How do I delete a recovery point from a backup vault in AWS Backup?

2 minute read

I want to delete a recovery point from my backup vault in AWS Backup.

Resolution

Prerequisites

To delete a recovery point from a backup vault in AWS Backup, you must have the following AWS Identity and Access Management (IAM) permission:

backup:DeleteRecoveryPoint

Verify that there isn't an access policy configured on the backup vault that denies deletion of recovery points.

The following is an example policy that restricts users from deleting any recovery point from the backup vault:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "statement ID",
      "Effect": "Deny",
      "Principal": "*",
      "Action": "backup:DeleteRecoveryPoint",
      "Resource": "*"
    }
  ]
}

Delete a recovery point using the console

To manually delete recovery points using AWS Backup console, do the following:

Open the AWS Backup console.
In the navigation pane, choose Backup vaults. Then, choose backup vault where you store the backups.
Choose a recovery point.
Choose the Actions dropdown, and then choose Delete.
Note: You can select multiple recovery points if you want to delete multiple backups.
To delete the recovery points, enter delete, and then choose Delete recovery points. AWS Backup submits your recovery points for deletion and displays a progress bar. Don't navigate away from this page during the submission process.
Choose View progress to review the deletion status of each backup. If a deletion status is Failed or Expired, then you can choose that status to see the reason. You can also choose to Retry failed deletions.

Delete a recovery point programmatically

To delete recovery points using an AWS Command Line Interface (AWS CLI) command, use the DeleteRecoveryPoint API.

The following is an example of the DeleteRecoveryPoint command:

Note: Replace name with your backup vault name and arn with the ARN of the recovery point that you want to delete.

aws backup delete-recovery-point --backup-vault-name <name> --recovery-point-arn <arn>

To delete all the recovery points from a backup vault, use the following command:

Note: Replace name with your backup vault name.

aws backup list-recovery-points-by-backup-vault  --backup-vault-name <name> --output json --query 'RecoveryPoints[].[RecoveryPointArn]' | jq -r '.[] | "--recovery-point-arn '\\\"'" + .[0] + "'\\\"'" + .[1]' |  xargs -L1 aws backup delete-recovery-point --backup-vault-name  <name>

Related information

Deleting backups

Topics

Storage

Relevant content

Clarification: Deleting an AWS Backup Vault with a Backup Vault Lock in Compliance Mode
Mat Werber
asked 7 months ago
Point-in-time recovery from Retained Backups
Wiljer
asked 6 months ago
Deleting a Backup Vault with 4000 snapshots
TJ
asked 6 months ago
How to delete an orphaned Snapshot from deleted Backup Vault?
Lucas
asked a year ago
Expired s3 Backup Recovery Point
Anis
asked 2 years ago
How can I delete a default vault and Amazon EFS automatic backup vault in AWS Backup?
AWS OFFICIALUpdated 7 months ago
How is a legal hold different from AWS Backup Vault Lock?
AWS OFFICIALUpdated 9 months ago
How do I migrate an Amazon RDS continuous backup recovery point from a backup vault that's locked in Compliance mode?
AWS OFFICIALUpdated 6 months ago
Why is my recovery point in the expired status in AWS Backup?
AWS OFFICIALUpdated 10 months ago
Recovering a VMware Cloud on AWS VM backup to EC2 using AWS Backup
EXPERT
apylnev
published a year ago