Skip to content

Instantly share code, notes, and snippets.

@missioncloud
Created April 20, 2019 20:08
Show Gist options
  • Save missioncloud/4dc21c48eb2c07ab7db93e11ebb08cc6 to your computer and use it in GitHub Desktop.
Save missioncloud/4dc21c48eb2c07ab7db93e11ebb08cc6 to your computer and use it in GitHub Desktop.
Simple Python3 script to remove recovery points from an AWS Backup Vault. Used as an interim solution until a `force_delete` option becomes available.
import boto3
from time import sleep
from sys import argv
def get_recovery_points(vault_name: str) -> list:
pagination = True
restore_points = []
b = boto3.client('backup')
res = b.list_recovery_points_by_backup_vault(
BackupVaultName=vault_name,
MaxResults=200
)
while pagination:
for point in res['RecoveryPoints']:
restore_points.append(point['RecoveryPointArn'])
if 'NextToken' in res:
res = b.list_recovery_points_by_backup_vault(
BackupVaultName=vault_name,
MaxResults=200,
NextToken=res['NextToken']
)
else:
pagination = False
return restore_points
def delete_recovery_points(vault_name: str, point_arn_list: list) -> bool:
b = boto3.client('backup')
for index, point in enumerate(point_arn_list):
print(f'[.] Deleting recovery point "{point}" [{index} / {len(point_arn_list)}]')
res = b.delete_recovery_point(
BackupVaultName=vault_name,
RecoveryPointArn=point
)
sleep(1)
return True
if __name__ == '__main__':
vault_name = argv[1]
recovery_points = get_recovery_points(vault_name)
print(f'[+] Found {len(recovery_points)} recovery points! Deleting them!')
delete_recovery_points(vault_name, recovery_points)
@gabe1314
Copy link

How could I add to delete after a certain day? For instances we only want to keep the Full AMI backup for 3 days and then we can delete them but keep the snapshots?

@GaxZE
Copy link

GaxZE commented Oct 19, 2021

Awesome. Many thanks for this. Was looking for a terraform option but was unable to find one. This did the trick well.

@jevbrowser
Copy link

This looks great. But, am I supposed to replace everything that says "vault_name" with the actual name of my Vault? Or is that not necessary?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment