I created a snapshot lifecycle policy and it reached "DLM Policy State Change" state = Error.
I cannot find where to read the event with error details (cause of the failure).
I have tried cloudwatch and created a Rule, it triggered the rule but still no event details.
On
Basically, we can trace events for DLM Policy State Change — A DLM event emitted when a lifecycle policy enters an error state. The event contains a description of what caused the error as well as the state of the policy. [+] https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html#monitor-cloudwatch-events
Solution: Hence, you need to review the resource tagging and update your DLM Policy to update the Duplicate Key entry field under Tag Created snapshots option and try again.
Below are the steps to follow: ( Example)
a). Login to your EC2 console.
b). Go to “Lifecycle Manager” on the left hand side.
c). Go to your DLM policy and “Right click” -- Click “Modify Snapshot LifeclyclePolicy”.
d). Move to the bottom of the policy and you can find “Tag created snapshots” option.
e). Change the Key from tag name for example “Name” to something Like “NameDLMPolicyTest” [It should be unique than your resource i.e. volume key tags]
f). Click on “Update” and the policy will be updated.
[+] In general - DLM POLICY related Events: - CreateLifecyclePolicy - New Policy - UpdateLifecyclePolicy - For any update in the policy - CreateSnapshot - DLM Creates Snapshots ( Agent Name would be assigned as - "userAgent": "dlm.amazonaws.com")
** Important** Basically, Amazon DLM uses an IAM role to get the permissions that are required to manage snapshots on your behalf. Amazon DLM creates the "AWSDataLifecycleManagerDefaultRole" role the first time that you create a lifecycle policy using the AWS Management Console. For additional information on configuring Data Lifecycle Manager using a Custom IAM Role and about Permissions and trust relationship for Amazon DLM , please refer:
[+] Permissions & Trust relationship for Amazon DLM: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html#dlm-permissions
Some Other references: +] DLM events references : https://docs.aws.amazon.com/cli/latest/reference/dlm/index.html
[+] AWS DLM Limits : https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html#dlm-limits
[+] Considerations While Creating a DLM policy: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html#dlm-lifecycle-policies
I am having the same problem, my data lifecycle manager throws an Error, and I have no idea how to get it.
What I did:
Go to your CloudTrail Event History and filter by Username DataLifecycleManager.
Depending on your region, the URL should be something like:
Then you will see a list of all the DataLifecycleManager events.
The ones interesting are Event name CreateSnapshot for Resource Type EC2 Volume.
Open one and click the button "View event".
Just for the record, I was having an error: