In cloud computing, data protection is paramount. Amazon Web Services (AWS) offers a robust solution for safeguarding your data through Relational Database Service (RDS) snapshots, which provide reliable backups of your databases. However, managing these snapshots efficiently and economically can be a challenge. Snapshots can accumulate, consuming precious storage space and incurring unnecessary costs if not properly managed. Enter the power of automation! In this blog post, we’ll explore how to tackle the challenge of automated RDS snapshot deletion using AWS Lambda and CloudWatch Events.
AWS offers a serverless approach to automation with AWS Lambda. Lambda allows you to execute code in response to events, such as scheduled time-based events. By using AWS Lambda, you can automate the RDS Snapshot deletion.
For your Lambda function to interact with RDS and perform snapshot management, you need to create an IAM role that grants the necessary permissions. This IAM role should include policies that provide access to RDS, allowing actions like rds:DescribeDBSnapshots for listing snapshots and rds:DeleteDBSnapshot for deleting snapshots. Ensure that this role is associated with your Lambda function to enable it to execute the required RDS snapshot cleanup tasks.
Now that we’ve configured the Python code for our Lambda function, this code is specifically tailored to handle the essential task of identifying outdated RDS snapshots based on our retention policy and performing the necessary actions, which include deleting the snapshots that exceed the specified retention period.
import boto3 import datetime def lambda_handler(event, context): # Initialize the RDS client rds = boto3.client('rds') # Get all RDS snapshots response = rds.describe_db_snapshots() # Get the current date current_date = datetime.datetime.now() # Define a retention period in days (adjust as needed) retention_days = 7 # Initialize a list to store the identifiers of old snapshots old_snapshots = [] # Iterate through RDS snapshots and identify those beyond the retention period for snapshot in response['DBSnapshots']: snapshot_date_str = snapshot['SnapshotCreateTime'] snapshot_date = snapshot_date_str.isoformat() # Convert the ISO 8601 timestamp to a datetime object # Calculate the age of the snapshot in days age = (current_date.date() - snapshot_date.date()).days # Check if the snapshot is older than the retention period if age > retention_days: old_snapshots.append(snapshot['DBSnapshotIdentifier']) # Delete the old RDS snapshot rds.delete_db_snapshot(DBSnapshotIdentifier=snapshot['DBSnapshotIdentifier']) # Get all RDS Cluster snapshots response = rds.describe_db_cluster_snapshots() # Iterate through RDS Cluster snapshots and identify those beyond the retention period for cluster_snapshot in response['DBClusterSnapshots']: cluster_snapshot_date = cluster_snapshot['SnapshotCreateTime'] cluster_snap_age = (current_date.date() - cluster_snapshot_date.date()).days # Check if the cluster snapshot is older than the retention period if cluster_snap_age > retention_days: old_snapshots.append(cluster_snapshot['DBClusterSnapshotIdentifier']) # Delete the old RDS Cluster snapshot rds.delete_db_cluster_snapshot(DBClusterSnapshotIdentifier=cluster_snapshot['DBClusterSnapshotIdentifier']) # Print or log the old snapshots that were deleted print("Snapshots deleted beyond retention period:") print(old_snapshots) return { 'statusCode': 200, 'body': 'Snapshot check and deletion completed.' }
With our Lambda function primed and ready, it’s time to ensure it operates seamlessly without manual intervention. To achieve this, we’ll establish triggers that initiate the Lambda function automatically. A frequently used trigger mechanism is scheduling events through AWS CloudWatch Events. By creating a rule within CloudWatch Events, we can precisely define when and how frequently our Lambda function should execute, putting our automated RDS snapshot cleanup on autopilot.
The CloudWatch Events trigger has been configured to execute a Lambda function every Monday at 10 am.
Cost savings: Automated RDS snapshot cleanup translates to significant cost savings by efficiently managing storage resources. Redundant and outdated snapshots are removed, eliminating unnecessary storage costs. With automation, AWS bills are optimized, and finance teams can more accurately budget for storage expenses.
Operational Efficiency: Automation streamlines operational tasks, reducing the manual workload for IT teams. This efficiency boost means IT professionals can allocate their time and expertise to higher-priority tasks, ultimately improving productivity and reducing the risk of human error.
Enhanced Security: Removing outdated snapshots reduces the attack surface and minimizes the exposure of sensitive data. This security enhancement aligns with best practices for data protection and risk mitigation.
To know more about how CloudifyOps, an AWS Advanced Consulting Partner, can help you optimize your cloud costs, write to us today at sales@cloudifyops.com.
CloudifyOps Pvt Ltd, Ground Floor, Block C, DSR Techno Cube, Survey No.68, Varthur Rd, Thubarahalli, Bengaluru, Karnataka 560037
Indiqube Vantage, 3rd Phase, No.1, OMR Service Road, Santhosh Nagar, Kandhanchavadi, Perungudi, Chennai, Tamil Nadu 600096.
CloudifyOps Inc.,
200, Continental Dr Suite 401,
Newark, Delaware 19713,
United States of America
Copyright 2024 CloudifyOps. All Rights Reserved