diff --git a/modules/osdu/helm-backup.tf b/modules/osdu/helm-backup.tf
new file mode 100644
index 0000000000000000000000000000000000000000..17818af65bd443c2503ae3562836744fb71a95ab
--- /dev/null
+++ b/modules/osdu/helm-backup.tf
@@ -0,0 +1,119 @@
+locals {
+  backup_name  = "backup"
+  backup_image = "community.opengroup.org:5555/osdu/platform/deployment-and-operations/backup-service/osdu-gcp:latest"
+  backup_roles_name = [
+    "roles/datastore.owner",
+    "roles/storage.admin",
+    "roles/cloudsql.admin"
+  ]
+}
+
+resource "google_service_account" "backup_sa" {
+  # GCP service account ids must be < 30 chars matching regex ^[a-z](?:[-a-z0-9]{4,28}[a-z0-9])$
+  # KSA do not have this naming restriction.
+  depends_on   = [google_container_node_pool.cluster_node_pool]
+  account_id   = "workload-${local.backup_name}-sa"
+  display_name = substr("GCP SA bound to K8S SA for ${local.backup_name}", 0, 100)
+  project      = var.service_google_project
+}
+
+resource "kubernetes_service_account" "backup-k8s" {
+  depends_on = [
+    google_container_node_pool.cluster_node_pool,
+    google_service_account.backup_sa
+  ]
+  metadata {
+    name      = "gke-${local.backup_name}-sa"
+    namespace = "default"
+    annotations = {
+      "iam.gke.io/gcp-service-account" = google_service_account.backup_sa.email
+    }
+  }
+}
+
+resource "google_project_iam_member" "iam-member-backup" {
+  depends_on = [
+    google_container_node_pool.cluster_node_pool,
+    google_service_account.backup_sa
+  ]
+  for_each = toset(local.backup_roles_name)
+  project  = var.service_google_project
+  role     = each.value
+  member   = "serviceAccount:${google_service_account.backup_sa.email}"
+}
+
+resource "google_service_account_iam_member" "backup-k8s" {
+  depends_on         = [kubernetes_service_account.backup-k8s]
+  service_account_id = google_service_account.backup_sa.name
+  role               = "roles/iam.workloadIdentityUser"
+  member             = "serviceAccount:${var.service_google_project}.svc.id.goog[default/${kubernetes_service_account.backup-k8s.metadata[0].name}]"
+}
+
+# Apply configmap from helm chart
+resource "helm_release" "backup-config" {
+  depends_on    = [google_container_node_pool.cluster_node_pool]
+  name          = "backup-configmap"
+  repository    = "https://community.opengroup.org/osdu/platform/deployment-and-operations/backup-service/-/jobs/artifacts/gcp-helm-release-0-1/raw/helm-charts/?job=osdu-gcp-helm-charts"
+  chart         = "gcp-backup-configmap"
+  namespace     = "default"
+  recreate_pods = true
+  set {
+    name  = "conf.app_name"
+    value = local.backup_name
+  }
+  set {
+    name  = "data.project_id"
+    value = var.service_google_project
+  }
+  set {
+    name  = "data.log_level"
+    value = var.log_level
+  }
+  set {
+    name  = "data.backup_bucket"
+    value = "${var.service_google_project}-backup-service"
+  }
+  set {
+    name  = "data.sql_restore_backup_kind"
+    value = "sql#restoreBackupContext"
+  }
+  set {
+    name  = "data.sql_databasename"
+    value = "postgres"
+  }
+  set {
+    name  = "data.datastore_namespace"
+    value = var.data_partition_id
+  }
+  set {
+    name  = "data.google_audiences"
+    value = var.audiences
+  }
+}
+
+# Apply deploy from helm chart
+resource "helm_release" "backup-deploy" {
+  depends_on = [
+    helm_release.ent-deploy,
+    helm_release.partition-deploy,
+    helm_release.backup-config
+  ]
+  name          = "backup-deploy"
+  repository    = "https://community.opengroup.org/osdu/platform/deployment-and-operations/backup-service/-/jobs/artifacts/gcp-helm-release-0-1/raw/helm-charts/?job=osdu-gcp-helm-charts"
+  chart         = "gcp-backup-deploy"
+  namespace     = "default"
+  recreate_pods = true
+
+  set {
+    name  = "data.image"
+    value = local.backup_image
+  }
+  set {
+    name  = "data.serviceAccountName"
+    value = kubernetes_service_account.backup-k8s.metadata[0].name
+  }
+  set {
+    name  = "conf.app_name"
+    value = local.backup_name
+  }
+}