Amazon Data Lifecycle Manager

Automate lifecycle management of EBS Snapshots and EBS-backed AMIs

Amazon Data Lifecycle Manager provides an automated, policy-based lifecycle management solution for Amazon Elastic Block Store (EBS) Snapshots and EBS-backed Amazon Machine Images (AMIs). Automate the creation of point-in-time copy of your block storage data with user-defined policies that you can customize based on data protection needs. Amazon Data Lifecycle Manager requires no scripting or special training. The graphical user interface (GUI) makes it easier to automate the creation, retention, and deletion of EBS Snapshots and AMIs. This can be done at regular frequencies and with custom cron expressions. This feature removes the need to manage your code, mitigating the human error associated with maintaining scripts.

When combined with the monitoring features of Amazon CloudWatch and AWS CloudTrail, Amazon Data Lifecycle Manager provides a complete lifecycle management and backup solution for Amazon Elastic Compute Cloud (EC2) instances and individual EBS volumes at no additional cost.

Use cases and benefits

Protect your data by enforcing a regular backup schedule. Amazon Data Lifecycle Manager provides automated process control with a data protection plan for your valuable data. Gain the ability to create streamlined disaster recovery polices that back up your data to isolated accounts. Amazon Data Lifecycle Manager provides an effective solution for Amazon EBS users to retain backups for audit or compliance needs. As part of Amazon EBS, Amazon Data Lifecycle Manager is SOC, PCI, Federal Risk and Authorization Management Progam (FedRAMP), and ISO compliant—it is also HIPAA eligible. You can also enable account-level default policies to ensure comprehensive protection for all critical workloads in your account.
Define policy and schedule to automate the creation, retention, and deletion of EBS Snapshots and AMIs at regular intervals. You can automate the creation of application-consistent EBS Snapshots by providing pre-scripts to pause I/O and flush buffer to disk, and post-scripts to resume I/O operations as well as patch your workloads. Pre-built scripts are available through existing AWS Systems Manager (SSM) documents, or you can bring your own SSM documents to coordinate actions before and after snapshot initialization. The SSM documents will help you create application-consistent snapshots for MySQL, PostgreSQL, SAP HANA, InterSystems IRIS, Electronic Health Records systems, and Windows applications. Monitor your Amazon Data Lifecycle Manager policies using Amazon CloudWatch, which collects raw data and processes it into readable, near real-time metrics. You can use these metrics to see exactly how many EBS Snapshots and EBS-backed AMIs are created, deleted, and copied by your policies over time. You can also set alarms that send notifications or take action when specified thresholds are met.
Save costs by consistently applying customized policies to back up your EBS volumes based on criticality of data. Amazon Data Lifecycle Manager helps you manage your EBS resources more efficiently. You can build a policy to facilitate daily creation and retention schedules of EBS Snapshots for your most critical applications—a less frequent schedule can be applied to cold data. You can also regularly clean up snapshots by creating policy-controlled deletion of outdated snapshots to reduce storage costs. For EBS-backed AMIs, Amazon Data Lifecycle Manager will automatically deregister the AMIs at the end of their retention and delete the underlying snapshots. This prevents you from otherwise having to manually delete snapshots and potentially incurring cost if forgotten.
Gain the flexibility to use API, AWS Command Line Interface (CLI), AWS SDKs, Terraform, and AWS CloudFormation to create and manage policies. With Amazon Data Lifecycle Manager, you also have the flexiblity to run policies for three different resource types: individual EBS volumes, a group of EBS volumes attached to an EC2 instance, or an EC2 instance. You can also create event-based policies to automate copying of snapshots to separate accounts, and encrypt the snapshots with a different AWS Key Management Service (KMS) key. This adds an additional layer of protection to your data if any accounts are compromised.

How it works

  • Amazon EBS Snapshots policy
  • Diagram of the policy creation workflow, which automates management of EBS Snapshots.
  • Amazon EBS-backed AMI policy
  • Diagram of the policy creation workflow, which automates management of EBS-backed AMIs.
  • Event-based policy
  •  Diagram of the event-based policy creation workflow.

Videos

Work smarter, not harder: A pragmatic way to meet recovery objectives with EBS resources (32:36)
Amazon Data Lifecycle Manager—Monitor Policy Actions with CloudWatch Metrics (1:40)
Managing Amazon EBS Snapshots and AMIs with Amazon Data Lifecycle Manager (20:20)
Amazon Data Lifecycle Manager—Monitor policy state changes (1:53)
Amazon Data Lifecycle Manager—Monitor Policies with CloudWatch Events (1:21)

Blogs and articles

Blog

Blog

Automating Amazon EBS snapshot and AMI management using Amazon Data Lifecycle Manager

July 14th, 2021
by Sudhakar Mungamoori and Vaibhav Khunger
Blog

Automating copying encrypted Amazon EBS snapshots across AWS accounts

December 17th, 2020
by Denton He and Chakrapani Ramasundaram