# To keep in line with FedRAMP we are setting up a lifecycle on the EBS vol to create "backups"
# It will target the tag "Snapshot" based on the value depends on what policy is assigned (see comments bellow)
resource "aws_dlm_lifecycle_policy" "daily" {
  description        = "daily DLM lifecycle policy"
  execution_role_arn = aws_iam_role.dlm_lifecycle_role.arn
  state              = "ENABLED"

  policy_details {
    resource_types = ["VOLUME"]

    schedule {
      name = "daily snapshots retain 2"

      create_rule {
        interval      = 24
        interval_unit = "HOURS"
        times         = ["23:45"]
      }

      retain_rule {
        count = 2
      }

      tags_to_add = {
        SnapshotCreator = "DLM"
        SnapshotPolicy = "Daily"
      }

      copy_tags = true
    }

    target_tags = {
      Snapshot = "Daily"
    }
  }
}