To back up the Amazon Aurora database, create an instance for the database.
From the navigation pane, go to Protect > Databases.
The Instances page appears.
Click Add Instance, and then click Cloud DB.
The Add Cloud DB instance page appears.
From the Select vendor list, select Amazon.
From the Database engine list, select DocumentDB.
For Cloud account, select an existing AWS account or create a new account.
Use an existing AWS account
To select an existing cloud account for the instance, from the Cloud account list, select the cloud account name.
Define a new AWS account
To add a new account, click Add.
The Add cloud account dialog box appears.
In the Name box, type a name for the new cloud account.
In the Regions box, type the region names that you want to back up, separated by commas. For example, enter us-east-1,us-west-1.
By default, clusters or instances from all regions are backed up. Choose the regions to back up if any of the following conditions are true:
Enter the host or account authentication information:
To use IAM role authentication, click IAM role.
Note: If you select IAM role authentication, but a proxy that is not associated with the IAM role is used for a backup or restore, the operation fails.
Define custom permissions to access AWS resources to enable support for DocumentDB backups and restores. Download the amazon_documentdb_backup_restore_permissions.json file and use it on the AWS command line to apply the required permissions.
To use an access key and secret key pair to access the AWS account, click Access and secret key, and then enter the following information for your Amazon account:
Access key: Type the access key ID.
Secret key: Type the secret access key.
Use service account resources: This toggle key does not apply to cloud databases.
To use an STS assume role with IAM policy to access the AWS account, click STS assume role with IAM policy, and then enter the AWS ARN for using the STS Assume Role.
To select access nodes that have the necessary permissions associated with them in the AWS Console, from the Access nodes list, select access nodes (proxies) or servers to use for the backup and restore operations.
From the Plan list, select the server plan that you want to use for the backup operations.
To filter the content that is backed up, click Edit, and then select or clear the regions to include or exclude from the backups.
After you create the cloud database instance, a default cluster group is automatically created for the instance.