I was looking at ways to back up Datomic Cloud, and found Cloud backups & recovery - #13 by lukenelson, which is various people asking for it and the reponse being “It uses S3 and DynamoDB, both of which have very high data durability SLAs, so backups aren’t really necessary/supported yet”.
This doesn’t paint a complete picture, IMO. Many of the folks in that thread are asking about backups so that they can do a local restore and examine the data. I am thinking more about an accidental or, worse, malicious deletion of our data by a hacker or disgruntled (soon-to-be-ex) employee. Sure, if they do something like that we can pursue them legally for it, but an individual is highly unlikely to have the funds to cover the costs of our damages, and them potentially serving prison time would not help all the other employees now out of a job because the company has folded.
I want to be able to ship the data off to a completely separate AWS account which is more heavily secured (no developer access outside of a restore, no access keys, physical MFA tokens required etc), so that if someone deletes objects from the S3 buckets or rows from the DynamoDB tables we can use the contents of that backup account to restore that data to at least within a day.
How would people go about achieving that?