Creates a policy to manage the lifecycle of the specified AWS resources. You can create up to 100 lifecycle policies.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
create-lifecycle-policy
--execution-role-arn <value>
--description <value>
--state <value>
--policy-details <value>
[--tags <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--execution-role-arn
(string)
The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.
--description
(string)
A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.
--state
(string)
The desired activation state of the lifecycle policy after creation.
Possible values:
ENABLED
DISABLED
--policy-details
(structure)
The configuration details of the lifecycle policy.
PolicyType -> (string)
The valid target resource types and actions a policy can manage. Specify
EBS_SNAPSHOT_MANAGEMENT
to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. SpecifyIMAGE_MANAGEMENT
to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. SpecifyEVENT_BASED_POLICY
to create an event-based policy that performs specific actions when a defined event occurs in your AWS account.The default is
EBS_SNAPSHOT_MANAGEMENT
.ResourceTypes -> (list)
The target resource type for snapshot and AMI lifecycle policies. Use
VOLUME
to create snapshots of individual volumes or useINSTANCE
to create multi-volume snapshots from the volumes for an instance.This parameter is required for snapshot and AMI policies only. If you are creating an event-based policy, omit this parameter.
(string)
ResourceLocations -> (list)
The location of the resources to backup. If the source resources are located in an AWS Region, specify
CLOUD
. If the source resources are located on an AWS Outpost in your account, specifyOUTPOST
.If you specify
OUTPOST
, Amazon Data Lifecycle Manager backs up all resources of the specified type with matching target tags across all of the Outposts in your account.(string)
TargetTags -> (list)
The single tag that identifies targeted resources for this policy.
This parameter is required for snapshot and AMI policies only. If you are creating an event-based policy, omit this parameter.
(structure)
Specifies a tag for a resource.
Key -> (string)
The tag key.
Value -> (string)
The tag value.
Schedules -> (list)
The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules—one mandatory schedule and up to three optional schedules.
This parameter is required for snapshot and AMI policies only. If you are creating an event-based policy, omit this parameter.
(structure)
Specifies a backup schedule for a snapshot or AMI lifecycle policy.
Name -> (string)
The name of the schedule.
CopyTags -> (boolean)
Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.
TagsToAdd -> (list)
The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS-added lifecycle tags.
(structure)
Specifies a tag for a resource.
Key -> (string)
The tag key.
Value -> (string)
The tag value.
VariableTags -> (list)
A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats:
$(instance-id)
or$(timestamp)
. Variable tags are only valid for EBS Snapshot Management – Instance policies.(structure)
Specifies a tag for a resource.
Key -> (string)
The tag key.
Value -> (string)
The tag value.
CreateRule -> (structure)
The creation rule.
Location -> (string)
Specifies the destination for snapshots created by the policy. To create snapshots in the same Region as the source resource, specify
CLOUD
. To create snapshots on the same Outpost as the source resource, specifyOUTPOST_LOCAL
. If you omit this parameter,CLOUD
is used by default.If the policy targets resources in an AWS Region, then you must create snapshots in the same Region as the source resource.
If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost as the source resource, or in the Region of that Outpost.
Interval -> (integer)
The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.
IntervalUnit -> (string)
The interval unit.
Times -> (list)
The time, in UTC, to start the operation. The supported format is hh:mm.
The operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon DLM selects a time within the next 24 hours.
(string)
CronExpression -> (string)
The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see Cron expressions in the Amazon CloudWatch User Guide .
RetainRule -> (structure)
The retention rule.
Count -> (integer)
The number of snapshots to retain for each volume, up to a maximum of 1000.
Interval -> (integer)
The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
IntervalUnit -> (string)
The unit of time for time-based retention.
FastRestoreRule -> (structure)
The rule for enabling fast snapshot restore.
Count -> (integer)
The number of snapshots to be enabled with fast snapshot restore.
Interval -> (integer)
The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
IntervalUnit -> (string)
The unit of time for enabling fast snapshot restore.
AvailabilityZones -> (list)
The Availability Zones in which to enable fast snapshot restore.
(string)
CrossRegionCopyRules -> (list)
The rule for cross-Region snapshot copies.
You can only specify cross-Region copy rules for policies that create snapshots in a Region. If the policy creates snapshots on an Outpost, then you cannot copy the snapshots to a Region or to an Outpost. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.
(structure)
Specifies a rule for cross-Region snapshot copies.
TargetRegion -> (string)
The target Region for the snapshot copies.
If you specify a target Region, you must omit Target . You cannot specify a target Region and a target Outpost in the same rule.
Target -> (string)
The Amazon Resource Name (ARN) of the target AWS Outpost for the snapshot copies.
If you specify an ARN, you must omit TargetRegion . You cannot specify a target Region and a target Outpost in the same rule.
Encrypted -> (boolean)
To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.
CmkArn -> (string)
The Amazon Resource Name (ARN) of the AWS KMS customer master key (CMK) to use for EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used.
CopyTags -> (boolean)
Copy all user-defined tags from the source snapshot to the copied snapshot.
RetainRule -> (structure)
The retention rule.
Interval -> (integer)
The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
IntervalUnit -> (string)
The unit of time for time-based retention.
ShareRules -> (list)
The rule for sharing snapshots with other AWS accounts.
(structure)
Specifies a rule for sharing snapshots across AWS accounts.
TargetAccounts -> (list)
The IDs of the AWS accounts with which to share the snapshots.
(string)
UnshareInterval -> (integer)
The period after which snapshots that are shared with other AWS accounts are automatically unshared.
UnshareIntervalUnit -> (string)
The unit of time for the automatic unsharing interval.
Parameters -> (structure)
A set of optional parameters for snapshot and AMI lifecycle policies.
This parameter is required for snapshot and AMI policies only. If you are creating an event-based policy, omit this parameter.
ExcludeBootVolume -> (boolean)
[EBS Snapshot Management – Instance policies only] Indicates whether to exclude the root volume from snapshots created using CreateSnapshots . The default is false.
NoReboot -> (boolean)
Applies to AMI lifecycle policies only. Indicates whether targeted instances are rebooted when the lifecycle policy runs.
true
indicates that targeted instances are not rebooted when the policy runs.false
indicates that target instances are rebooted when the policy runs. The default istrue
(instances are not rebooted).EventSource -> (structure)
The event that triggers the event-based policy.
This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter.
Type -> (string)
The source of the event. Currently only managed AWS CloudWatch Events rules are supported.
Parameters -> (structure)
Information about the event.
EventType -> (string)
The type of event. Currently, only snapshot sharing events are supported.
SnapshotOwner -> (list)
The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.
(string)
DescriptionRegex -> (string)
The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.
For example, specifying
^.*Created for policy: policy-1234567890abcdef0.*$
configures the policy to run only if snapshots created by policypolicy-1234567890abcdef0
are shared with your account.Actions -> (list)
The actions to be performed when the event-based policy is triggered. You can specify only one action per policy.
This parameter is required for event-based policies only. If you are creating a snapshot or AMI policy, omit this parameter.
(structure)
Specifies an action for an event-based policy.
Name -> (string)
A descriptive name for the action.
CrossRegionCopy -> (list)
The rule for copying shared snapshots across Regions.
(structure)
Specifies a rule for copying shared snapshots across Regions.
Target -> (string)
The target Region.
EncryptionConfiguration -> (structure)
The encryption settings for the copied snapshot.
Encrypted -> (boolean)
To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.
CmkArn -> (string)
The Amazon Resource Name (ARN) of the AWS KMS customer master key (CMK) to use for EBS encryption. If this parameter is not specified, your AWS managed CMK for EBS is used.
RetainRule -> (structure)
Specifies the retention rule for cross-Region snapshot copies.
Interval -> (integer)
The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.
IntervalUnit -> (string)
The unit of time for time-based retention.
JSON Syntax:
{
"PolicyType": "EBS_SNAPSHOT_MANAGEMENT"|"IMAGE_MANAGEMENT"|"EVENT_BASED_POLICY",
"ResourceTypes": ["VOLUME"|"INSTANCE", ...],
"ResourceLocations": ["CLOUD"|"OUTPOST", ...],
"TargetTags": [
{
"Key": "string",
"Value": "string"
}
...
],
"Schedules": [
{
"Name": "string",
"CopyTags": true|false,
"TagsToAdd": [
{
"Key": "string",
"Value": "string"
}
...
],
"VariableTags": [
{
"Key": "string",
"Value": "string"
}
...
],
"CreateRule": {
"Location": "CLOUD"|"OUTPOST_LOCAL",
"Interval": integer,
"IntervalUnit": "HOURS",
"Times": ["string", ...],
"CronExpression": "string"
},
"RetainRule": {
"Count": integer,
"Interval": integer,
"IntervalUnit": "DAYS"|"WEEKS"|"MONTHS"|"YEARS"
},
"FastRestoreRule": {
"Count": integer,
"Interval": integer,
"IntervalUnit": "DAYS"|"WEEKS"|"MONTHS"|"YEARS",
"AvailabilityZones": ["string", ...]
},
"CrossRegionCopyRules": [
{
"TargetRegion": "string",
"Target": "string",
"Encrypted": true|false,
"CmkArn": "string",
"CopyTags": true|false,
"RetainRule": {
"Interval": integer,
"IntervalUnit": "DAYS"|"WEEKS"|"MONTHS"|"YEARS"
}
}
...
],
"ShareRules": [
{
"TargetAccounts": ["string", ...],
"UnshareInterval": integer,
"UnshareIntervalUnit": "DAYS"|"WEEKS"|"MONTHS"|"YEARS"
}
...
]
}
...
],
"Parameters": {
"ExcludeBootVolume": true|false,
"NoReboot": true|false
},
"EventSource": {
"Type": "MANAGED_CWE",
"Parameters": {
"EventType": "shareSnapshot",
"SnapshotOwner": ["string", ...],
"DescriptionRegex": "string"
}
},
"Actions": [
{
"Name": "string",
"CrossRegionCopy": [
{
"Target": "string",
"EncryptionConfiguration": {
"Encrypted": true|false,
"CmkArn": "string"
},
"RetainRule": {
"Interval": integer,
"IntervalUnit": "DAYS"|"WEEKS"|"MONTHS"|"YEARS"
}
}
...
]
}
...
]
}
--tags
(map)
The tags to apply to the lifecycle policy during creation.
key -> (string)
value -> (string)
Shorthand Syntax:
KeyName1=string,KeyName2=string
JSON Syntax:
{"string": "string"
...}
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
To create a lifecycle policy
The following create-lifecycle-policy
example creates a lifecycle policy that creates a daily snapshot of volumes at the specified time. The specified tags are added to the snapshots, and tags are also copied from the volume and added to the snapshots. If creating a new snapshot exceeds the specified maximum count, the oldest snapshot is deleted.
aws dlm create-lifecycle-policy \
--description "My first policy" \
--state ENABLED \
--execution-role-arn arn:aws:iam::12345678910:role/AWSDataLifecycleManagerDefaultRole \
--policy-details file://policyDetails.json
Contents of policyDetails.json
:
{
"ResourceTypes": [
"VOLUME"
],
"TargetTags": [
{
"Key": "costCenter",
"Value": "115"
}
],
"Schedules":[
{
"Name": "DailySnapshots",
"CopyTags": true,
"TagsToAdd": [
{
"Key": "type",
"Value": "myDailySnapshot"
}
],
"CreateRule": {
"Interval": 24,
"IntervalUnit": "HOURS",
"Times": [
"03:00"
]
},
"RetainRule": {
"Count":5
}
}
]
}
Output:
{
"PolicyId": "policy-0123456789abcdef0"
}