backups using ssm and bash Archives - AWS Security Architect https://awssecurityarchitect.com/tag/backups-using-ssm-and-bash/ Experienced AWS, GCP and Azure Security Architect Thu, 27 Oct 2022 16:50:34 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.1 214477604 AWS Backups using SSM doc and bash https://awssecurityarchitect.com/ec2-security/aws-backups-using-ssm-doc-and-bash/ https://awssecurityarchitect.com/ec2-security/aws-backups-using-ssm-doc-and-bash/#respond Thu, 27 Oct 2022 16:50:34 +0000 https://awssecurityarchitect.com/?p=136 How do I kick off a command line based backup job (AWS backup job) from an SSM Doc?   Create your SSM managed EC2 instance (with the SSM agent installed). […]

The post AWS Backups using SSM doc and bash appeared first on AWS Security Architect.

]]>
How do I kick off a command line based backup job (AWS backup job) from an SSM Doc?

 

  1. Create your SSM managed EC2 instance (with the SSM agent installed). (SSM agent is pre-installed on AWS AMIs, and needs to be installed on custom AMIs).
  2. Use the python script provided in this repo. 
  3. Call the python script from a Command line (for testing purposes). Execution : python ec2_volume_snapshot.py <volume_id> <region_name>
  4. Once tested from the command line, use a bash script to wrap the python command above. The bash script lives in the SSM doc. It runs on the linux OS on an EC2 that is SSM managed.

Sample python program to call aws backup service and perform a backup

import subprocess
import sys
import boto3

def execute_shell_commands(commands):
MyOut = subprocess.Popen(commands,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
stdout,stderr = MyOut.communicate()

#for command in commands:
command_string = ” “.join(commands)
print(“Command executed : %s” % command_string)
if stdout is not None:
stdout = stdout.decode(“utf-8”)
print(“Stdout :\n%s” % stdout)
if stderr is not None:
stderr = stderr.decode(“utf-8”)
print(“Stderr :\n%s” % stderr)

# Run pre-script
execute_shell_commands([‘sudo’, ‘service’, ‘apache2’, ‘stop’])

volume_id = sys.argv[1]

region_name = sys.argv[2]

ec2 = boto3.resource(‘ec2’, region_name=region_name)
volume = ec2.Volume(volume_id)
snapshot = volume.create_snapshot()
snapshot.wait_until_completed()

ec2_client = boto3.client(‘ec2’, region_name=region_name)
snapshot_details = ec2_client.describe_snapshots(SnapshotIds=[snapshot.id])
print(“Snapshot details :\n%s” % snapshot_details)

# Run post-script
execute_shell_commands([‘sudo’, ‘service’, ‘apache2’, ‘start’])
execute_shell_commands([‘sudo’, ‘service’, ‘apache2’, ‘status’])

Sample bash script (in SSM doc) to call a python command

#!/bin/bash

MYSTRING="Do something in bash"
echo $MYSTRING

python - << EOF
myPyString = "Do something on python"
print myPyString

EOF

echo "Back to bash"

 

 

 

The post AWS Backups using SSM doc and bash appeared first on AWS Security Architect.

]]>
https://awssecurityarchitect.com/ec2-security/aws-backups-using-ssm-doc-and-bash/feed/ 0 136