Automating EBS Snapshots
In this course, you'll learn about Amazon Data Lifecycle Manager and how to manage EBS snapshots within the AWS console. We're going to talk about the different types of policies you can create, automate, and monitor using Amazon DLM, along with a demo of how to get started.
- Understand the fundamentals of Amazon Data Lifecycle Manager
- Learn how to successfully set up and use Amazon Data Lifecycle Manager within your AWS account to manage new snapshots
- Solutions Architects
- Cloud Engineers
- Anyone who wants to automate their EBS snapshots with the Amazon Data Lifecycle Manager
To get the most out of this course, you should have prior AWS Console knowledge and have some basic experience with EBS.
Creating an Amazon Data Lifecycle Policy for automation and a demo. Before creating an Amazon Data Lifecycle Snapshot Policy, there are a few requirements or things to take into consideration. One, are all your existing EBS volumes and EC2 instances tagged correctly? Two, have you implemented an automated tagging structure for new EBS volumes and EC2 instances? And three, does your tagging reflect Recovery Point Objectives, RPO, and Recovery Time Objectives, RTO, for business applications.
This table shows an example using a metal tier structure for applications and their backup processes. From silver, gold, to platinum their RPO retention tag policy, and policy definition including Cross-Region Copy or Cross-Region Retention. Additional considerations when implementing Amazon Data Lifecycle Manager, is that you can create up to 100 lifecycle policies per region. And it supports up to 45 tags per resource. How about we jump into a demo on creating an Amazon Data Lifecycle Policy. Within the AWS console, click on 'EC2' click 'Launch Instance', select Amazon Linux 2 AMI.
In Step 2, choose an instance type, we'll leave the default as T2 micro, click 'Next' Configure Instance Details. In Step 3, Configure Instance Details, we won't make any changes here, click next 'Add Storage'. In Step 4, for adding storage, I'd like to add a new volume, this will be an EBS volume, and I'll set it to 10 gigs. Click 'Next' to Add Tags. In Step 5 for adding tags, I'll add two tags to this instance. First, will be the name tag with the value of JohnMayer-test, I'll add another tag called DLM Hourly with the value of platinum. Take note, that I want the tag to also be added to the volume. Click next, 'Configure Security Group'. Within Steps 6, configure security group, you can assign or create a new security group, but for the purpose of this demo I'll be removing the default rule. Click 'Review and Launch' and then click 'Launch'. We'll continue without a key pair and acknowledge that we don't need to access or log into this instance. Click 'Launch Instance', let's move on to view the instance, select the instance, select tags, and note that we have DLM Hourly, and the value of platinum.
On the left-hand side under Elastic Block Store click 'Volumes', select the 10 gig volume. Let's take a look at the tags, and we have DLM Hourly with the value of platinum. To access Amazon Data Lifecycle Manager, you can go back to the AWS Console dashboard and type in Data Lifecycle or Lifecycle and select 'Lifecycle Manager'. The other way to access it, is if you go to the EC2 dashboards on the left-hand side under Elastic Block Store, you can select 'Lifecycle Manager'. If this is the first time you're creating a new policy, you'll see the default screen show up to create a New Lifecycle Policy.
The three options are available for the different policy types that we talked about in the previous lecture. EBS snapshot policy, EBS backed AMI policy, and Cross-Account Copy Event Policy. Select EBS Snapshot Policy, click 'Next Step'. For this demo, we'll be targeting instance types with a specific resource tag, that resource tag will be DLM Hourly with the value of platinum. Click 'Add', now let's set a policy description, I'll call this Amazon DLM demo. For IAM role, I'll leave it as a default role, and we will be talking about the two different types of roles or IAM policies that are available for Amazon Data Lifecycle Manager.
Underneath tags, even though it says optional, I always recommend adding tags to your snapshots. Click 'Add Tag', we will label these snapshots with the value of hourly. Policy status as enabled once we complete this policy, we want it enabled and to go into effect immediately. On the last section of the screen parameters, you can exclude the root volume. I will check this off unless you have data on that volume that you need to retain, which is a hard no no, you want to exclude the root volume from your backup policy. Click 'Next' time to set our schedule. You can create up to four schedules for each policy. We'll be only doing one for this, but I'll talk about the order of precedence for schedules later. Let's set our schedule name as snapshothourly, leave the frequency as daily, but we want this to run every one hour. And the start time is fine, I only want to retain three snapshots for the purpose of this demo.
Take note to the schedule retention period that happens when you have multiple schedules, and in the last one you want to take note to the manually archive of snapshot creation. What this is saying is that if you mainly archive a snapshot, it will no longer be managed by Amazon Data Lifecycle Manager. Moving down to advanced settings. Yes, I want to copy tags from the source. This will help add information to my snapshots. You have two default tags automatically added timestamp in the instance ID, but I want to add the tags that I created. You can add additional tags, but I think we've added enough tags for the purpose of this demo and also to understand the snapshot process.
Moving to fast snapshot restore, we will not be selecting this Cross-Region Copy or Cross-Account Sharing, I'll just open them up you can read a little bit more information of what they're about, but we won't be enabling any of these additional options. Click 'Review Policy', this is the policy that we created from step one and step two. Click on 'Create Policy', I'll sign a name to my policy, this name will be snapshothourly. Click 'Save', all right, time to pause the video, fast-forward about three hours, so you can see that the policy has been in effect and that is running correctly. Let's do a little bit of time warp and come right back.
Welcome back to Lecture 4, creating an Amazon Data Lifecycle Policy for automation. We did a little bit of a time warp. Let's take a look at the policy that we created within our demo to see how well it worked. Click 'Refresh' if you still have the AWS console and the policy on your screen. Under Data Lifecycle Manager, click on the 'Policy', click 'Monitoring'. Notice we have this little bit of a dot here, let's zoom into it on our timeline, select 12 hours and there you go. I've created one resource every hour for the last hours. Now, we're only creating one, not two, so the line will be flat. Click on 'Snapshots', there we have three snapshots, I only want to retain three. Here's three for the last three hours. Let's click on the first 'Snapshot' and take a look at the details. Underneath tags, notice how all our tags from the instance were transferred over to the snapshot. This concludes Amazon Data Lifecycle Policy and demo setup.
Jon Myer, ex-amazonian and a Chief Evangelist at nOps. His passion for technology and creating content to educate others has evolved over the years.
He's also the host and creator behind the "Jon Myer Podcast" as a professional storyteller and podcaster, helping others bring their stories to life.