Updating your AWS Elastic Disaster Recovery settings at scale with the DRS Settings Tool

Updating your AWS Elastic Disaster Recovery settings at scale with the DRS Settings Tool

Updating your AWS Elastic Disaster Recovery settings at scale with the DRS Settings Tool

Author: Tim Hall
Published on: 2025-01-14 21:54:55
Source: Integration & Automation

Disclaimer:All rights are owned by the respective creators. No copyright infringement is intended.


Deploying AWS Elastic Disaster Recovery at scale provides robust protection for your infrastructure (for more details, see Deploying AWS Elastic Disaster Recovery at scale with AWS Systems Manager). As your deployment grows, customizing your Elastic Disaster Recovery source server settings to align with each server’s specific needs and requirements becomes essential. These settings include replication settings, DRS launch settings, and EC2 launch template settings. Although Elastic Disaster Recovery offers default configurations that can be applied to all newly added servers, tailoring settings for a diverse range of servers provides optimal performance and reliability.

To simplify this process and avoid navigating through multiple sections of the AWS Management Console, the DRS Settings Tool is an invaluable resource for updating settings across your infrastructure efficiently. With the DRS Settings Tool, you can accomplish the following:

  • Generate a CSV file: Export all your source server settings into a CSV file.
  • Edit with ease: Make the necessary updates to your settings directly within the CSV file.
  • Push changes seamlessly: Apply the updated settings to your Elastic Disaster Recovery source servers effortlessly.

This streamlined approach significantly reduces the time and effort required for configuration. The DRS Settings Tool is not limited to one-time use; you can use it whenever you need to update your Elastic Disaster Recovery source server settings, making it a continuous asset for maintaining and optimizing your disaster recovery strategy.

With the DRS Settings Tool, you can make sure that your Elastic Disaster Recovery setup remains tailored to your organization’s evolving needs, while saving valuable time and minimizing complexity.

In this post, we show you how to setup and use the DRS Settings Tool to update all your Elastic Disaster Recovery source server settings in bulk.

Solution Overview

We walk through the following steps to implement the solution:

  1. Create an AWS Identity and Access Management (IAM) policy and user.
  2. Update your credentials and config file.
  3. Install the necessary components to run the DRS Settings Tool (Python, pip, and Boto3).
  4. Download and start using the DRS Settings Tool.

Prerequisites

For this walkthrough, you need the following:

  • An AWS account.
  • Active source servers in Elastic Disaster Recovery.
  • The ability to install Python, pip, and Boto3
  • Network connectivity to the AWS endpoints listed in the DRS Settings Tool readme file.
  • Permissions to create an IAM user and policy for usage of the DRS Settings Tool.
  • Existing AWS credentials and config file. A straightforward way to set this up is to install the AWS Command Line Interface (AWS CLI). For instructions, see Installing, updating, and uninstalling the AWS CLI.

Create the DRS Settings Tool IAM policy and user

To get started, you create the IAM policy and user that will be used with the DRS Settings Tool. In this example, we use the IAM permissions listed for single account use because we don’t have any extended source servers. If you have extended source servers, you can use the permissions noted in the readme for a user in the staging account (where the replication resources are created) and a user in the target account (where your Elastic Disaster Recovery source servers are recovered to).

Complete the following

  1. On the IAM console, choose Policies in the navigation pane. Choose Create policy.
  2. In the Policy editor section, choose JSON.
  3. Enter the following IAM permissions and choose Next:
    {
     "Version": "2012-10-17",
        "Statement": [
            {
                "Sid": "VisualEditor0",
                "Effect": "Allow",
                "Action": [
                    "drs:UpdateReplicationConfiguration",
                    "drs:UpdateLaunchConfiguration",
                    "drs:GetLaunchConfiguration",
                    "drs:GetReplicationConfiguration",
                    "drs:DescribeSourceServers",
                    "ec2:DescribeInstances",
                    "ec2:DescribeLaunchTemplateVersions",
                    "ec2:DescribeSecurityGroups",
                    "ec2:CreateLaunchTemplateVersion",
                    "ec2:DescribeImages",
                    "ec2:ModifyLaunchTemplate",
                    "ec2:DescribeSubnets",
                    "ec2:DescribeKeyPairs",
                    "ec2:CreateSecurityGroup",
                    "ec2:DescribeInstanceTypeOfferings",
                    "ec2:CreateTags",
                    "iam:GetInstanceProfile",
                    "kms:DescribeKey",
                    "kms:CreateGrant",
                    "ec2:GetEbsDefaultKmsKeyId"
                ],
                "Resource": "*"
            }
        ]
    }

  4. Enter your policy details and choose Create policy.

Next, you create the user to attach the policy to.

  1. Choose Users in the navigation pane.
  2. Choose Create user.
  3. Enter your desired user name, and choose Next.
  4. In the Permissions options section, choose Attach policies directly.
  5. Search for and choose your created policy.
  6. Choose Create user.

Make sure you download your Access Key and Secret Key.

  1. Choose the user on the Users
  2. On the Security credentials tab, choose Create access key.
  3. Choose Other, Next, Create access key, and Download .csv file.

Update your credentials and config file

With the CSV file you downloaded, you can now update your credentials and config file, which are required to run the DRS Settings Tool. Complete the following steps:

  1. Navigate to your credentials and config files which are located at the following location:
    • Windows: C:\Users\<username>\.aws
    • Linux: ~/.aws/
  2. Open the credentials file and add an entry like the following (update with your Access Key and Secret Key), then save the file:
    [<Target-Account-ID>]
    aws_access_key_id = <Access-Key>
    aws_secret_access_key = <Secret-Key>

  3. In this example, we use a single account. If you’re using multiple accounts, you need to add an entry for each account ID with the appropriate AWS user’s access and secret key.
  4. Open the config file and add an entry like the following (update with your region and output format such as “us-east-1” and “json”), then save the file:
    [profile <Target-Account-ID>]
    region = <region>
    output = <output>

  5. In this example, we use a single account. If you’re using multiple accounts, you need to add an entry for each account ID with the appropriate AWS Region and output.

Install Python, pip, and boto3

Now that you have created the IAM policy and user and updated and the credentials/config files, you can download the necessary components to run the DRS Settings Tool. For this walkthrough, we use a Windows-based machine and download the components for Windows.

  1. For this post, we use the download link for Python to install it. You can use your preferred method that works best for your operating system.
  2. Run the installer and choose your desired method of installation.

When the install is complete, you can move on to installing pip.

  1. Download the get-pip.py script.
  2. Open a command prompt, cd to the path containing the get-pip.py script and run the following command:
    py get-pip.py

Now that pip is installed, you can move on to installing Boto3.

  1. In the command prompt, cd to the path of pip.exe and run the following command:
    pip.exe install boto3

Download and use the DRS Settings Tool

Now that you have all the components configured and installed, you’re ready to download the DRS Settings Tool and run it.

  1. Navigate to the GitHub repo for the DRS Settings Tool, and choose Code and Download ZIP.
  2. After downloading, open a command prompt, cd to the path of the DRS Settings Tool and run the following command:
    get_settings.py
  3. When the script is complete, you should see three files get created in the DRS-Settings-Tool-main directory:
    • csv – The main file that you will make your edits in.
    • DRS_Settings-DO-NOT-EDIT.csv – A copy of the original DRS_Settings.csv file. We use this as a comparison file after changes in DRS_Settings.csv, to limit AWS API calls by only making updates to what has changed.
    • DRS-Update-Tool.txt – A log for troubleshooting purposes.
  4. Now that you have generated the CSV files, you can open it in your preferred CSV file editor and begin editing your settings. Available settings and their accepted values can be found in the readme file.
  5. When you finish making changes to the CSV file, you can save it and then run the update_settings.py script from the same directory.

You have now successfully run the DRS Settings Tool to update your servers in bulk. Make sure to re-run the get_settings.py script so the CSV files are regenerated with the latest settings.

Cleanup

To uninstall the components you downloaded and installed, complete the following steps in order.

  1. To uninstall Boto3, navigate to the directory where pip is installed and run the following command:
  2. To uninstall pip, run the following command from command prompt:
  3. To uninstall Python in Windows, navigate to the Control Panel, choose Uninstall a program, choose the Python-related programs, and choose Uninstall.
  4. To cleanup the DRS Settings Tool, delete the entire directory.

Conclusion

In this post, we explored how to use the DRS Settings Tool to manage your Elastic Disaster Recovery source server settings at scale. This tool can save you a lot of time during your initial deployment of Elastic Disaster Recovery, and also help manage settings later if needed.

Try out the tool and share your experiences and questions in the comments section.


About the Author

Tim Hall is a Senior Cloud Support Engineer at AWS. He is a Subject Matter Expert for the AWS Elastic Disaster Recovery Service and helps customers solve complex problems. In his free time, he enjoys competing in billiards and playing video games.


Disclaimer: All rights are owned by the respective creators. No copyright infringement is intended.

Leave a Reply

Your email address will not be published. Required fields are marked *

Secured By miniOrange