Data is a critical asset for any business in the digital world. so backing up your data regularly is critical for any company with business continuity in mind. This is applicable whether the company is using an on-premises data center or a public cloud like AWS, Azure, or GCP. At the same time, you need to keep the cost in mind when you design for data protection using any third-party tool or cloud-native tools. This article will walk you through how to use Amazon Data Lifecycle Manager (DLM) to lower operational costs and reduce the complexity of managing the backup operations using EBS snapshots. EBS-backed AMIs are a convenient way to back up your block-level data. EBS snapshots are block-level, point-in-time, incremental copies of your Amazon EBS volumes for backup, or disaster recovery (DR) purposes.
The organization’s IT policy defines the snapshots to be taken on a specified schedule (hourly, daily, weekly, etc.) to meet business continuity and data protection requirements. This article will walk you through how can use DLM lifecycle policies to automate the creation, retention, and deletion of Amazon EBS snapshots.
We will be trying to achieve the following using the Amazon DLM policy.
Backup policies Options and resource tagging
Amazon Data lifecycle manager works based on resource tagging. Before creating the policy, you need to define the recovery point objectives (RPO) and recovery time objectives (RTO) for different application types. Depending on the application criticality, snapshot frequency, retention, and cross-region copy values differ. For different snapshot frequencies, create unique key-value pairs. The following table shows different RPO / RTO options used for the different application environments.
| App – Environment | Critical Production App | Production | Dev |
| RPO | 1 hour | 24 hours | 1 week |
| Snapshot policy name | hourly | daily | weekly |
| Resource tag key: value | DLMSHourly: Yes | DLMSDaily: Yes | DLMSWeekly: Yes |
| Snapshot retention | 24 hours | 7 days | 30 days |
| Enable Fast Snapshot Restore | Yes | No | No |
| Cross-Region copy | Yes | No | No |
| Cross-Region copy retention | 2 days | No | No |
Create Amazon DLM policy
In my Lab environment, I have one EC2 instance running on the us-east-2 region.
1. From the AWS console – > Navigate to EC2 and then select Lifecycle Manager under the Elastic Block Store. Select the policy type as EBS-backed AMI policy and click “Next step”
2. Enter the pre-defined resource tags. In my case, I have updated “DLMShourly: Yes”.
3. Enter the policy description. If you want to choose a specific IAM role, you can select it here.
4. Here is the option to choose the policy status and snapshot option. (To reboot the instance or not during the EBS snapshot)
5. Define the snapshot schedule name and snapshot frequency. I have also defined retention here.
6. Configure AMI deprecation and Enable cross-region snapshots for disaster recovery.
7. Select the target DR region details for instance recovery.
8. Review the policy settings and create a policy.
Verify our work:
As we have defined in the Amazon DLM, based on the resource tags, it will pick the resources and takes the snapshot for every hour. It will also convert the snapshot to AMI and copies to targetted DR region. Let’s check for the new AMI on the current region (us-east-2 / Ohio) and target region after a couple of hours. Once you have the AMI, you can launch new instances from that. Kindly note, that the DLM AMI policy will take snapshots for both OS and data disks.
On target region (us-east-1 – N. Virginia )
If you want to test the cross-region snapshot, you can launch it from the AMI and validate it.
Conclution
Amazon DLM helps you manage your EBS resources efficiently by automating the lifecycle of Amazon EBS snapshots and EBS-backed AMIs. It is reducing costs and management complexity. You can protect valuable data by enforcing a regular backup schedule, in addition, to reducing storage costs by deleting outdated backups by enabling the AMI depreciation. In the next article, we will see how to monitor the EBS-backed AMI using AWS native tools. Hope this article is informative to you.