Snapshotting Windows EC2 Instances with Powershell – Part 1

As you likely already know, there’s isn’t an option to schedule EC2 instance snapshots within the AWS console.

A popular way to address this would be to use Boto3, AWS’ SDK for Python.  However, it is also possible to initiate EC2 snapshots with Powershell.

Why would you want to do this with Powershell?  

Let’s say you’ve got a Windows server in EC2 with certain requirements before snapshotting- stopping a service or database, etc.  Powershell is a natural fit for interacting with such dependencies in Windows.  In short, it can be more convenient.

In this post, we’ll be running our Powershell script on the Windows Server 2016 instance we want to snapshot.

Let’s go step-by-step to get this up and running.

Installing and Configuring AWS Tools for Powershell

We’ll need AWS Tools for Windows Powershell on our machine initiating the snapshots.  Since we’re using the standard Windows Server 2016 AMI, its already installed.

 

powershell10.png

 

Creating a IAM user & saving keys to the credential store

We’ll need to specify our AWS credentials when running our script.  I’ve gone through creating IAM users and policies previously. For this example, I’ll just use the AmazonEc2FullAccess role. It’s more permissions than necessary, but the temporary purposes of this example, it will be fine.

powershell3.png

powershell4.png

Back on our Windows instance, we’ll use the Set-AWSCredential cmdlet to store our Access and Secret keys. More info about this can be found here.

Set-AWSCredential -AccessKey AKIAIOSFODNN7EXAMPLE -SecretKey wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY -StoreAs MyProfileName

powershell6.png

 

Initiating the Snapshot

Now, we’ll create our Powershell script to take the snapshot that does the following:

  • Initialize the Powershell session with the AWS creds created above (be sure to change the region as appropriate)
  • We read the InstanceID from the metadata where we are running the script
  • We get a list of all the volumes currently attached to the instance
  • Then we take a snapshot of each of the volumes found in the previous step

I came across this approach here.

#setup for cmdlets to use creds
Initialize-AWSDefaultConfiguration -ProfileName myProfileName -Region us-east-1

# Pull InstanceID from EC2 metadata
$MyInstanceID = (New-Object System.Net.WebClient).DownloadString("http://169.254.169.254/latest/meta-data/instance-id")

# Query for volumes that are attached to my Instance Id
$volumes = (Get-EC2Volume).Attachment | where {$_.InstanceId -eq $MyInstanceID } | Select VolumeId

# Snapshot each attached volume
foreach ($volume in $volumes)
{
    New-EC2Snapshot $volume.VolumeId -Description "PS Snapshot for instance $MyInstanceID"
}

Running the script in Powershell manually, returns the following:

snapshot1.png

Taking a peak in the EC2 Console, you’ll find the Snapshot was created.

snapshot2.png

In Part 2, w’ll expand the script to handle cleanup of old snapshots and attach it as a scheduled task.

 

One thought on “Snapshotting Windows EC2 Instances with Powershell – Part 1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s