Before adding a script to a backup job it has to be created in Settings->Scripts. Scripts are tenant-specific entities whereby every tenant can have their own scripts. There are two kinds of scripts: PowerShell and Shell. While PowerShell is to be executed mainly on Windows instances, Shell scripts are intended for Linux instances. Scripts can contain parameters whose values are to be determined when scripts are added to a backup job.
To create a script, press the Add script button on the Scripts module. The following dialog will be shown.
•Specify the name of the script.
•Select the tenant for which the script is to be created. This option is available for administrative users only.
•Select the type of the script.
•Add script parameters if necessary.
•Specify the body of the script.
•Press the OK button.
You can also edit the existing scripts or delete the scripts in Settings->Scripts.
Scripts are executed using AWS Systems Manager. To be able to run scripts on an instance, the instance must be managed by Systems Manager. For more information, please refer to “Managed instances” in the “Additional info” section.
You can use standard Systems Manager policy by AWS, or you can use this, more strict policy below:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ssm:DescribeAssociation",
"ssm:GetDocument",
"ssm:GetManifest",
"ssm:ListAssociations",
"ssm:ListInstanceAssociations",
"ssm:PutConfigurePackageResult",
"ssm:UpdateAssociationStatus",
"ssm:UpdateInstanceAssociationStatus",
"ssm:UpdateInstanceInformation"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ec2messages:AcknowledgeMessage",
"ec2messages:DeleteMessage",
"ec2messages:FailMessage",
"ec2messages:GetEndpoint",
"ec2messages:GetMessages",
"ec2messages:SendReply"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ec2:DescribeInstanceStatus"
],
"Resource": "*"
}
]
}