AMI Backups and Retention using AWS Lambda

Hello folks. It has been a long time since I have posted anything. I was involved heavily under some projects and what not. Maybe it could be due to lack of motivation too :-P. (will do something about this too).

Anyhow, this post will help you with one of the top features required in any AWS account.

AMI Backups and Retentions

Normally, we would launch a separate server and put our scripts there on cron. However, this will be serverless and we’ll be using AWS Lambda to achieve this.


NOTE: AMI and Instance Names and Name Tags must be between 3 and 128 characters long, may contain letters, numbers, (, ), ., -, / and _ only. Not following this nomenclature will lead to failure of the lambda function.

Here, we are using 2 AWS Lambda functions viz., createAMI and deleteAMI, which will create AMIs and delete AMIs, respectively. Both these functions are explained in detail below. Please note that both the lambda functions cover all the regions.


createAMI

Table of details:

Index Value
Name of the Lambda Function createAMI
Timeout 5 min
Role Permissions ec2:*
Runtime python2.7
File Name createAMI.py
Schedule rate(5 minutes)

Documentation:

The lambda function make use of tags on EC2 intances which provides all the information required to create an AMI. The table below explains the tags required.

Tag Name Format Default Value Mandatory Tag
AMIBackup Yes/No No Yes
AMITime HH:MM 15:00 Yes
Reboot Yes/No No No
Retention Whole Number 7 No

In the above table:

  • AMIBackup: It is used to specify which Instance has to be backed up.
  • AMITime: It is used to specify the time in UTC when the AMI has to be created.
  • Reboot: It is used to specify if the instance has to be rebooted when creating the AMI.
  • Retention: It is used to specify the AMI retention period in days.

deleteAMI

Table of details:

Name Value
Name of the Lambda Function deleteAMI
Timeout 5 min
Role Permissions ec2:*
Runtime python2.7
File Name deleteAMI.py
Schedule cron(00 15 * * ? *)

Documentation:

The lambda function make use of tags on EC2 intances which provides all the information required to delete an AMI. The tags are copied from the instance to AMI via createAMI function. The table below explains the tags required.

Tag Name Format Default Value
AMIBackup Yes/No Copied from Instance
AMITime HH:MM Copied from Instance
Reboot Yes/No Copied from Instance
Retention Whole Number Copied from Instance

In the above table(s):

  • AMIBackup: It is used to specify which Instance has to be backed up. deleteAMI will only get triggered if this tag is present with Yes value.
  • AMITime: It is used to specify the time when the AMI has to be created.
  • Reboot: It is used to specify if the instance has to be rebooted when creating the AMI.
  • Retention: It is used to specify the AMI retention period in days.

Both the scripts are available in Github (HERE).

Thanks for your time. Comments are welcome.

amazon web services aws python lambda automation