The purpose of adlm-helper is to ease the EBS snapshot policy management of the new AWS feature Data Lifecyle Management (DLM) overhead. It allows one to focus managing the policies rather than the execution.
The policies are to written in the yaml format (so comments are allowed) not the original DLM json format. However the text structure is following the original json. You can easily generate the yaml file if you have already gotten the policies written in json via online tools like this.
When user create/update/delete DLM policies to/from the created S3 bucket (<account-id>-adlm-helper), the S3 events will trigger the lambda function to create/update/delete the policies to DLM and save the relevant records in DynamoDB.
The deployment of the package is via AWS SAM
You must have below tools installed:
-
AWS Cli (Version must be highter than 1.16.26) Note: If you want to use a different AWS credential other than the default, you will be either required environment variable
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYorAWS_PROFILE. -
Clone this repo
-
Environment variable
S3_BUCKETpoints to the bucket your lambda package will be uploaded to -
Default AWS DLM role created and lambda add to trusted entities
# Create the default dlm role. the role name will be similar to arn:aws:iam::123456789012:role/AWSDataLifecycleManagerDefaultRole
$ aws dlm create-default-role
# Add below to existing role trust policy
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
This option is for user who has Go environment setup and Dep installed.
Simply run:
$ dep ensure
$ make
This option doesn't require installation like option 1.
- Step 1: Create a directory
buildif it doesn't exist - Step 2: Download the
adlmhelperbinary from the release page into thebuildfolder - Step 3: Run
make sam
Please refer to the example in here.