AWS Snapshots with SNS and Lambda Email Notification Setup

Backup Radar can monitor your EC2 EBS volume snapshots, as well as your RDS cluster and database snapshots. This guide will walk you through how to configure reporting using Amazon SNS and Amazon Lambda. We currently support EBS Volume Snapshots, and RDS cluster and individual database snapshots.

Create a role for Backup Radar

  1. Log in to your AWS account, and navigate to IAM
  2. Create a role named BackupRadar and choose Lambda under "Choose the service that will use this role"
  3. Select the following permissions:
    • AmazonEC2ReadOnlyAccess
    • AmazonRDSReadOnlyAccess
    • AmazonSNSFullAccess
  4. Add any tags if you wish, and move on to Review
  5. Name the role BackupRadar


Set up Simple Notification Service

  1. Navigate to SNS
  2. Create a new topic named BackupRadarAlerts using the default settings
  3. Copy the ARN to a text document for later
  4. Add a subscription to the topic using the "Create subscription" button
  5. Select the Email protocol
  6. In the Endpoint field put your email address
  7. Log in to your Rackspace inbox and confirm the subscription (Contact support if you need assistance accessing your inbox)


Create the Lambda function

  1. Navigate to Lambda
  2. Create a function named backupRadarAlerts
  3. Choose Python 3.7 as your Runtime
  4. Under Permissions, change Execution role to "Use an existing role," and select the role we created in Step 1
  5. Create the functionmceclip2.png
  6. Scroll down to the Function code section, and delete the example code
  7. Download our Python script and paste the contents in to the text editor inside Lambdamceclip3.png
  8. Under the Environment variables section create a variable named SNS_ARN, and paste the ARN you saved from Step 2mceclip4.png
  9. Under Basic settings change the timeout to 6 seconds
  10. Save your settings using the orange Save button at the top of the page

Configure CloudWatch Alerts to trigger the Lambda Function

  1. Navigate to CloudWatch
  2. Under Events -> Rules, create a new rule
  3. Select the Service Name you want to monitor (EC2 or Relational Database Service (RDS))
  4. Select the Event Type you want to monitor:
    • For EC2 match your settings like below
    • mceclip0.png
    • For RDS you can select either of the following event types:
      • RDS DB Cluster Snapshot Event
      • RDS DB Snapshot Event
  5. Name the rule according to the event type (Ex: BR-EC2-Alerts)
  6. Repeat this process for the other events you want Backup Radar to monitor
  7. If you set up EBS Snapshot notifications, please see the section below titled "EBS Volume Tagging" about tagging your volumes for the Device Name

EBS Volume Tagging

The Lambda function will check for a SERVER_NAME tag on each volume it sends an alert on, and use that instead of the Volume ID for the device name you'll see in Backup Radar. If the tag is not present, it will just use the Volume ID as the device name. 


Article is closed for comments.