AWS

How to Create a Retention Rule for EBS Volumes via EBS Recycle Bin

The EBS Recyle Bin is a service used for protecting EBS Snapshots and Amazon Machine Images [AMI]s from accidental deletion.
September 24, 2023

Understanding EBS Recycle Bin and Retention Rules

The EBS Recyle Bin is a service used for protecting EBS Snapshots and Amazon Machine Images [AMI]s from accidental deletion. The idea is that as the user creates a large amount of volumes, snapshots, and is managing those actions programmatically, it’s possible to inadvertently delete a volume that wasn’t meant to be deleted. The EBS Recyle Bin allows the user to specify a set of rules called “Retention Rules” which as the name suggests will store the deleted item for a certain period of time.

In this tutorial, our goal is to create a set of retention rules via the EBS Recycle Bin and test that they’ve been properly deployed by deleting an EBS Volume we’ve provisioned in a different tutorial.

Prerequisites

To follow along with this tutorial, you will need:

Accessing the EBS Recycle Bin Service

The EBS Recycle Bin service isn’t obvious to locate. You’ll need to navigate to the snapshots tab of the EC2 Dashboard to locate it.

Step 1 - Navigate to the Snapshots Service and Recycle Bin

1.1 - From the EC2 Dashboard, click on “Snapshots.”

1.2 - From the top right menu, click on “Recycle Bin.”

Figure 3.1 - Retention Rules via EBS Recycle Bin | How to access Recycle Bin
Figure 3.1 - Retention Rules via EBS Recycle Bin | How to access Recycle Bin

Creating a Retention Rule via EBS Recycle Bin

Step 1 - Creating a New Retention Rule

1.1 - From the Recycle Bin Service, click on “Create retention rule.”

Figure 4.1 - Retention Rules via EBS Recycle Bin | Creating a New Retention Rule
Figure 4.1 - Retention Rules via EBS Recycle Bin | Creating a New Retention Rule

Step 2 - Parameters of the Retention Rule (Part 1 / 2)

You can create multiple retention rules based on Snapshots vs AMI, the tags assigned to them, etc. In other words, you may choose to “protect” certain EBS Snapshots for a longer duration than others.

2.1 - From the Rule details, specify an optional name for the rule.

2.2 - From the Rule details, specify an optional description for the rule.

2.3 - From the Retention settings, select the resource type.

Note: The resource type can be an EBS Snapshot or an AMI. For the purpose of this tutorial, we’re going to create a rule for an EBS Snapshot.

Note 2: We’ve selected “Apply to all resources” which means that we’re not going to specify the tags of the resources; choose according to your application / organization.

Figure 4.2 - Retention Rules via EBS Recycle Bin | Specifying Name, Description, and Resource Type for a new Retention Rule of an EBS Volume Snapshot
Figure 4.2 - Retention Rules via EBS Recycle Bin | Specifying Name, Description, and Resource Type for a new Retention Rule of an EBS Volume Snapshot

Step 3 - Parameters of the Retention Rule (Part 2 / 2)

One of the key parameters of the retention rule is how long the asset will be retained (in days). It’s important to note, in case you’ve missed the warning prior to rule creation, that a saved Snapshot or AMI is going to be billed for the retention period. In other words, if you’re not going to come back to the Recyle Bin and review what has been deleted over 3 months ago, there’s no point in paying for those backups. Select a timeframe that is reasonable for your application / organization.

3.1 - From the Rule details, specify an optional name for the rule.

3.2 - From the Rule details, specify an optional description for the rule.

Figure 4.3 - Retention Rules via EBS Recycle Bin | Specifying the Length of Retention and Finalizing the Creation Process
Figure 4.3 - Retention Rules via EBS Recycle Bin | Specifying the Length of Retention and Finalizing the Creation Process

Frequently Asked Questions

Can EBS volumes persist data after termination?

Yes, Amazon Elastic Block Store (EBS) volumes can persist data after the termination of an associated EC2 instance, provided that the volume is specifically configured to do so. When you terminate an EC2 instance, you have the option to either delete or keep the associated EBS volumes. If you choose to keep the EBS volume, it will persist independently of the instance termination. However, it's important to note that if you terminate an instance and delete its associated EBS volume, the data on that volume will be lost unless you've taken prior measures to back it up or snapshot it. So, while EBS volumes can persist data, it's ultimately up to the user to manage and retain that data appropriately.

What is the best way to backup an EBS volume?

Besides using EBS Snapshots as we covered in a separate guide (AWS EBS Volumes), here are some options you may want to consider:

  1. Amazon Data Lifecycle Manager (DLM): DLM is a service provided by AWS that automates the creation, retention, and deletion of snapshots for EBS volumes. You can define backup policies based on tags, schedules, or other criteria, making it easier to manage backup lifecycles.
  2. Third-Party Backup Solutions: There are several third-party backup solutions available in the AWS Marketplace that offer advanced backup and recovery features for EBS volumes. These solutions often provide additional functionalities such as cross-region replication, encryption, and centralized management.
  3. Copying Data to Another EBS Volume: You can manually copy data from one EBS volume to another as a form of backup. This can be done using tools like dd or by mounting both volumes to an EC2 instance and copying the files using standard filesystem utilities.
  4. Database or Application-Level Backups: If your data resides within a database or application running on EC2, you can use built-in backup tools provided by the database/application to create backups. For example, Amazon RDS provides automated backups for relational databases.

The best approach depends on factors such as your specific requirements, budget, and desired level of automation. In most cases, leveraging EBS snapshots and AWS services like AWS Backup or DLM provides a reliable and cost-effective backup solution.

How do I extend an EBS volume without an instance reboot?

Extending an EBS volume without requiring an instance reboot can be achieved using the following general steps:

  1. Backup Data: Before making any changes, it's always recommended to back up your data to prevent data loss in case of any unexpected issues.
  2. Unmount the Filesystem: If the volume is currently mounted, unmount the filesystem to prevent data corruption. You can do this using the umount command on Linux or the Disk Management tool on Windows.
  3. Resize the EBS Volume: Use the AWS Management Console, AWS CLI, or AWS SDKs to resize the EBS volume to the desired size. This operation can be done while the volume is still attached to the instance.
  4. Resize the Filesystem: After resizing the EBS volume, you need to resize the filesystem to make use of the additional space. The method for doing this depends on the filesystem type:
    • For ext2, ext3, or ext4 filesystems on Linux, you can use the resize2fs command.
    • For XFS filesystems on Linux, you can use the xfs_growfs command.
    • For NTFS filesystems on Windows, you can use the Disk Management tool or the extend command.
    • For other filesystem types, consult the appropriate documentation for resizing instructions.
  5. Remount the Filesystem: Once the filesystem has been resized, remount it to make it accessible again.
  6. Verify: Verify that the filesystem and the EBS volume have been successfully resized and that the data is accessible as expected.

These steps can typically be performed without requiring an instance reboot, allowing you to extend the EBS volume while minimizing downtime. However, always ensure you have backups in place and carefully follow the appropriate documentation and best practices to avoid potential data loss or corruption.

What is the most cost effective solution to automatically back up all of your EBS volumes?

AWS Backup

AWS Backup is a fully managed backup service provided by AWS that centralizes and automates backups across multiple AWS services, including EBS volumes. With AWS Backup, you can create backup plans that define backup schedules, retention policies, and backup window settings. You can apply these backup plans to all of your EBS volumes, ensuring consistent and automated backups across your infrastructure. AWS Backup also provides features such as cross-region backup replication and centralized monitoring and reporting. Pricing for AWS Backup is based on the amount of backup storage used and the number of backup operations performed, making it a cost-effective option for managing backups at scale.

Amazon Data Lifecycle Manager (DLM)

Amazon Data Lifecycle Manager (DLM) is another AWS service that automates the creation, retention, and deletion of EBS volume backups (snapshots). With DLM, you can define backup policies based on tags, resource identifiers, or other criteria, allowing you to create custom backup schedules and retention periods for different sets of EBS volumes. DLM integrates with AWS Identity and Access Management (IAM) for access control and provides features such as automated snapshot cleanup to help manage costs. DLM is typically more cost-effective than AWS Backup for organizations primarily concerned with EBS volume backups.

What happens to EBS volume when instance is terminated?

When an EC2 instance is terminated, the behavior regarding its associated Amazon Elastic Block Store (EBS) volumes depends on how the volumes were attached and the termination process:

  1. Delete on Termination: By default, the root volume (the volume on which the operating system is installed) is set to "Delete on Termination." This means that when the instance is terminated, the root EBS volume is automatically deleted. This behavior helps avoid unintended charges for storage that's no longer needed.
  2. EBS Volumes Set to "Delete on Termination": Additional EBS volumes attached to the instance that are also set to "Delete on Termination" will be deleted automatically when the instance is terminated.
  3. EBS Volumes Set to Persist: If additional EBS volumes are attached to the instance and are not set to "Delete on Termination," they will not be automatically deleted when the instance is terminated. Instead, they will remain intact as separate resources in your AWS account.
  4. Manual Deletion: If you explicitly choose to keep the EBS volume upon instance termination (either by unchecking the "Delete on Termination" option during instance termination or by using specific APIs or console options), the EBS volume will persist even after the instance is terminated. In this case, you can attach the volume to another instance or leave it detached until needed.

In summary, the default behavior is for EBS volumes to be deleted upon instance termination if they are set to "Delete on Termination." If you want an EBS volume to persist after termination, you need to explicitly configure it to do so during the termination process. Always ensure that you understand the implications of your choices to avoid unintentional data loss or unnecessary charges.

Conclusion on EBS Recycle Bin & Retention Rules

We’ve successfully created a retention rule from within the Recycle Bin service in AWS. Once you’ve completed the steps above, your new rule should be available via the main dashboard of the Recycle Bin. At this point, you can modify the parameters of the rule as needed.

Figure 5.1 - Retention Rules via EBS Recycle Bin | Finalized Retention Rule Register
Figure 5.1 - Retention Rules via EBS Recycle Bin | Finalized Retention Rule Register