AWS_Backup_OF_EBS_AND_DLM Using Cloud _Formation

Table of contents

No heading

No headings in the article.

Defination : Backup is the process of creating a copy of the data on your system that you use for recovery in case your original data is lost or corrupted. You can also use backup to recover copies of older files if you have deleted them from your system

AWS_ Backup : AWS Backup is a fully-managed service that makes it easy to centralize and automate data protection across AWS services, in the cloud, and on premises. Using this service, you can configure backup policies and monitor activity for your AWS resources in one place.

there are 2 types of backup

1) on demand backup 2) Backup plan

Steps involved :

  1. we have create a ***EC2*** using a tags with { key , value }

  2. we create a role for DLM which is managed policy ( / Data Lifecycle Manager)

  3. we create a DLM_Policy with target tags as ec2

  4. we create a backup plan with a cronjob attach which will automate your backup and mention the life cycle of backup

  5. we create a BackUp_Vault : where our recovery point of resource is stored and has a kms key for encryption

  6. Backup plan selection : specifing the backup_plan id with the list of tag in which the ec2 tag has to be selected fot backup

CLOUD_Formation Script :



Description: VPC ID

Type: AWS::EC2::VPC::Id


Description: Subnet ID

Type: AWS::EC2::Subnet::Id


Description: EC2 InstanceType

Type: String

Default: t2.micro


Description: Ec2 Instance Name

Type: String

Default: ec2-dlm-test


Type: String

Default: ami-05842f1afbf311a43


Description: Name of an existing EC2 KeyPair to enable SSH access to the instance

Type: AWS::EC2::KeyPair::KeyName

ConstraintDescription: must be the name of an existing EC2 KeyPair. InstanceType:

Description: WebServer EC2 instance type

Type: String

Default: t2.micro

ConstraintDescription: must be a valid EC2 instance type.


Description: The IP address range that can be used to SSH to the EC2 instances

Type: String

MinLength: 9

MaxLength: 18


AllowedPattern: (\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})/(\d{1,2}) ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.

AWS_resource :

under resource in cloud formation template

1) EC2 and SG:

creation of Ec2 with tags and creating a sg to specify in the Ec2 while creating and taking the required values from template parameters like subnet id and vpc id .

2) DLM Life Cycle policy & DLM ROLE :

create a role and attach it to the DLM life cycle

creating Dlm policy for volume of EC2 calling it using a tags mentioned in the Ec2 and scheduled time of dlm mention the specfic time of interval and the no of snap shot count has to be mentioned

3) Backup :

create a backup role and attach it to the backup selection and create a backup vault and valut key ( optional )

schedule a Backup job in Aws backup using cronjob

please follow the GITHUB link for the cloud formation template

###Follow on git hub and hashnode for more such updates###