Predefined post-launch actions - AWS Elastic Disaster Recovery

Predefined post-launch actions

AWS Elastic Disaster Recovery allows you to run various predefined post-launch actions on your EC2 launched instance. Use these out-of-the-box actions to validate your launch or improve your launch flexibility.

Choose from a variety of predefined post-launch actions

Note

Currently, only the following predefined post-launch actions are supported in the Middle East (UAE) Region:

  • Enable SSM

  • CloudWatch agent installation

  • Create AMI from instance

  • Volume integrity validation

  • Process status validation

  • Validate disk space

  • EC2 connectivity check

  • HTTP/HTTPS response validation

  • Verify tags

Enable SSM

The AWS Systems Manager (AWS SSM) allows AWS Elastic Disaster Recovery to run post-launch actions on your recovery instances after they are launched. When you activate the post-launch actions, AWS Elastic Disaster Recovery will install the AWS SSM agent.

The AWS SSM agent must be installed for any other post-launch action to run. Therefore, this is the only post-launch action that is activated by default and cannot be deactivated. Learn more about SSM.

Install a CloudWatch Agent

Use the CloudWatch agent installation feature to install and configure the CloudWatch Agent and Application Insights. The launched instance will require the following policies:

CloudWatchAgentServerPolicy – The permissions required to use AmazonCloudWatchAgent on servers

AmazonSSMManagedInstanceCore – The policy for Amazon EC2 Role to enable AWS Systems Manager service core functionality

To ensure that the launch instance has the right policies, create a role that has the required permissions as per the policies above or have access to a role with those permissions. Go to Launch settings > EC2 launch template > Modify > Advance > IAM instance profile. Use an existing profile or create a new one using the Create new IAM profile link.

Note

You must attach both policies to the template for the CloudWatch agent to operate. Without the CloudWatchAgentServerPolicy, the action will still be marked as successful but the CloudWatch Agent will not be active. Configuring the Application Insights is optional. You can choose to skip the Application Insights agent configuration and only install the CloudWatch agent. To do so, simply provide the required parameterStoreName parameter and leave the other parameters empty.

Learn more about the CloudWatch Agent.

Create AMI from instance

Use the Create AMI from Instance feature to create a new Amazon Machine Image (AMI) from your AWS DRS launched instance.

The action uses the following APIs:

To allow the SSM document to run these APIs, you will need to have the required permissions or have access to a role with those permissions and then provide the role’s ARN as an input parameter to the SSM automation document. Learn more about creating AMI from instance.

Configure Time Sync

Use the Time Sync feature to set the time for your Linux instance using ATSS.

Learn more about Amazon Time Sync.

Volume integrity validation

Use the Volume integrity validation to ensure that EBS volumes on the launched instance are:

  • The same size as the source (rounded up)

  • Properly mounted on the Amazon EC2 instance

  • Accessible

This feature allows you to conduct the required validations automatically and saves the time of manual validations.

Note

Up to 50 volumes can be checked in a single action.

Process status validation

Use the Process status validation feature to ensure that processes are in running state following instance launch. You will need to provide a list of processes that you want to verify, and define how long the service should wait before testing begins.

To check a specific process that should run multiple times, include it several times in the list.