Automating Disaster Recovery with EBS Data Lifecycle Manager

Stateful applications running on EC2 instances rely on Elastic Block Store (EBS) volumes for persistent data storage. Without a rigorous, automated backup strategy, an accidental deletion or availability zone failure can result in catastrophic data loss.

AWS Data Lifecycle Manager (DLM) provides a simple, automated way to manage the creation, retention, and deletion of EBS snapshots. Instead of writing custom cron jobs or Lambda functions, DLM allows you to define policies based on resource tags. It ensures your disaster recovery objectives (RPO and RTO) are met seamlessly.

A DLM lifecycle policy specifies a target tag (e.g., Backup = Daily), a schedule (e.g., every 24 hours), and a retention rule (e.g., keep the last 7 snapshots). The following Terraform snippet creates an IAM role and a DLM policy to automatically backup tagged production volumes every night.

resource "aws_dlm_lifecycle_policy" "daily_backup" {
  description        = "Daily EBS Backup Policy"
  execution_role_arn = aws_iam_role.dlm_lifecycle_role.arn
  state              = "ENABLED"

  policy_details {
    resource_types = ["VOLUME"]
    
    target_tags = {
      Backup = "Daily"
    }

    schedule {
      name = "Nightly Snapshots"

      create_rule {
        interval      = 24
        interval_unit = "HOURS"
        times         = ["08:00"]
      }

      retain_rule {
        count = 7
      }
    }
  }
}