0

In the Amazon Web Services cloud (AWS), I want to create a launch template that launches an AMI with a root EBS volume and a separate EBS data volume. When the instance is deleted, I want both volumes deleted, but first I want the data volume to have a snapshot taken using a DeletionPolicy of Snapshot rather than Delete or Retain. I would like to create this launch template with the AWS CDK in Python, but as a last resort it would be helpful if I could configure the EBS volumes this way by any means, including a script run after the instance launches.

Currently, I have the launch template configured to create the EBS volumes and delete them when the AMI terminates. So far, so good. What I cannot find is a say to have the "data" volume take a snapshot before it deletes. The closest I can come is to trigger a script to respond to the instance termination signal by initiating a snapshot, but I worry that that is unreliable.

The AWS CloudFormation documentation claims you can set a DeletionPolicy of Snapshot on an AWS::EC2::Volume. I mostly cannot figure out how to get that to work for a random EBS volume attached to an EC2 instance as a data volume (not root or AMI volume).

  • I do not see any place in the AWS Console to set the DeletionPolicy
  • I do not see any place in the aws CLI to read the DeletionPolicy
  • Looking at the LaunchTemplate, I do not see any place to set this policy

So possibly I am thinking about this the wrong way, or possibly the documentation is just misleading. After pouring over the documentation for several hours, I am left to believe that this is not a real option, but rather a hack to enable "snapshot on delete" for RDS clusters.

How can I get this to work for a normal EC2 instance?

Old Pro
  • 24,624
  • 7
  • 58
  • 106
  • Deletion policy can be set in the [CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) template and by extension CDK. Do you want to do this in CDK or the console? [DeleteOnTermination](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instance-attribute.html) is in the cli. At a stack level you can set the [DeletionPolicy](https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-accidental-updates/) as well. What kind of deletion are you trying to prevent, accidental maybe? – lloyd Jul 11 '20 at 10:11
  • If you want to [prevent deletion](https://virtualizationreview.com/articles/2018/01/23/protect-aws-images-data-loss.aspx) setup the necessary protection. However the best protection is regular backups. – lloyd Jul 11 '20 at 10:12

1 Answers1

-3

You can try to use terraform also if you are comfortable using that. Example:

    resource "aws_ebs_volume" "example" {
  availability_zone = "us-west-2a"
  size              = 40

  tags = {
    Name = "HelloWorld"
  }
}

resource "aws_ebs_snapshot" "example_snapshot" {
  volume_id = "${aws_ebs_volume.example.id}"

  tags = {
    Name = "HelloWorld_snap"
  }
}

So when the volume will be deleted, snapshot will be there and you can restore data anytime from that.

you can set the parameter DeleteOnTermination true or false. When an instance is terminated, Amazon Elastic Compute Cloud (Amazon EC2) uses the value of the DeleteOnTermination attribute for each attached EBS volume to determine whether to preserve or delete the volume when the instance is terminated. By default, the DeleteOnTermination attribute for the root volume of an instance is set to true, but it is set to false for all other volume types.

subhadeep dutta gupta
  • 203
  • 2
  • 10
  • This is completely unhelpful, as (a) it does not use CDK or CFT, (b) takes a snapshot immediately and not on deletion, and (c) is in no way part of a launch template. – Old Pro Jul 12 '20 at 21:29