Skip to content

Instantly share code, notes, and snippets.

@lantrix
Created February 19, 2020 11:58
Show Gist options
  • Save lantrix/cd6c7b651424c4829cd962b1f9589cf6 to your computer and use it in GitHub Desktop.
Save lantrix/cd6c7b651424c4829cd962b1f9589cf6 to your computer and use it in GitHub Desktop.
# Name of our service
service: daily-instance-snapshot
# The required version of serverless we have to be using for this to work
frameworkVersion: ">=1.26.0 <2.0.0"
##############################
# Our service provider and runtime/region definitions
##############################
provider:
name: aws # Which provider to use
description: "AWS Automated Instance AMI Snapshots and Volumes"
stage: ${opt:stage, 'prod'} # Which stage to deploy to
runtime: python3.6 # Which Lambda runtime to use
logRetentionInDays: 30 # How many days we want to maintain logs in CloudWatch
region: 'ap-east-1' # Which AWS region to deploy in, eu-west-1 by default, but overridable
memorySize: 128 # In megabytes, 128 minimum in 64MB increments
timeout: 300 # In seconds
versionFunctions: true # We want to version our functions so we can revert if we need to
cfLogs: true # This allows us to customize our expiration time of our CloudWatch Log Buckets
environment:
DEFAULT_RETENTION_TIME: "7" # This is the number of days by default to store AMIs for
LIMIT_TO_REGIONS: "ap-east-1" # Use this to limit what region(s) you'd like this lambda to scan. Comma-delimited, by default scan all regions. Put in eg: "eu-west-1" here
DRY_RUN: "false" # If this env variable is set to true it will only print what it would do, not actually do it
KEY_TO_TAG_ON: "AWSAutomatedDailySnapshots" # This is the key we will scan for to detect if this script is managing a snapshot, by default this is "AWSAutomatedDailySnapshots". Warning: the first version of this plugin had this value at: FarleysBackupInstanceRotater but it has since changed. Please go manually delete any AMIs with the old name
iamRoleStatements:
# We must be able to do what this script needs to do...
- Effect: Allow
Action:
- ec2:CreateImage
- ec2:CreateSnapshot
- ec2:CreateTags
- ec2:DeleteSnapshot
- ec2:DeregisterImage
- ec2:DescribeImages
- ec2:DescribeInstances
- ec2:DescribeSnapshots
- ec2:DescribeVolumes
Resource: "*"
##############################
# Our function definition
##############################
functions:
execute_handler:
description: This does a snapshot of all our instances we want to be manually backed up to AMIs and attempts to delete expired volumes
handler: handler.lambda_handler
events:
- schedule:
description: Once a day for AMI backups
rate: rate(5 minutes)
enabled: true
##############################
package:
exclude:
- ".DS_Store"
- ".git"
- ".gitignore"
- ".serverless"
- "requirements.txt"
- "**.md"
- "*.png"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment