Skip to content
/ ScheduleAmiAndSnapshot-Lambda Public
forked from bijohnvincent/ScheduleAmiAndSnapshot-Lambda

This project is for developing a solution for automating AMI and EBS backups using AWS Lambda. Scheduling is done using CloudWatch.

0 stars 7 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tifend/ScheduleAmiAndSnapshot-Lambda

BranchesTags
 
 

Repository files navigation

Schedule AMI And EBS Snapshot with Lambda

AWS Backup automation - EBS snapshot and AMI This project is for developing a solution for scheduling AMI and EBS backups using AWS Lambda. Scheduling is done using CloudWatch Events. Time shown in the diagram is just indicative. Schedule AmiBackup and EbsBackup hourly and retention functions weekly to reduce total Lambda execution time.

Automate AWS Backups using Lambda

AWS is not providing any option to automate AMI or EBS snapshot. So we have to run a server for scheduling regular EBS snapshot and AMIs scripts. AWS Lambda gives option to save our function on AWS itself and CloudWatch has an option to schedule the functions. In this project, I am trying to leverage both and achieve a solution for backup using AWS native services with $0 cost !!!

Following are the functions you have to create in Lambda

  • AmiBackup
  • AmiRetention
  • EbsBackup
  • SnapshotRetention

You can use following tags for your instances:

  • Name - Any AWS supported name
  • CreateAmiBackup - ['y', 'yes', 't', 'true', '1']
  • AmiBackupDates (optional) - [1-31]/Daily/[sun-sat]/[Sunday-Saturday]. Default 1
  • BackupWindowUTC (optional) - [0-23]. Default 0
  • AmiRetentionDays (optional) - Any integer. Default 3
  • ExcludeDevices (optional) - /dev/sd[b-z]. Default None
  • TransferAmi (optional) - Future option

You can use following tags for your EBS volumes:

  • Name - Any AWS supported name
  • BackupWindowUTC - [0-23]
  • SnapshotRetentionDays(optional) - Any integer

IAM roles to be created

LambdaEbsBackup

Give following role for EbsBackup and SnapshotRetention

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": "arn:aws:logs:*:*:*"
        },
        {
            "Sid": "SnapshotPermissions",
            "Effect": "Allow",
            "Action": [
                "ec2:CreateSnapshot",
                "ec2:CreateTags",
                "ec2:DeleteSnapshot",
                "ec2:DescribeVolumes",
                "ec2:DescribeSnapshots"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

LambdaAMIBackup

Give this role for AMI backup and AMIRetention functions

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": "arn:aws:logs:*:*:*"
        },
        {
            "Sid": "AmiPermissions",
            "Effect": "Allow",
            "Action": [
                "ec2:CreateImage",
                "ec2:DescribeInstances",
                "ec2:CreateTags",
                "ec2:DeregisterImage",
                "ec2:DeleteSnapshot",
                "ec2:DescribeImages"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

About

This project is for developing a solution for automating AMI and EBS backups using AWS Lambda. Scheduling is done using CloudWatch.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%