I am trying to delete orphaned snapshots, but the query I am using keeps giving me snapshots that are deleted. Is there a query I can use to avoid deleted snapshots?
aws ec2 describe-snapshots --snapshot-id snap-00012345cac2b3de1
{
"Snapshots": [
{
"Description": "DescriptionHere",
"Encrypted": false,
"OwnerId": "123456088429",
"Progress": "100%",
"SnapshotId": "snap-00012345cac2b3de1",
"StartTime": "2018-01-24T06:42:50+00:00",
"State": "completed",
"VolumeId": "vol-00123dc456ad5117",
"VolumeSize": 6,
"StorageTier": "standard"
}
]
}
To test your situation, I did the following:
Went to the EC2 Management Console and displayed Amazon EBS Volumes
Created a Snapshot of an EBS Volume: snap-036851d7351b78712
Ran aws ec2 describe-snapshots --snapshot-id snap-036851d7351b78712
It returned a result similar yours
Deleted the Snapshot in the Management Console
Ran the above command again. The result was:
An error occurred (InvalidSnapshot.NotFound) when calling the DescribeSnapshots operation: The snapshot 'snap-036851d7351b78712' does not exist.
So, I was unable to reproduce your situation.
I then wondered whether the Snapshot might be associated with an AMI. I did the following:
Created an AMI of an existing Amazon EC2 instance
Waited until the AMI creation was complete
Listed Snapshots in the console -- a new snapshot appeared snap-047563373ab4c1088
I then tried to delete the snapshot, but received the message:
snap-047563373ab4c1088: The snapshot snap-047563373ab4c1088 is currently in use by ami-0fc62425d087dbbe8
I then 'deregistered' (deleted) the AMI and it told me that the associated Snapshot would not be deleted:
I then manually deleted the Snapshot in the console
I used describe-snapshots and it said that the snapshot did not exist
So, perhaps your Snapshot is associated with an AMI and it was never actually deleted?
Related
When I terminated an EC2 instance, I thought the EC2 instance would be terminated after additional EBS Volume (not root volume) was detached.
However, even if I look up Cloudtrail, I couldn't find the event named DetachVolume.
When I terminate an EC2 instance, does EBS do something like disconnection without being detached?
What's happening with EBS Volume when an EC2 instance is terminated?
When an AWS EC2 instance is terminated, the AWS EBS volume attached to it either gets detached and deleted or just gets detached and doesn't get deleted. That depends on the value of the attribute named Delete on termination of the attached AWS EBS volume. You can see this on the AWS EC2 console by selecting the AWS EC2 instance and then navigating to the storage tab.
By default, its value is True for the root volume and False for the other volumes.
You can modify this value using AWS CLI only. From the AWS EC2 console, you can set its value when launching a new instance only. For already running AWS EC2 instance, use AWS CLI.
Examples using AWS CLI are below:
Using a .json file: aws ec2 modify-instance-attribute --instance-id i-a3ef245 --block-device-mappings /path/to/file.json
.json file format:
[
{
"DeviceName": "/dev/sda1",
"Ebs": {
"DeleteOnTermination": false
}
}
]
Using a .json object inline: aws ec2 modify-instance-attribute --instance-id i-a3ef245 --block-device-mappings "[{\"DeviceName\": \"/dev/sda\",\"Ebs\":{\"DeleteOnTermination\":false}}]"
For more information, check this out: How can I prevent my Amazon EBS volumes from being deleted when I terminate Amazon EC2 instances?
When an instance terminates, the value of the DeleteOnTermination attribute for each attached EBS volume determines whether to preserve or delete the volume. By default, the DeleteOnTermination attribute is set to True for the root volume, and is set to False for all other volume types.
Delete on termination - false
Volume ID Device name Size Status Encrypt KMS ID Delete on Termination
vol-09*** /dev/xvda 8 Attached No – Yes
vol-03** /dev/sdb 8 Attached No – No
Status after termination of instance : Available
Delete on Termination - True
Volume ID Device name Size Status Encrypt KMS ID Delete on Termination
vol-09*** /dev/xvda 8 Attached No – Yes
vol-03** /dev/sdb 8 Attached No – Yes
Status of EBS vol. apart from Root volume after termination of instance : deleted
I have an AWS EC2 machine I want to attach storage to which after its shutdown isn't deleted. The management should be done using Cloudformation.
I so far, do this using the following snippet:
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sda",
"Ebs": {
"DeleteOnTermination": "false",
"VolumeSize": "10",
"VolumeType": "gp2"
}
}
],
Reading also about AWS:EC2:Volume and AWS:EC2:VolumeAttachment can somebody explain the differences? What are the benefits and disadvantage using one way over the other? How do I use the other methods together with an EC2 instance?
AWS:EC2:Volume just creates a new EBS volume. It's not Available for Use
AWS:EC2:VolumeAttachment allows you to attach the new volume to a running EC2 instance where it will be exposed as a block (storage) device.
So, you need to do AWS:EC2:Volume first to know the VolumeId, and then supply it to AWS:EC2:VolumeAttachment
{
"Type":"AWS::EC2::VolumeAttachment",
"Properties" : {
"Device" : String,
"InstanceId" : String,
"VolumeId" : String
}
}
You use BlockDeviceMappings when you create an AMI or when you launch a new EC2 instance.
You use AWS::EC2::VolumeAttachment when you attach an EBS volume to a running EC2 instance. You can attach multiple additional EBS volumes.
You can also attach and detach root device as mentioned here
If an EBS volume is the root device of an instance, you must stop the instance before you can detach the volume.
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html
One of RDS instance running within our account is deleted. We would like to find out who and when it is deleted.
Is there a way to find a log of that somewhere?
How can I see the events on RDS instance which is deleted
The when can be checked form the Events of your RDS dashboard page:
You can retrieve events for your RDS resources through the AWS Management Console, which shows events from the past 24 hours
If it happened earlier, you can use the CLI which retrieves events up to 14 days
[xxx#xxxx ~]# aws rds describe-events --source-identifier test --source-type db-instance
{
"Events": [
{
"Date": "2016-05-20T12:58:26.529Z",
"Message": "DB instance deleted",
"SourceIdentifier": "test",
"EventCategories": [
"deletion"
],
"SourceType": "db-instance"
}
]
}
I am trying to launch an autoscaling group with a single m3.medium instance and attached EBS using CloudFormation (CFN). I have succeeded in doing everything but the EBS part. I've tried adding the following block to my CFN template (as a property of the AWS::AutoScaling::LaunchConfiguration block):
"BlockDeviceMappings": [
{
"DeviceName": "/dev/sdf",
"Ebs": { "VolumeSize": 100, "VolumeType": "gp2" }
}
]
Without this the launch succeeds. When I include it, aws hangs while trying to create the autoscaling group. There are no error messages to help debug this issue. I've tried creating an EBS through aws console and attaching to the launched m3 instance manually, and this works, but I need to do it through CFN to conform to our automated deployment pipeline.
Are there other resources I need to create in the CFN template to make this work?
If that's a verbatim block, then you add quotes to volume size (doc is very misleading, as all data types are strings). Here's one that's worked fine for me, and I see no differences:
"BlockDeviceMappings": [
{
"DeviceName": {
"Ref": "SecondaryDevice"
},
"Ebs": {
"VolumeType": "gp2",
"VolumeSize": "10"
}
}
]
In general, if you need to troubleshoot ASGs, add SNS notifs for launch failures to the auto scaling group (http://docs.aws.amazon.com/AutoScaling/latest/DeveloperGuide/ASGettingNotifications.html). You may find that you're on your last hundred gigs of EBS limit (not likely) or that your AMI doesn't like the device type or label you're trying to use (somewhat more likely).
Update:
After speaking with AWS support, I resolved this issue. It turns out that AWS makes a distinction between an instance-store-backed and ebs-backed ami. You can only add the BlockDeviceMappings property when using an ebs-backed ami, and I was using the other kind. Luckily, there is a way to convert instance-store-backed to ebs-backed, using this procedure:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-instance-store.html#Using_ConvertingS3toEBS
I am creating an RDS instance using CloudFormation using this:
"Resources": {
"myDB": {
"Type": "AWS::RDS::DBInstance",
"Properties": {
"AllocatedStorage": "5",
"DBInstanceClass": "db.m1.small",
"Engine": "MySQL",
"EngineVersion": "5.5",
"DBName": "mydb",
"MasterUsername": {
"Ref": "DBUser"
},
"MasterUserPassword": {
"Ref": "DBPassword"
},
"DBParameterGroupName": {
"Ref": "myRDSParamGroup"
}
}
}
and it all works. But I need to run initial SQL on the DB when its created, to setup my apps schema. My current approach is to have the app self migrating, but I'd like to do it in the CloudFormation definition. Is this possible?
No, it's not possible. However, you could have an EC2 instance connect to your RDS instance to do it. I'd probably store a .sql file in S3 and use a cloud-init script on the EC2 instance to download the file and execute it.
It would also be possible to create a CloudFormation custom resource. There is a good discussion about how to build one using SNS here; it is also possible to build one using Lambda. Custom resources are essentially just RPCs, so it wouldn't be difficult to create one to initialize a database with a schema, for example.
CloudFormation still doesn't hold any solutions for us, but hopefully they will add Database Migration Service support soon.
In the meantime, there is great solution if you're using CodePipeline: create a migration stage that invokes a Lambda function to run your migration. I stumbled across this guide for invoking Lambda from CodePipeline that may be helpful for those unfamiliar.
Another option is to use DBSnapshotIdentifier property for AWS::RDS::DBInstance resource. The only catch is that you need to have a DB loaded in AWS to create the snapshot in the first place. From then on, you can automate your cloudformation stack to be using it though.
DBSnapshotIdentifier:
Name (ARN) of the DB snapshot that's used to restore the DB instance.
If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot.
After you restore a DB instance with a DBSnapshotIdentifier property, you must specify the same DBSnapshotIdentifier property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the DBSnapshotIdentifier property, an empty DB instance is created, and the original DB instance is deleted.
Look in the doc from more info:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier