我正在尝试运行一个lambda,该lambda将按计划启动,以便将复制前一天拍摄的所有快照复制到另一个区域,以进行灾难恢复。我有一些代码,但似乎无法按预期工作。
症状:
import boto3
from datetime import date, timedelta
SOURCE_REGION = 'us-east-1'
DEST_REGION = 'us-west-2'
ec2_source = boto3.client('ec2', region_name = SOURCE_REGION)
ec2_destination = boto3.client('ec2', region_name = DEST_REGION)
snaps = ec2_source.describe_snapshots(OwnerIds=['self'])['Snapshots']
yesterday = date.today() - timedelta(days = 1)
yesterday_snaps = [ s for s in snaps if s['StartTime'].date() == yesterday ]
for yester_snap in yesterday_snaps:
DestinationSnapshot = ec2_destination.copy_snapshot(
SourceSnapshotId = yester_snap['SnapshotId'],
SourceRegion = SOURCE_REGION,
Encrypted = True,
KmsKeyId='REMOVED FOR SECURITY',
DryRun = False
)
DestinationSnapshotID = DestinationSnapshot['SnapshotId']
ec2_destination.create_tags(Resources=[DestinationSnapshotID],
Tags=yester_snap['Tags']
)
waiter = ec2_destination.get_waiter('snapshot_completed')
waiter.wait(
SnapshotIds=[DestinationSnapshotID],
DryRun=False,
WaiterConfig={'Delay': 10,'MaxAttempts': 123}
)
调试
您可以通过简单地在代码中放置print()语句来进行调试。
例如:
for yester_snap in yesterday_snaps:
print('Copying:', yester_snap['SnapshotId'])
DestinationSnapshot = ec2_destination.copy_snapshot(...)
日志将显示在CloudWatch Logs中。您可以通过Lambda函数中的“监视”选项卡访问日志。确保Lambda函数具有AWSLambdaBasicExecutionRole权限,以便它可以写入CloudWatch Logs。
今天/昨天
请注意您对yesterday的定义。 Amazon EC2实例在UTC时区运行,因此您对today和yesterday的概念可能与发生的情况不符。
复制快照后(例如,'复制')在快照中添加标签可能比依靠日期来确定要复制的快照更好。
CloudWatch Events规则
而不是每天运行一次此程序,替代方法是:
{
"source": [
"aws.ec2"
],
"detail-type": [
"EBS Snapshot Notification"
],
"detail": {
"event": [
"createSnapshot"
]
}
}
这样,快照将立即创建,无需搜索它们或找出要复制的快照