Create EBS Volume Snapshots by Amazon Data Lifecycle Manager
This AWS tutorial shows users how to use Data Lifecycle Manager aka DLM to automate Amazon EBS snapshots creation, deletion, etc. Creating EBS volume snapshots is very easy by using Amazon Data Lifecycle Manager and can be bound to a schedule. In addition to snapshot creation, lifecycle manager policy configuration enables cross-region copy of the snapshots as well as cross-account sharing of the created EBS volume snapshots.
When AWS user logged on the the AWS Management Console, switch to the Amazon EC2 Console. On Amazon EC2 Console, AWS users will find Lifecycle Manager under the Elastic Block Store section on the left menu.
Now AWS users can start by pressing Create Snapshot Lifecycle Policy button.
Now AWS users can start creating their first lifecycle policy to automate EBS volume snapshot creation tasks by a schedule for backing up their application data, etc running on EC2 instances.
Create Lifecycle Policy
Data Lifecycle Manager enables Amazon Web Services, AWS users to automate the creation, retention, copy and deletion of EBS snapshots and EBS-backed AMIs. It also enables you to automate cross-account snapshot copy actions for snapshots that are shared with you, based on Amazon CloudWatch events.
EBS snapshot policy
Create new Lifecycle Policy by filtering using tags for limiting the EBS volumes to take selected ones' EBS volume snapshots
First of all, AWS users can provide a description for the policy to be created, brief and explaining the aim of the Data Lifecycle policy.
The resource type for snapshot creation, AWS users can select either Volume or Instance.
If you choose "Volume", it is possible to take automatic snaphots of EBS volumes with specified tags. This can be multiple EBS volumes with same tag created for a specific solution. If you choose "Instance" and continue then it is possible to manage snapshot creation of all EBS volumes attached to EC2 instances with specific tags.
Select the tags associated with the EBS volumes or EC2 instances, to identify the EBS volumes filtering based on tagging.
You can also assign tags to the Lifecycle Policy which is being created.
On IAM Role section, AWS users can specify an IAM role that has required permissions to create and delete a snapshot via Amazon Data Lifecycle Manager.
This lifecycle policy must be associated with an AWS IAM role which has the appropriate permissions for creating a snapshot and managing. If you are not familiar with which policies to use with a new custom IAM rol, you can choose Default role. The default role selection will create a new IAM role with all the required permissions granted. On the other hand, you can choose to an other existing IAM role or to create a new role. Then you must grant all relevant IAM permissions and setup trust relationships correctly.
On Policy Schedule section, AWS users has the chance to give a name to the lifecyle policy.
All the snapshots created by this lifecycle policy will be tagged with this schedule name. Later after execution of our sample policy, we will see how these values are tagged.
By using a schedule AWS users can identify the frequency and the time period a policy will triggered. Each DLM policy should have at least one schedule defined. There are three more optional schedules that AW user can define for a lifecycle policy. To summarize first schedule definition is mandatory, on the other hand followings schedules titled as 2, 3, and 4 are optional schedules.
It is possible to create daily, weekly, monthly and yearly schedules as well as schedules created by custom cron expressions.
Retention type can be either based on count, number of snapshots taken, or based on age by the period passed over the oldest snapshot. The oldest snapshot beyond this limits will be deleted by DLM automatically.
You can also define 3 more additional schedules which are optional for managing the execution of Data Lifecycle Manager policies in following steps as I mention before.
Tagging information section is also optional. I guess how important it is to tag your AWS resources to manage them easily.
But tagging information enables AWS users to copy tags automatically from existing EBS volume to the snapshots by select the option "Copy tags from source".
If cross region copy is enable,tags will not be associated with the copied snapshots.
In addition to what mentioned above, all of the snapshots created by the lifecycle policy will automatically be tagged with the lifecycle policy ID and with the schedule name.
It is also possible to add additional tags to the created snapshots with the help of "Additional tags"
Fast snapshot restore section is also optional.
Fast snapshot restore enables fast snapshot restore to ensure that volumes created from snapshots created by this policy instantly deliver all of their provisioned performance.
Of course this brings an additional cost. For more details please refer to Amazon EBS fast snapshot restore
Cross region copy is also an optional configuration. It enables cross region copy in order to copy snapshots which are created automatically by this lifecycle policy. It is possible to copy snapshots up to three additional regions including the current AWS region.
Configuring the optional Cross-account sharing it is possible for AWS users to share the EBS volumne snapshots with other AWS accounts. All you need is to provide the target AWS account ID values. It is possible to share snapshots with multiple number of AWS accounts up to 50.
After reviewing the Data Lifecycle Policy configuration to be sure that the rules are specified correctly for your requirements, you can create the policy and enable it by default as follows.
After the first execution defined by the schedule, I can see the snapshot created under Snapshots list on EC2 Dashboard
You can see the description includes the lifecycle policy ID and policy schedule name.
Maybe you already see that I have filtered the snapshot using the custom additional tag I defined for snapshots that will be created by this Amazon Data Lifecycle Management policy.
When I displayed the tags for that specific snapshot, I can see the custom tag I defined.
I can also see dlm:managed tag with "true" as value.
In addition to those, there are tags named aws:dlm:lifecycle-policy-id and aws:dlm:lifecycle-schedule-name