Create VSS Snapshots


The Create VSS Snapshots action runs an AWS Systems Manager to execute 'AWSEC2-CreateVssSnapshot' on targeted EC2 instances. This action is designed for use with Windows-based EC2 instances only.

Creating snapshots are essential for reliable and consistent data backups and recovery. By using Systems Manager, it enables the capture of a point-in-time snapshot of the volume, even during active write operations. Snapshots serve as dependable backups, allowing for swift data restoration in the event of failures, errors, or data corruption.

How it works

The Create VSS Snapshots action uses the following endpoints to target ECS Instances and run the Systems Manager command to create a VSS Snapshot:

Before you can use the Create VSS Snapshots action, your EC2 instance must be ready to use with AWS Systems Manager and VSS.

The first step is to install the SSM Agent on your EC2 instance, unless your EC2 instance was based on an AMI that came with the SSM Agent pre-installed.

The second step is to provide AWS Systems Manager with the necessary permissions to send shellscripts to your targeted EC2 Instances.

We do not advise manually modifying the permissions attached to the cross-account role that is created by GorillaStack in AWS. GorillaStack updates this role with your permission when you change your account preferences, and this may cause any manual changes to be lost. Instead, follow the instructions provided in the AWS docs under “To create an instance profile for Systems Manager managed instances (console)”.

The third step is ensuring your EC2 instance has the necessary VSS software available. This may also involve updating your SSM Agent. Please see the docs.

Targeting Windows-only EC2 instances

This action automatically targets Windows-only EC2 instances using the Platform key that AWS normally applies automatically. However, a very small number of Windows-only instances that are based on very old AMIs and/or custom AMIs may lack this key. To ensure those instances are targeted by this action too, add the following tag to each Windows-only instance that lacks the Platform key:

  • Value: 'windows`