AWS Backup - Vault cannot be deleted? Use this script!

With AWS Backup, it is simple to create snapshots of EBS, EFS, and more. A retention period defines the number of recovery points stored within a backup vault. When removing a backup vault, you need to delete all recovery points first. Doing so is a cumbersome process. Read on to learn how to automate that task.

Tried to delete a backup vault and got the following error message?

Backup vault cannot be deleted (contains 99 recovery points).

Check out the following script to avoid deleting recovery points manually.

Make sure that to install the AWS CLI on your machine before you proceed.

The following script asks for the vault name you want to empty, fetches a list with the recovery points belonging to the backup vault, and deletes the recovery points.

#!/bin/bash

set -e

echo "Enter the name of the vault where all backups should be deleted."
read VAULT_NAME

for ARN in $(aws backup list-recovery-points-by-backup-vault --backup-vault-name "${VAULT_NAME}" --query 'RecoveryPoints[].RecoveryPointArn' --output text); do 
  echo "deleting ${ARN} ..."
  aws backup delete-recovery-point --backup-vault-name "${VAULT_NAME}" --recovery-point-arn "${ARN}"
done

The script saved me hundreds of manual steps. I hope you will enjoy it as well!

Written by Michael Wittig on 11 Mar 2021