How do I delete my AWS Backup vault?

Resolution

Check your permissions

To delete a backup vault in AWS Backup, your AWS Identity and Access Management (IAM) role must have the backup:DeleteBackupVault permission. For more information, see API permissions: actions, resources, and conditions reference.

Also, make sure that the access policy that's attached to your backup vault doesn't include an explicit Deny statement that denies the DeleteBackupVault action.

Example policy that denies the DeleteBackupVault action:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Deny",
            "Principal": {
                "AWS": "*"
            },
            "Action": [
                "backup:DeleteBackupVault"
            ],
            "Resource": "*"
        }
    ]
}

Delete the recovery points

Before you can delete a backup vault, you must delete all recovery points that you stored in the vault.

Note: You can't delete the Amazon Elastic File System (Amazon EFS) automatic backup vault that's named aws/efs/automatic-backup-vault. You can only remove the recovery points or snapshots that you store in the vault.

Delete the backup vault

To delete the backup vault, you can use either the AWS Backup console or the AWS Command Line Interface (AWS CLI).

AWS Backup console

To use the console to delete your backup vault, see Delete a vault.

AWS CLI

Note: If you receive errors when you run AWS CLI commands, then see Troubleshooting errors for the AWS CLI. Also, make sure that you're using the most recent AWS CLI version.

Run the following delete-backup vault command:

aws backup delete-backup-vault --backup-vault-name vault-name

Note: Replace vault-name with your backup vault name. If your backup plan tries to use a backup vault that you deleted, then backup creation fails.

Related information

How can I delete a default vault and Amazon EFS automatic backup vault in AWS Backup?

Troubleshooting deleting resources