Posted On: Mar 29, 2024
AWS now provides customers with a new AWS managed policy for Microsoft Windows Volume Snapshot Copy Service (VSS) in Amazon Elastic Compute Cloud(EC2) . With this policy, customers no longer have to configure individual permissions or create their own policies to manage VSS. Customers can simply use this new policy to ensure the necessary permissions are in place for creating application-consistent snapshots using the AWS VSS solution.
Volume Shadow Copy Service or VSS is a Microsoft technology that allows application data to be backed up via a snapshot of the data while applications are still running, by coordinating between user applications that update data on disk and those that back up applications. The new managed policy ensures that the right policies are in place so that the VSS snapshot remains application consistent. Customers can configure the managed policy in the AWS Identity and Access Management (IAM) console for AWS VSS solution version 2.3.1 or higher.
This new feature will be available at no additional cost in all AWS commercial, AWS China, and AWS GovCloud (US) Regions. For more information, see AWSEC2VssSnapshotPolicy Managed Policy Doc Update in IAM permissions. To use AWS VSS application-consistent backups through AWS Systems Manager Run Command review Create a VSS application-consistent snapshot and VssInstallAndSnapshot for simplified onboarding. To learn more about using AWS VSS application-consistent backups through AWS Backup review Creating Windows VSS backups. To automate the creation, retention, and deletion of VSS-enabled EBS Snapshots review Creating application-consistent snapshots using Amazon Data Lifecycle Manager.