Hooks
AutoBackup supports executing pre and post hooks upon resource snapshot creation (only PRIMARY snapshot). Hook could be AWS Lambda or HTTP endpoint.
Permissions
To allow Lambdas to be invoked by AutoBackup the prefix of the Lambda function name should start with nc-autobackup (default generated role has permission to invoke Lambda function with this prefix).
HTTP hooks should not require any permissions (for example it could be AWS Lambda triggered by API Gateway with Open security).
Pre hook
Pre hook is executed by AutoBackup in a synchronous mode. That means the system needs to read hook output before continuing the backup process.
AutoBackup expects that the following JSON is returned by hook:
{"continue_processing": true}
If lambda will return {"continue_processing": false}, AutoBackup will not attempt to create a resource snapshot. Otherwise, AutoBackup will continue creating a snapshot.
If hook will fail with error AutoBackup will not attempt to create a resource snapshot, just like case when hook returned {"continue_processing": false}.
AutoBackup sends following JSON as input to pre hook:
{"account_id": "123456789012","region": "eu-west-1","id": "/AWS/arn:aws:ec2:us-east-2:123456789012:volume/vol-abcdef","backup_rpo": "48","replication_region": "eu-west-2","resource_type": "aws-ebs"}
| Field name | Type | Description |
|---|---|---|
| account_id | string | account where resource is stored, cloud provider ID |
| region | string | region where resource is stored |
| id | string | id of a resource |
| backup_rpo | string | RPO defined in resource's backup policy |
| replication_region | string | region to which a snapshot will be replicated |
| resource_type | string | resource type |
Post hook
Post hook is executed by AutoBackup in an asynchronous mode. That means AutoBackup just invokes hook with JSON described below and does not read hook output.
If invoking hook returns an error, AutoBackup will try to send a notification to the user. The backup process won't be stopped (taking REPLICA snapshot).
AutoBackup sends following JSON as input to your post hook:
{"account_id": "123456789012","region": "eu-west-1","id": "/AWS/arn:aws:ec2:eu-west-1:123456789012:volume/vol-abcdef","backup_rpo": "48","replication_region": "eu-west-2","resource_type": "aws-ebs","snapshot": {"ID": "snap-000ddddddd0000000","AccountID": "AWS__77a7777aa77777aaaaa7a77a7a7aaa7a__123456789012","Created": "2018-09-22T12:42:31Z","Region": "eu-west-1","ResourceID": "/AWS/arn:aws:ec2:eu-west-1:123456789012:volume/vol-abcdef","SnapshotType": "PRIMARY","RestoreData": "{\"instance_description\":{},\"version\":1}","Deleted": false}}
| Field name | Type | Description |
|---|---|---|
| account_id | string | account where resource is stored, cloud provider ID |
| region | string | region where resource is stored |
| id | string | id of a resource |
| backup_rpo | string | RPO defined in resource's backup policy |
| replication_region | string | region to which a snapshot will be replicated |
| resource_type | string | resource type |
| snapshot | object | information about snapshot |
| Field name | Type | Description |
|---|---|---|
| ID | string | id of snapshot |
| AccountID | string | id of an account |
| Created | string | date |
| Region | string | region where snapshot exists |
| ResourceID | string | id of a resource |
| SnapshotType | string | snapshot type PRIMARY or REPLICA |
| RestoreData | string | resource description |
| Deleted | bool | snapshot removed or not |