Automating EC2 Backups from CloudFormation
DevOps and DevOps practices are growing in popularity every day, especially in the cloud-computing world. One key aspect in DevOps is automation. By automating your infrastructure and using infrastructure-as-code, you:
- Reduce human errors,
- Can easily duplicate your infrastructure,
- Can inspect and review your infrastructure changes, and
- Can manage your infrastructure along with the rest of your application source code.
AWS CloudFormation is Amazon’s infrastructure-as-code solution. By using CloudFormation, you can manage your AWS resources “the DevOps way”.
Today, I wanted to show an example of managing EC2 backups using CloudFormation. We will create our EC2 backups using EBS snapshots. AWS does not have a built-in mechanism for automating EBS snapshots, so we’ll use Skeddly to perform the actual backups. CloudFormation will be used to add our new EC2 resources into our Skeddly backup schedule.
Create the Skeddly action
The first step is to create our Skeddly action which will be used to execute the scheduled backups. I’ll use Skeddly’s “Backup Multiple EC2 Instances” action.
- Go to Skeddly’s Actions page and click “Create New Action”.
- Select the Backup Multiple EC2 Instances action from the list of actions.
- Populate your desired backup schedule. In this example, we will execute the action daily at 3am.
- Select the required AWS credentials and AWS region.
- Specify the following field values:
- Instance Identification Method:
EC2 Tag - EC2 Tag Name:
skeddly:backup-schedule - EC2 Tag Value:
equalsdaily-0300 - Consistency Method:
Stop Instance
- Instance Identification Method:
- The rest of the values we’ll leave as-is, but we’ll add one more resource tag to the snapshots:
- Name:
Retention - Value:
7
- Name:
When the above action executes, it will look for any EC2 instances that have a resource tag named skeddly:backup-schedule with a value of daily-0300. For any EC2 instances that match, EBS snapshots will be created for all attached EBS volumes.
With the action created, I will use Skeddly’s IAM Policy Generator to generate an IAM policy for my AWS credentials. After generating the policy, I copy & paste the policy as an “inline” policy on the AWS user or role.
Use CloudFormation to add EC2 instances to the backup schedule
Since my action will be looking for the magical tags on my EC2 instances, the only thing I need to do is to add those tags to my EC2 instances in my CloudFormation template. Below is a sample snippet from a CloudFormation template where I am adding the aforementioned tags to the EC2 instance.
{
"MyInstance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"Tags" : [
{
"Key" : "skeddly:backup-schedule",
"Value" : "daily-0300"
}
]
}
}
}
With that in place, the EC2 instances created by this CloudFormation template will automatically be added to the backup schedule provided by Skeddly. There’s no need to go into Skeddly to add or remove EC2 instances from the schedule.
Now I’ve automated EBS snapshots, the DevOps way.
Wait!
What about that extra Retention tag that I added to our Skeddly action? I will address that in a later article.
Try It Today
Automate your backups today. Sign-up for our 30 day free trial or sign-in to your Skeddly account to get started.