How To Automate AWS EBS Snapshot Using AWS Snapshot Lifecycle Policy

To take the snapshot, any API calls needs necessary permission. Here AWS created a default role called AWSDataLifecycleManagerServiceRole for this with the following policy.

{
“Version”: “2012–10–17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: [
“ec2:CreateSnapshot”,
“ec2:DeleteSnapshot”,
“ec2:DescribeVolumes”,
“ec2:DescribeSnapshots”
],
“Resource”: “*”
},
{
“Effect”: “Allow”,
“Action”: [
“ec2:CreateTags”
],
“Resource”: “arn:aws:ec2:*::snapshot/*”
}
]
}

It has to be able to create the snapshot on all the regions.

This will take the snapshots based on the tags. So all of your EBS volumes(which all are needs to be take the snapshot) must be tagged before enabling this policy.

Create the Snapshot lifecycle policy:

Go to EC2 console.

Under the Elastic Block Store, you can see the Lifecycle Manager.

Click Create snapshot policy.

Description: Give a name for your policy.

Target volumes with tags: Type your tag [ Key : Value], or simply select it from the drop-down list.

Schedule name: Give a name for your schedule.

Create snapshots every: Choose 12hr or 24hr.

Snapshot creation start time: Set the start time in UTC.

Retention rule: Set the retention period in number.

Tag created snapshots: If need you can set the Tag for the snapshot. But by default the below tag are going to be applied.
aws:dlm:lifecycle-policy-id
aws:dlm:lifecycle-schedule-name

IAM role: It’ll automatically choose the default role, if need you can assign your own roles.