Automating Amazon EBS snapshots with AWS Lambda
Amazon Elastic Block Store (EBS) is scalable and high-performance block storage for use with Amazon EC2 instances. AWS Lambda is a serverless compute offering that you can use to run your code whether it’s part of an application or performing an administrative task.
- In the AWS Management Console search bar, enter Lambda, and click the Lambda result under Services:
You will see a page load that explains how AWS Lambda works and invites you to start using it.
2. Click Create a function to create a new function:
3. In the Create function wizard, ensure Author from scratch is selected and enter the following form values:
- Name: Test or TakeEbsSnapshot
- Runtime: Ensure Node.js 18.x is selected
4. Under Permissions, click Change default execution role and select the following:
- Execution role: Select Use an existing role
- Existing role: Select the role beginning with EBSLambdaRole
But in your case you don’t have that policy for that purpose go to “IAM” create an new policy for “EBS” and give name as you want and then save, after you will see your policy or else go with open “Create a new role” and after creation you will change the policy both way will work. Below are Json policy for that role you can refer while creating new role for this partial
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:Describe*",
"ec2:CreateSnapshot",
"lambda:GetAlias",
"lambda:GetEventSourceMapping",
"lambda:GetFunction",
"lambda:GetFunctionConfiguration",
"lambda:GetPolicy",
"lambda:InvokeFunction",
"lambda:ListAliases",
"lambda:ListEventSourceMappings",
"lambda:ListFunctions",
"lambda:ListVersionsByFunction",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "*",
"Effect": "Allow"
}
]
}5. Click Create function.
You are taken to the function’s details page.
6. Scroll down to the Code source section, double-click the index.mjs file, and overwrite the contents with the following code:
console.log("Loading function");
import { EC2 }from "@aws-sdk/client-ec2";
const client =new EC2({ region: "us-west-2" });
exportconst handler =async (event, context) => {
const params = {
VolumeId: event.volume,
};
try {
const data =await client.createSnapshot(params);
console.log(data);
return data;
}catch (err) {
console.log(err, err.stack);
throw err;
}
};
Your code editor will look like this:
The function uses the AWS SDK (AWS on line 2) to perform EC2 (ec2 on line 3) operations, specifically creating a snapshot (ec2.createSnapshot on line 12). The function will receive a volume ID (event.volume on line 8) in the event body that is sent when the function is triggered to specify which volume to create a snapshot of. You will configure another function to send the volume ID in a later Lab Step. and will take a snapshot of the volume, so let’s use the code editor to create the logic for this function. The function will return an error if there is something wrong with the request (lines 13–14) and will return the information about the snapshot if it succeeds (lines 10–11).
7. Click Deploy at the top of the code editor to save the function:
You will see a green notification that your function has successfully updated.
8. In the AWS Management Console search bar, enter EC2, and click the EC2 result under Services:
9. In the Resources section of the EC2 Dashboard, click on Volumes to display the list of volumes that have been created:
or else create EC2 Instance as free tier and then you will see “Volumes” under EC2
10. To copy the volume’s identifier, select any one of the listed volumes, and in the Details tab underneath, click the copy icon for the Volume ID
11. Paste the volume ID somewhere you can easily retrieve it later.
You will use the volume ID to test the Lambda function, which expects a volume ID as input.
12. Return to the Lambda Console and click TakeEbsSnapshot function to view its details:
13. Click Test at the top of the Code source section.
14. In the Configure test event form, enter the following values into the form:
- Event name: TestSnapshot
- Event JSON: Enter the following JSON into the event editor at the bottom of the form and replace <volume_ID> with the volume ID you copied:
{
"volume": "<volume-id>"
}
15. At the bottom of the form, click Save.
To test your function, click Test again at the top of the Code source section.
In the code editor, a tab called Execution results will open, and in a few seconds you will see the output of the function:
17. Return to the EC2 console and click on Snapshots from the EC2 Dashboard.
18. Confirm that one snapshot is listed in the table:
19. I hope this blog provides you with valuable insights on how to efficiently take backups of your EBS volumes. Additionally, if you wish to retrieve all EBS volumes within a specific volume group, you can explore those procedures as well. Furthermore, you can seamlessly integrate this backup process with “EventBridge,” ensuring that backups are automatically scheduled and executed at specific times of your choosing.
