AWS and other interesting stuff

Snapshots Pruning Orphan Handling

An example backup configuration using tags

AWS supplies ready-to-build tools for backup rather than ready-to-use.

In an example setup, snapshots could have Hourly, Daily, Weekly and Monthly tags. They could also have a Retain-Until tag value so that a Lambda function could delete old snapshots on a regular schedule.

Another Lambda function could look for orphan snapshots (where the volume has been deleted), and notify an administrator or just delete the orphans (unless they were tagged Retain).

CLI investigation

Create a 1GB volume

$ aws ec2 create-volume --availability-zone ap-southeast-2a --size 1 --volume-type gp2
{
    "AvailabilityZone": "ap-southeast-2a",
    "Encrypted": false,
    "VolumeType": "gp2",
    "VolumeId": "vol-0e00fad8ea85a3c97",
    "State": "creating",
    "Iops": 100,
    "SnapshotId": "",
    "CreateTime": "2017-01-30T20:59:49.806Z",
    "Size": 1
}
$ aws ec2 create-tags --resources vol-0e00fad8ea85a3c97 --tags Key=Name,Value=my-volume

Create a snapshot:

$ aws ec2 create-snapshot --volume-id vol-0e00fad8ea85a3c97
{
    "Description": "",
    "Encrypted": false,
    "VolumeId": "vol-0e00fad8ea85a3c97",
    "State": "pending",
    "VolumeSize": 1,
    "Progress": "",
    "StartTime": "2017-01-30T21:02:20.000Z",
    "SnapshotId": "snap-02e2b82213833e2ad",
    "OwnerId": "798269391015"
}

Tag the snapshot:

$ aws ec2 create-tags --resources snap-02e2b82213833e2ad --tags Key=Type,Value=Hourly

Create 2 more snapshots:

$ SNAPID=$(aws ec2 create-snapshot --volume-id vol-0e00fad8ea85a3c97 | grep SnapshotId | cut -d \" -f 4)
$ aws ec2 create-tags --resources $SNAPID --tags Key=Type,Value=Hourly

$ SNAPID=$(aws ec2 create-snapshot --volume-id vol-0e00fad8ea85a3c97 | grep SnapshotId | cut -d \" -f 4)
$ aws ec2 create-tags --resources $SNAPID --tags Key=Type,Value=Hourly

List Hourly snapshots:

$ aws ec2 describe-snapshots --filters Name=tag:Type,Values=Hourly | jq '.Snapshots[] | .SnapshotId'
"snap-0ad0a2ab91a912388"
"snap-083a19b7f421fcd61"
"snap-02e2b82213833e2ad"

Create a Daily snapshot:

$ SNAPID=$(aws ec2 create-snapshot --volume-id vol-0e00fad8ea85a3c97 | grep SnapshotId | cut -d \" -f 4)
$ aws ec2 create-tags --resources $SNAPID --tags Key=Type,Value=Daily

List Hourly and Daily snapshots:

$ aws ec2 describe-snapshots --filters Name=tag:Type,Values=Hourly,Daily | jq '.Snapshots[] | {SnapshotId, Tags, VolumeId}'
{
  "SnapshotId": "snap-08fe38026228ff959",
  "Tags": [
    {
      "Value": "Daily",
      "Key": "Type"
    }
  ],
  "VolumeId": "vol-0e00fad8ea85a3c97"
}
{
  "SnapshotId": "snap-0ad0a2ab91a912388",
  "Tags": [
    {
      "Value": "Hourly",
      "Key": "Type"
    }
  ],
  "VolumeId": "vol-0e00fad8ea85a3c97"
}
{
  "SnapshotId": "snap-083a19b7f421fcd61",
  "Tags": [
    {
      "Value": "Hourly",
      "Key": "Type"
    }
  ],
  "VolumeId": "vol-0e00fad8ea85a3c97"
}
{
  "SnapshotId": "snap-02e2b82213833e2ad",
  "Tags": [
    {
      "Value": "Hourly",
      "Key": "Type"
    }
  ],
  "VolumeId": "vol-0e00fad8ea85a3c97"
}

Delete a volume:

$ aws ec2 delete-volume --volume-id vol-0e00fad8ea85a3c97
$ aws ec2 describe-volumes --volume-ids vol-0e00fad8ea85a3c97

An error occurred (InvalidVolume.NotFound) when calling the DescribeVolumes operation: The volume 'vol-0e00fad8ea85a3c97' does not exist.

The snapshots listed above would now be orphans, so a scheduled Lambda function could notify about them or clean them up.

$ aws ec2 delete-snapshot --snapshot-id snap-02e2b82213833e2ad