How to recover accidentally deleted AMIs or EBS Snapshots using EC2 Recycle Bin

Cloud
Written By Vimal Paliwal

Photo by Markus Winkler on Unsplash

Sh*t happens. We are humans and we learn from our mistakes so today let’s learn to restore accidentally deleted AWS AMIs.

I’m sure many of us might have unintentionally deleted an AMI at some point in time. I have done it a couple of times. Anyway, let’s save ourselves from that Oops moment by using the EC2 Recycle Bin feature.

Alright, let’s sign in to the AWS Management Console and navigate to Recycle Bin service.

Recycle Bin

Recycle Bin Dashboard

Recycle Bin supports recovering EBS snapshots and AMIs, but we need to create the retention rule separately. Let’s create the retention rule for recovering AMIs first.

AMI Retention Rule

Fig 1. Creating AMI retention rule

You can either use tags to filter the resources or apply the rule to all the resources. For simplicity, we will create the rule to cover all the AMIs and retain them for 1 day.

Fig 2. Creating AMI retention rule

Great so our retention rule for AMI is ready.

AMI Retention Rule

It’s time to create a retention rule for our EBS snapshot. So let’s continue.

EBS Retention Rule

Fig 1. Creating EBS snapshot retention rule

Just like our AMIs, we will retain our EBS snapshots for 1 day and the rule will cover all the snapshots.

Fig 2. Creating EBS snapshot retention rule

Alright, so our EBS snapshot retention rule is ready too.

EBS snapshot retention rule

Test Phase

Time to test the rule so let’s head over to the EC2 service and visit the AMI page to deregister an AMI owned by you. I created one for this article so I’ll deregister the same.

AMI dashboard

Select an AMI owned by you, click on Actions dropdown and deregister it.

AMI deregistered

Note: Deregistering an AMI does not delete the associated snapshot automatically let's switch to the Snapshots page and delete the associated snapshot as well.

EBS Snapshots Dashboard

Select the associated EBS snapshot, click on Actions dropdown and delete it.

Let’s navigate back to Recycle Bin service and go to the Resources page using the navigation in the left panel to see if our AMI and snapshot were retained.

Perfect, so both my EBS snapshot and AMI were retained and I hope yours were retained too.

EBS snapshots retained

AMI retained

So, after deregistering the AMI we learn that it was a golden AMI for spinning up dev instances but we don’t have to worry since we have the retention rule in place and both the snapshot and AMI are safe.

Recovery Phase

Let’s recover the AMI and snapshot.

Note: As the AMI depends on the snapshot we first need to restore the snapshot else we will receive an error while restoring the AMI.

AMI restoration failed

So, let’s restore our snapshot by selecting it and clicking on the Recover button.

Recover EBS snapshot

EBS snapshot restored

Now let’s restore the AMI. Switch to AMIs using the dropdown, select the AMI and click on the Recover button.

Recovering AMI

AMI recovered

Alright, once the resources are recovered let’s navigate back to the EC2 service to confirm if both the AMI and EBS snapshot has been successfully restored.

Yay! Both of them have been restored.

Recovered AMI

Recovered EBS snapshot

Covering the basics

  • Earlier deleted or deregistered AMIs could not be recovered or restored but with the introduction of the EC2 Recycle Bin feature you could recover or restore both a deleted or deregistered AMI and a deleted EBS snapshot if you have retention rules in place.

  • You can automate EC2 instance recovery in case of system or instance health check failure. You can create a CloudWatch alarm to monitor both system and instance health for an EC2 instance and assign an action to recover or reboot respectively when the alarm is triggered. You can manage the creation of these alarms using Terraform.

  • Conditions under which you will be able to retrieve data after an EC2 instance has been terminated:

    • An EBS snapshot exists for that EC2 instance. The freshness of data depends on the time difference between instance termination and snapshot creation

    • EBS volumes were not terminated upon instance termination. In this case, you could launch a new instance and attach these volume(s) to the new instance to retrieve the data

    If none of the conditions are satisfied then, unfortunately, you cannot retrieve data from an EC2 instance that has been terminated.

  • EBS snapshot can be restored to an EC2 instance in the following way:

    • In EC2, switch to the snapshots page using the left navigation panel

    • Select the snapshot that you want to restore

    • Click on Actions dropdown followed by Create Volume

    • Provide or update the required inputs and proceed with volume creation

    • Once the volume is in an Available state, select it to attach it to the EC2 instance at an appropriate path by using Attach Volume option available within the Actions dropdown

    • Finally, depending on the instance OS type you might have to login within the OS and mount the volume

  • Using the EC2 Recycle Bin feature you can recover or restore from accidental deletion of EBS snapshots or EC2 AMIs

Vimal Paliwal

Vim is a DevSecOps Practitioner with over seven years of professional experience. Over the years, he has architected and implemented full fledged solutions for clients using AWS, K8s, Terraform, Python, Shell, Prometheus, etc keeping security as an utmost priority. Along with this, during his journey as an AWS Authorised Instructor he has trained thousands of professionals ranging from startups to fortune companies for over 2 years.

Previous

Backup an entire Kubernetes cluster using Velero to AWS S3
Next

Secure network communication of EKS Fargate pods via AWS Security Group