1. First, we need to define a few parameters:
   • ExpirationInDays: This is the maximum amount of time we want to have our files kept in backup for. We've set a default for this value of 2,555 days (7 years).
   • TransitionToInfrequentAccessInDays: After a backup has been copied to S3, we want to move it to the infrequently accessed class to reduce our costs. This doesn't affect the durability of the backup, but it does have a small impact on its availability. We'll set this to 30 days.
   • TransitionToGlacierInDays: After the backup has been kept in the infrequently accessed class for a while, we want to move it to Glacier. This again helps us reduce our costs at the expense of retrieval times. If we need to fetch a backup from Glacier, the wait time will be approximately 3-5 hours. We'll set the default for this to 60 days.
   • PreviousVersionsExpirationInDays: Given that we will have versioning enabled on our bucket, we want to make sure old versions of files aren't kept forever—we're using this feature only to mitigate accidents. We'll set this value to 60 days, which gives us more than enough time to identify and recover from an accidental deletion or overwrite.
   • PreviousVersionsToInfrequentAccessInDays: Just like our other backup files, we want to move our old versions to the infrequently accessed class after a period of time in order to minimize costs. We'll set this to 30 days:

               AWSTemplateFormatVersion: '2010-09-09'
               Parameters:
                 ExpirationInDays:
                   Description: The maximum amount of time to keep files
                     for
                   Type: Number
                   Default: 2555
                 TransitionToInfrequentAccessInDays:
                   Description: How many days until files are moved to
                     the Infrequent Access class
                   Type: Number
                   Default: 30
                 TransitionToGlacierInDays:
                   Description: How many days until files are moved
                     to Glacier
                   Type: Number
                   Default: 60
                 PreviousVersionsExpirationInDays:
                   Description: The maximum amount of time to keep previous
                     versions of files for
                   Type: Number
                   Default: 60
                 PreviousVersionsToInfrequentAccessInDays:
                   Description: How many days until previous versions
                     of files are moved to the Infrequent Access class
                   Type: Number
                   Default: 30

2. Next, we'll need to create the S3 bucket to store our backups in. Note that we're omitting the name property for this bucket in order to avoid bucket name conflicts and maximize region portability. We're also enabling versioning and adding our life cycle rules from our previous Parameters:

      Resources: 
        BackupBucket: 
          Type: AWS::S3::Bucket 
          Properties: 
            VersioningConfiguration: 
              Status: Enabled 
            LifecycleConfiguration: 
              Rules: 
                - Status: Enabled 
                  ExpirationInDays: 
                    Ref: ExpirationInDays 
                  Transitions: 
                    - StorageClass: STANDARD_IA 
                      TransitionInDays: 
                        Ref: TransitionToInfrequentAccessInDays 
                    - StorageClass: GLACIER 
                      TransitionInDays: 
                        Ref: TransitionToGlacierInDays 
                    NoncurrentVersionExpirationInDays: 
                      Ref: PreviousVersionsExpirationInDays 
                    NoncurrentVersionTransitions: 
                    - StorageClass: STANDARD_IA 
                      TransitionInDays: 
                        Ref: PreviousVersionsToInfrequentAccessInDays

3. Finally, let's add an output so we know which bucket to store our backups in:

      Outputs: 
        BackupBucket: 
          Description: Bucket where backups are stored 
          Value: 
            Ref: BackupBucket