Data recovery

Task Statement 1.3: Determine appropriate data security controls.

📘AWS Certified Solutions Architect – (SAA-C03)

1. What is Data Recovery?

Data recovery means restoring lost, deleted, corrupted, or unavailable data to its original state.

In AWS, data recovery is a critical part of data security. Protecting data is not only about encryption and access control — it is also about:

  • Making sure data can be restored
  • Reducing downtime
  • Preventing permanent data loss
  • Meeting business and compliance requirements

For the SAA-C03 exam, you must understand:

  • Backup strategies
  • Snapshots
  • Replication
  • High availability
  • Disaster recovery (DR) strategies
  • RTO and RPO concepts
  • AWS services used for recovery

2. Important Concepts for the Exam

2.1 Backup

A backup is a copy of data stored separately from the original.

Backups protect against:

  • Accidental deletion
  • Application errors
  • Data corruption
  • Ransomware
  • Region failures

In AWS, backups can be:

  • Automated
  • Scheduled
  • On-demand
  • Cross-region
  • Cross-account

2.2 Snapshot

A snapshot is a point-in-time copy of data.

Snapshots are commonly used with:

  • Amazon EBS
  • Amazon RDS
  • Amazon Redshift
  • Amazon OpenSearch Service

Snapshots are stored in Amazon S3 internally (you don’t see it directly).

Snapshots are:

  • Incremental (only changed data is saved after the first snapshot)
  • Durable
  • Used to restore volumes or databases

2.3 RTO and RPO (Very Important for Exam)

RTO – Recovery Time Objective

How long it takes to restore the system after failure.

Example:
If RTO is 1 hour → system must be restored within 1 hour.

RPO – Recovery Point Objective

How much data loss is acceptable.

Example:
If RPO is 5 minutes → only 5 minutes of data loss is acceptable.

Exam Tip:

  • Low RTO = faster recovery needed
  • Low RPO = less data loss allowed
  • Lower RTO/RPO = higher cost

3. AWS Services for Data Recovery

You must understand which service to use in which scenario.

3.1 AWS Backup

AWS Backup

A centralized service to manage backups across AWS services.

Supports:

  • EBS
  • RDS
  • DynamoDB
  • EFS
  • FSx
  • Storage Gateway

Features:

  • Backup policies
  • Lifecycle management
  • Cross-region backup
  • Cross-account backup
  • Backup vaults
  • Backup vault lock (protection against deletion)

Exam Important:
Use AWS Backup when:

  • Organization-wide backup management is required
  • Compliance is important
  • Central control is needed

3.2 Amazon S3 Data Protection

Amazon S3

S3 provides built-in recovery features:

Versioning

Keeps multiple versions of an object.
Protects against:

  • Accidental deletion
  • Overwrites

Cross-Region Replication (CRR)

Automatically copies objects to another region.

Same-Region Replication (SRR)

Copies objects within the same region.

S3 Object Lock

Prevents deletion or modification (WORM – Write Once Read Many).

Lifecycle Policies

Move data to:

  • Amazon S3 Glacier
  • Amazon S3 Glacier Deep Archive

Exam Tip:
If question mentions:

  • Accidental deletion → Enable versioning
  • Compliance retention → Object Lock
  • Regional disaster → Cross-Region Replication

3.3 Amazon EBS Recovery

Amazon EBS

Used with EC2 instances.

Recovery methods:

  • EBS snapshots
  • Copy snapshot to another region
  • Restore new volume from snapshot

Exam Tip:
If EC2 volume is corrupted → restore from EBS snapshot.

3.4 Amazon RDS Recovery

Amazon RDS

RDS provides:

Automated Backups

  • Daily snapshots
  • Transaction logs
  • Point-in-time recovery

Manual Snapshots

  • User-controlled
  • Retained until deleted

Multi-AZ Deployment

Creates standby replica in another Availability Zone.
Provides automatic failover.

Important:
Multi-AZ improves availability, NOT backup replacement.

3.5 Amazon DynamoDB Recovery

Amazon DynamoDB

Features:

Point-in-Time Recovery (PITR)

Restore to any second in last 35 days.

On-Demand Backup

Manual backup.

Global Tables

Multi-region replication.

Exam Tip:
Need near-zero RPO across regions → Use Global Tables.

3.6 Amazon EFS Backup

Amazon EFS

Supports:

  • Automatic backups via AWS Backup
  • Cross-region backup copy

3.7 AWS Elastic Disaster Recovery

AWS Elastic Disaster Recovery

Used for:

  • Recovering entire servers
  • Migrating workloads
  • Continuous replication to AWS

Provides:

  • Low RPO
  • Low RTO
  • Automated failover

Exam Scenario:
If question mentions:

  • On-premises recovery
  • Full server replication
  • Minimal downtime

→ Choose Elastic Disaster Recovery

4. Disaster Recovery (DR) Strategies

Very important exam topic.

There are 4 DR strategies:

4.1 Backup and Restore (Lowest Cost)

  • Regular backups stored in S3
  • Restore when disaster happens
  • High RTO
  • High RPO

Used when downtime is acceptable.

4.2 Pilot Light

  • Minimal core system always running
  • Full system started when needed
  • Medium RTO
  • Medium RPO

4.3 Warm Standby

  • Fully functional but scaled-down version running
  • Quickly scale up when needed
  • Low RTO
  • Low RPO

4.4 Multi-Site (Active-Active)

  • Fully running in multiple regions
  • Traffic load balanced
  • Very low RTO
  • Very low RPO
  • Highest cost

Exam Tip:
More availability = more cost.

5. Cross-Region vs Multi-AZ

Students often confuse these.

Multi-AZ

  • Protects against AZ failure
  • Same region
  • Automatic failover
  • Example: RDS Multi-AZ

Cross-Region

  • Protects against region failure
  • Manual or DNS failover
  • Example: S3 Cross-Region Replication

6. Data Recovery Best Practices (Exam Perspective)

  1. Enable versioning on S3
  2. Automate backups
  3. Store backups in separate account
  4. Encrypt backups
  5. Regularly test restoration
  6. Monitor backup failures
  7. Use lifecycle policies for cost control

7. Common Exam Scenarios and Answers

ScenarioBest Solution
Accidental S3 object deletionEnable versioning
Need database restore to specific secondRDS Point-in-Time Recovery
Recover EC2 dataEBS snapshot
Centralized backup managementAWS Backup
Low RPO multi-region databaseDynamoDB Global Tables
Protect against AZ failureMulti-AZ
Protect against region failureCross-region replication

8. What You MUST Remember for SAA-C03

  • Understand RTO and RPO clearly
  • Know difference between backup and high availability
  • Know which service supports PITR
  • Understand snapshot vs replication
  • Know DR strategies and their cost differences
  • Understand Multi-AZ vs Cross-region

Final Summary

Data recovery in AWS means:

  • Backing up data
  • Replicating data
  • Restoring data quickly
  • Designing systems with acceptable RTO and RPO
  • Choosing correct AWS services for recovery

For the SAA-C03 exam, focus on:

  • AWS Backup
  • S3 Versioning and Replication
  • EBS Snapshots
  • RDS Automated Backups
  • DynamoDB PITR
  • Disaster Recovery strategies
  • Multi-AZ vs Cross-Region

If you understand these clearly, you will be fully prepared for the Data Recovery portion of Task Statement 1.3.

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by