Created
April 20, 2019 20:08
-
-
Save missioncloud/4dc21c48eb2c07ab7db93e11ebb08cc6 to your computer and use it in GitHub Desktop.
Simple Python3 script to remove recovery points from an AWS Backup Vault. Used as an interim solution until a `force_delete` option becomes available.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import boto3 | |
from time import sleep | |
from sys import argv | |
def get_recovery_points(vault_name: str) -> list: | |
pagination = True | |
restore_points = [] | |
b = boto3.client('backup') | |
res = b.list_recovery_points_by_backup_vault( | |
BackupVaultName=vault_name, | |
MaxResults=200 | |
) | |
while pagination: | |
for point in res['RecoveryPoints']: | |
restore_points.append(point['RecoveryPointArn']) | |
if 'NextToken' in res: | |
res = b.list_recovery_points_by_backup_vault( | |
BackupVaultName=vault_name, | |
MaxResults=200, | |
NextToken=res['NextToken'] | |
) | |
else: | |
pagination = False | |
return restore_points | |
def delete_recovery_points(vault_name: str, point_arn_list: list) -> bool: | |
b = boto3.client('backup') | |
for index, point in enumerate(point_arn_list): | |
print(f'[.] Deleting recovery point "{point}" [{index} / {len(point_arn_list)}]') | |
res = b.delete_recovery_point( | |
BackupVaultName=vault_name, | |
RecoveryPointArn=point | |
) | |
sleep(1) | |
return True | |
if __name__ == '__main__': | |
vault_name = argv[1] | |
recovery_points = get_recovery_points(vault_name) | |
print(f'[+] Found {len(recovery_points)} recovery points! Deleting them!') | |
delete_recovery_points(vault_name, recovery_points) |
How could I add to delete after a certain day? For instances we only want to keep the Full AMI backup for 3 days and then we can delete them but keep the snapshots?
Awesome. Many thanks for this. Was looking for a terraform option but was unable to find one. This did the trick well.
This looks great. But, am I supposed to replace everything that says "vault_name" with the actual name of my Vault? Or is that not necessary?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
good work, thanks :)