snapshot failed (in Backup account) due to an AWS limitation regarding default encryption key source <source region>, target <target region>, ...Cross-Account and Cross-Region DR of an encrypted RDS database may fail
If cross-region and cross-account backup of an encrypted RDS database is successful, but fails in the cross-region cross-account DR copy, you may see the following error in the cpm logs: ERROR: start_copy_region(dr_rds.py:381) RDS DR copy_snapshot ...EFS - cross account tag scan may fail with Error: Invalid IAM role ARN
When adding EFS to a policy via a tag, it may fail with one of the following errors: (tag for example: efstesting+vault=n2ws+exp_opt=D+exp_opt_val=30+role_arn=arn:aws:iam::12345678:role/CPM) Critical Error - Can't update EFS to backup targets. Error: ...