I want to share a little utility we wrote, which is basic but can be quite useful. If you have a big environment with lots of instances, EBS volumes and EBS snapshots you sometimes lose your grip and control. I mean specifically in terms of “Is my data protected?” or “Do I have recent enough snapshots to recover my instances if needed.”
Our customers, using N2WS Backup & Recovery, typically don’t need to worry about it, as they have complete control over their EC2 backup operations. However, many EC2 users may find it useful to get a report that will be able to tell which instances and volumes don’t have recent enough snapshots.
This utility, which is a python script, creates a report as a CSV file which gives a list of EBS volumes, with almost all details, including which instance volumes are attached to, and tells how many snapshots there are on each volume, and when the oldest and newest snapshots were taken. Since it’s in CSV format, it’s easy to open it with a spreadsheet (like Excel) and then color the lines according to values.
You can make volumes that have too few snapshots or don’t have a recent enough one to be colored red, ones with more but still not enough can be colored yellow, etc… If you go a bit deeper you can even find out which instances have “red” or “yellow” volumes, to be able to identify them as “unprotected.”
For each volume the following details are given: region, volume id, volume name, volume type, IOPS value, size (GiB), snapshot the volume was created from, instance the volume is attached to, device name, whether the volume is encrypted, number of EBS snapshots on this volume, time and id of oldest snapshot, time and id of newest snapshot. The script is written in Python and will work on Linux or Windows, as long as Python 2.7.3 or newer (not Python 3) is installed, and the “boto” library is installed as well (at least 2.31.1).
Instructions to install boto can be found here: http://boto.readthedocs.org/en/latest/getting_started.html#installing-boto (Or simply download it from https://pypi.python.org/pypi/boto then open the tarball, go in the installation folder and type: python setup.py install) The script is well documented. It can get the AWS credentials from the command line or set defaults in the script itself. If the script is run from within an instance that has a proper IAM role, then no credentials are needed at all.
Usage: The help command looks like this:
python ebs-report.py –help usage: ebs-report.py [-h] [–regions REGIONS] [–access_key ACCESS_KEY]
[–secret_key SECRET_KEY] –file FILE
Creates a CSV report about EBS volumes and tracks snapshots on them.
-h, –help show this help message and exit
–regions REGIONS AWS regions to create the report on, can add multiple
with | as separator. Default will assume all regions
AWS API access key. If missing default is used
AWS API secret key. If missing default is used
–file FILE Path for output CSV file
python ebs-report.py –regions us-east-1 –access_key AKIAIXXXXXXXXXX3N32Q
–secret_key UGSYXXXXXXXXXXXXXXBf0bS/S+OwnA2GrJ0MOY4Y –file d:\my-ebs-report-July-2014.csv
More details can be found in the README file
This script is given as-is with no warranty. You can use it for any purpose, distribute it or modify it, just don’t come complaining to us…