Amazon EBS Snapshots and AMIs Data Lifecycle Manager

Data Lifecycle Manager on Amazon

Automate AMI lifespan management with EBS and EBS snapshot support.

Summary

Amazon Data Lifecycle Manager provides an automated, policy-based lifecycle management solution for Amazon Elastic Block Store (EBS) snapshots and Amazon Machine Images (AMIs) that are powered by EBS. You can automate the creation of point-in-time copies of your block storage data using user-defined policies that you can change based on your data security needs. Amazon Data Lifecycle Manager does not require programming or specific knowledge.

The graphical user interface (GUI) makes it easier to create, save, and remove AMIs and EBS snapshots. For this, regular frequencies and custom cron expressions can be employed. This feature lessens the chance of human error associated with script maintenance by doing away with the requirement to manage your code.

When combined with the monitoring features of Amazon CloudWatch and AWS CloudTrail, Amazon Data Lifecycle Manager provides an all-inclusive lifecycle management and backup solution for Amazon Elastic Compute Cloud (EC2) instances and individual EBS volumes at no additional cost.

Advantages and applications

Maintain compliance and safeguard data

To protect your data, enforce a regular backup schedule. Amazon Data Lifecycle Manager provides a data protection plan and automated process management for your valuable data. Develop effective disaster recovery strategies that allow you to backup your data to several accounts. Amazon Data Lifecycle Manager provides a useful method for Amazon EBS users to store backups for audit or compliance needs.

Among other rules, Amazon Data Lifecycle Manager, a part of Amazon EBS, conforms with SOC, PCI, FedRAMP, ISO, and HIPAA laws. You can also define account-level default rules to fully secure all of your account's critical workloads.

Automate monitoring and backup

To automatically generate, store, and delete AMIs and EBS Snapshots at specific times, set up a schedule and policy. You may automate the creation of application-consistent EBS snapshots by providing post-scripts to resume I/O operations and patch your workloads, as well as pre-scripts to halt I/O and flush the buffer to disk. You can use pre-built scripts that are available through current SSM documents, or you can use your own AWS Systems Manager (SSM) documents to coordinate processes before and during snapshot initialization.

The SSM documentation can be used to create application-consistent snapshots for Electronic Health Records systems, SAP HANA, MySQL, PostgreSQL, InterSystems IRIS, and Windows applications.

You can monitor your Amazon Data Lifecycle Manager policies with Amazon CloudWatch, which collects raw data and converts it into intelligible, nearly real-time analytics. The exact amount of EBS Snapshots and EBS-backed AMIs that your policies create, delete, and duplicate over time may be monitored with these metrics. It is also possible to build alarms that, when specific thresholds are achieved, cause actions or notifications.

Cut down on storage expenses

Regularly backup your EBS volumes using custom rules based on the criticality of the data to cut costs. Amazon Data Lifecycle Manager can help you manage your EBS resources more effectively. You might design a policy that facilitates the creation and daily maintenance of EBS snapshots for your most critical applications. You can utilize a less frequent schedule for cold data. You can also establish a policy that regularly removes outdated snapshots to reduce storage costs.

Amazon Data Lifecycle Manager will automatically deregister an AMI backed by EBS and delete the underlying snapshots when the AMI's retention period is up. By doing this, you avoid the need to manually delete pictures, which could be costly if you forget.

Designed to be adaptable

With Terraform, AWS CloudFormation, AWS SDKs, AWS Command Line Interface (CLI), and API, you can create and manage policies with ease. With Amazon Data Lifecycle Manager, you can additionally run rules for three other resource types: individual EBS volumes, a group of EBS volumes linked to an EC2 instance, or an EC2 instance. You can also use a different AWS Key Management Service (KMS) key to encrypt the snapshots and create event-based policies to automatically copy the pictures to different accounts. This provides an additional layer of protection for your data in the event that any accounts are compromised.