Backup & Restore of AWS Parameter Store aka DR Solution

www.davehall.com.au
  1. Take Backup of Given /SSM path and its sub-paths.
  2. Must store the backup on reliable storage like AWS S3.
$ python3 backup.py '/Test' 'us-east-1' 'test-davinder-s3' 'SSM/'
{"@timestamp": "2021-03-23 11:27:49,565","level": "INFO","thread": "MainThread","name": "root","message": "SSM Parameter Path: /Test and its sub paths"}
{"@timestamp": "2021-03-23 11:27:49,574","level": "INFO","thread": "MainThread","name": "botocore.credentials","message": "Found credentials in environment variables."}
{"@timestamp": "2021-03-23 11:27:51,525","level": "INFO","thread": "MainThread","name": "root","message": "taking backup of key-pair at: /Test/xxxxxxx/API_KEY"}
{"@timestamp": "2021-03-23 11:27:51,525","level": "INFO","thread": "MainThread","name": "root","message": "taking backup of key-pair at: /Test/xxxxxxx/PASSWORD"}
{"@timestamp": "2021-03-23 11:27:51,525","level": "INFO","thread": "MainThread","name": "root","message": "taking backup of key-pair at: /Test/xxxxxxx/USERNAME"}
{"@timestamp": "2021-03-23 11:27:54,716","level": "INFO","thread": "MainThread","name": "root","message": "backup upload successful at s3://test-davinder-s3/SSM/21-03-23.json"}
{"@timestamp": "2021-03-23 11:27:54,716","level": "INFO","thread": "MainThread","name": "root","message": "cleaned temp files."}
$ python3 restore.py '/DAV' 'us-east-1' 'test-davinder-s3' 'SSM/'
{"@timestamp": "2021-03-23 11:22:15,773","level": "INFO","thread": "MainThread","name": "botocore.credentials","message": "Found credentials in environment variables."}
{"@timestamp": "2021-03-23 11:22:17,599","level": "INFO","thread": "MainThread","name": "root","message": "Selected Backup File: SSM/21-03-23.json"}
{"@timestamp": "2021-03-23 11:22:18,426","level": "INFO","thread": "MainThread","name": "root","message": "restoring key-pair at: /DAV/xxxxxxxxx/API_KEY"}
{"@timestamp": "2021-03-23 11:22:21,180","level": "INFO","thread": "MainThread","name": "root","message": "restoring key-pair at: /DAV/xxxxxxxxx/PASSWORD"}
{"@timestamp": "2021-03-23 11:22:21,589","level": "INFO","thread": "MainThread","name": "root","message": "restoring key-pair at: /DAV/xxxxxxxxx/USERNAME"}
{"@timestamp": "2021-03-23 11:22:22,001","level": "INFO","thread": "MainThread","name": "root","message": "cleaned up temp files"}
  1. Application won’t handle credentials of AWS. You must check the boto3 guide for it.
  2. Application won’t create an s3 bucket, it assumes you have it will right bucket policies.
  3. Application won’t encrypt any data. It assumes you have enabled AWS S3 Server Side Encryption.
  4. S3 Bucket Prefix should be unique because the application assumes backup files that end with jsononly.
  5. PEP8 Rules are not followed by me.
  6. Application won’t take backup of SSM Parameter description and tags currently.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Davinder Pal

Davinder Pal

Principal Software Architect I ( R&D DevOps )