AWSEC2-SQLServerDBRestore
Description
The AWSEC2-SQLServerDBRestore runbook restores Microsoft SQL Server
database backups stored in Amazon S3 to SQL Server 2017 running on an Amazon Elastic Compute Cloud (EC2)
Linux instance. You may provide your own EC2 instance running SQL Server 2017 Linux.
If an EC2 instance is not provided, the automation launches and configures a new
Ubuntu 16.04 EC2 instance with SQL Server 2017. The automation supports restoring
full, differential, and transactional log backups. This automation accepts multiple
database backup files and automatically restores the most recent valid backup of
each database in the files provided.
To automate both backup and restore of an on-premises SQL Server database to an
EC2 instance running SQL Server 2017 Linux, you can use the AWS-signed PowerShell
script MigrateSQLServerToEC2Linux
Important
This runbook resets the SQL Server server administrator (SA) user password every time the automation runs. After the automation is complete, you must set your own SA user password again before you connect to the SQL Server instance.
Document Type
Automation
Owner
Amazon
Platforms
Linux
Prerequisites
To run this automation, you must meet the following prerequisites:
-
The IAM user or role that runs this automation must have an inline policy attached with the permissions outlined in Required IAM permissions.
-
If you provide your own EC2 instance:
-
The EC2 instance that you provide must be a Linux instance running Microsoft SQL Server 2017.
-
The EC2 instance that you provide must be configured with an AWS Identity and Access Management (IAM) instance profile that has the
AmazonSSMManagedInstanceCoremanaged policy attached. For more information, see Create an IAM instance profile for Systems Manager. -
The SSM Agent must be installed on your EC2 instance. For more information, see Installing and configuring SSM Agent on EC2 instances for Linux.
-
The EC2 instance must have enough free disk space to download and restore the SQL Server backups.
-
Limitations
This automation does not support restoring to SQL Server running on EC2 instances
for Windows Server. This automation only restores database backups that are compatible
with SQL Server Linux 2017. For more information, see Editions and Supported Features of SQL Server 2017 on Linux
Parameters
This automation has the following parameters:
-
DatabaseNames
Type: String
Description: (Optional) Comma-separated list of the names of databases to restore.
-
DataDirectorySize
Type: String
Description: (Optional) Desired volume size (GiB) of the SQL Server Data directory for the new EC2 instance.
Default value: 100
-
KeyPair
Type: String
Description: (Optional) Key pair to use when creating the new EC2 instance.
-
IamInstanceProfileName
Type: String
Description: (Optional) The IAM instance profile to attach to the new EC2 instance. The IAM instance profile must have the
AmazonSSMManagedInstanceCoremanaged policy attached. -
InstanceId
Type: String
Description: (Optional) The instance running SQL Server 2017 on Linux. If no InstanceId is provided, the automation launches a new EC2 instance using the InstanceType and SQLServerEdition provided.
-
InstanceType
Type: String
Description: (Optional) The instance type of the EC2 instance to be launched.
-
IsS3PresignedUrl
Type: String
Description: (Optional) If S3Input is a pre-signed S3 URL, indicate
yes.Default value: no
Valid values: yes | no
-
LogDirectorySize
Type: String
Description: (Optional) Desired volume size (GiB) of the SQL Server Log directory for the new EC2 instance.
Default value: 100
-
S3Input
Type: String
Description: (Required) S3 bucket name, comma-separated list of S3 object keys, or comma-separated list of pre-signed S3 URLs containing the SQL backup files to be restored.
-
SQLServerEdition
Type: String
Description: (Optional) The edition of SQL Server 2017 to be installed on the newly created EC2 instance.
Valid values: Standard | Enterprise | Web | Express
-
SubnetId
Type: String
Description: (Optional) The subnet in which to launch the new EC2 instance. The subnet must have outbound connectivity to AWS services. If a value for SubnetId is not provided, the automation uses the default subnet.
-
TempDbDirectorySize
Type: String
Description: (Optional) Desired volume size (GiB) of the SQL Server TempDB directory for the new EC2 instance.
Default value: 100
Required IAM permissions
The AutomationAssumeRole parameter requires the following actions to
successfully use the runbook.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ec2:CreateTags", "ec2:DescribeImages", "ec2:DescribeInstanceStatus", "ec2:DescribeInstances", "ec2:RebootInstances", "ec2:RunInstances", "ssm:DescribeInstanceInformation", "ssm:GetAutomationExecution", "ssm:ListCommandInvocations", "ssm:ListCommands", "ssm:SendCommand", "ssm:StartAutomationExecution" ], "Resource": "*" }, { "Effect": "Allow", "Action": "iam:PassRole", "Resource": "arn:aws:iam::ACCOUNTID:role/ROLENAME" } ] }
Document Steps
To use this automation, follow the steps that apply to your instance type:
For new EC2 instances:
-
aws:executeAwsApi- Retrieve the AMI ID for SQL Server 2017 on Ubuntu 16.04. -
aws:runInstances- Launch a new EC2 instance for Linux. -
aws:waitForAwsResourceProperty- Wait for the newly created EC2 instance to be ready. -
aws:executeAwsApi- Reboot the instance if the instance is not ready. -
aws:assertAwsResourceProperty- Verify that SSM Agent is installed. -
aws:runCommand- Run the SQL Server restore script in PowerShell.
For existing EC2 instances:
-
aws:waitForAwsResourceProperty- Verify that the EC2 instance is ready. -
aws:executeAwsApi- Reboot the instance if the instance is not ready. -
aws:assertAwsResourceProperty- Verify that SSM Agent is installed. -
aws:runCommand- Run the SQL Server restore script in PowerShell.
Outputs
getInstance.InstanceId
restoreToNewInstance.Output
restoreToExistingInstance.Output
