DEV Community

Amar Singh
Amar Singh

Posted on

Automating RDS Snapshot Cleanup: Delete Manual DB and Cluster Snapshots Older Than 30 Days

Introduction

Amazon Relational Database Service (RDS) allows you to create manual snapshots to safeguard your data for backup and recovery purposes. Over time, these snapshots can pile up, consuming significant storage space and driving up costs. To maintain cost efficiency and adhere to data retention policies, it’s essential to manage them proactively.

In this article, we’ll walk through how to automate the cleanup of RDS manual snapshots older than 30 days using AWS Lambda, Boto3, and Amazon EventBridge — ensuring your environment stays optimized with minimal manual effort.

Why Delete Old RDS Snapshots?

1.Cost Optimization

AWS charges for the storage space your snapshots occupy — even the ones you no longer need. Removing outdated snapshots helps cut down on unnecessary storage costs and keeps your AWS bill under control.

2.Better Storage Management
As snapshots pile up, they can clutter your storage and make it harder to identify the backups that truly matter. Regular cleanup keeps your backup system lean, organized, and efficient.

3.Compliance & Retention Policies
Many organizations enforce strict data retention rules. Automating snapshot deletion not only ensures compliance but also supports data governance and security best practices.

Steps to Remove RDS Manual DB Snapshots Older Than 30 Days

Step 1: Create an IAM Role with the Required Permissions

To enable your Lambda function to access and delete RDS snapshots, start by creating an IAM role with the necessary permissions. Attach the following inline policy to the role:

{

  "Version": "2012-10-17",

  "Statement": [

    {

      "Sid": "LambdaPermissions",

      "Effect": "Allow",

      "Action": [

        "rds:DescribeDBSnapshots",

        "rds:DeleteDBSnapshot"

      ],

      "Resource": "*"

    }

  ]

}


Enter fullscreen mode Exit fullscreen mode

Step 2: Create an AWS Lambda Function

  1. Open the AWS Lambda console.
  2. Click Create function and choose Author from scratch.
  3. Select Python as the runtime environment.
  4. Under Permissions, attach the IAM role created in Step 1 to this function.

Step 3: Implement the Lambda Function Code

Use the following Python script to identify and delete manual DB snapshots older than 30 days:

import boto3
import datetime
import os

  def lambda_handler(event, context):
   rds = boto3.client(‘rds’)
   now = datetime.datetime.now(datetime.timezone.utc)
   delete_before = now — datetime.timedelta(days=30)
   snapshots = rds.describe_db_snapshots(SnapshotType=’manual’)
   for snapshot in snapshots[‘DBSnapshots’]:
     if snapshot[‘SnapshotCreateTime’] < delete_before:
       print(“Deleting snapshot:”, snapshot[‘DBSnapshotIdentifier’])
       rds.delete_db_snapshot(DBSnapshotIdentifier=snapshot[‘DBSnapshotIdentifier’])
     else:
       print(“Skipping snapshot:”, snapshot[‘DBSnapshotIdentifier’])
Enter fullscreen mode Exit fullscreen mode

Step 4: Schedule the Lambda Function

To automate the cleanup process, schedule your Lambda function to run daily using Amazon EventBridge.

1. Open Amazon EventBridge

  • Sign in to the AWS Management Console.
  • Navigate to Amazon EventBridge.
  • From the left-hand menu, select Rules.

2. Create a New Rule

  • Click Create rule.
  • Enter a name for the rule (e.g., DailyLambdaTrigger).
  • Optionally, add a description (e.g., “Triggers the Lambda function every day at 10 AM”).
  • Keep the Event bus as default.
  • Under Rule type, select Schedule.

3. Define the Schedule Expression

  • Choose A fine-grained schedule (Cron expression).
  • Use the following cron expression to trigger the function daily at 10 AM (UTC):

cron(0 10 * * ? *)

4. Set the Target as Lambda

  • Under Select a target, choose AWS service.
  • From the Target dropdown, select Lambda function.
  • Under Function, choose the Lambda function you created earlier.

Steps to Remove RDS Manual DB Cluster Snapshots Older Than 30 Days

Step 1: Create an IAM Role with Permissions for DB Cluster Snapshots

Create an IAM role with the following policy:

{
 "Version": "2012-10-17",
 "Statement": [
   {
       "Sid": "LambdaPermissions",
       "Effect": "Allow",
       "Action": [
            "rds:DescribeDBClusterSnapshots",
            "rds:DeleteDBClusterSnapshot"
        ],
       "Resource": "*"
   }
 ]
}
Enter fullscreen mode Exit fullscreen mode

Step 2: Create an AWS Lambda Function

  • Create another Lambda function for DB Cluster Snapshots.
  • Assign the IAM role from Step 1 to this function.

Step 3: Implement the Lambda Function Code

Use the following Python script to delete DB cluster snapshots older than 30 days:

import boto3
import datetime
def lambda_handler(event, context):
    rds = boto3.client('rds')
    now = datetime.datetime.utcnow()
    delete_before = now - datetime.timedelta(days=30)
    snapshots = rds.describe_db_cluster_snapshots(SnapshotType='manual')

    for snapshot in snapshots['DBClusterSnapshots']:
        snapshot_time = snapshot['SnapshotCreateTime'].replace(tzinfo=None)
        if snapshot_time < delete_before and snapshot['Status'] == 'available':
            print("Deleting cluster snapshot:", snapshot['DBClusterSnapshotIdentifier'])
            rds.delete_db_cluster_snapshot(DBClusterSnapshotIdentifier=snapshot['DBClusterSnapshotIdentifier'])
        else:
            print("Skipping cluster snapshot:", snapshot['DBClusterSnapshotIdentifier'])
Enter fullscreen mode Exit fullscreen mode

Step 4: Schedule the Lambda Function

  • Follow the same process as Step 4 in the DB snapshot section.
  • Create an Amazon Event Bridge rule to trigger the Lambda function daily

Conclusion
By implementing this automation, you can effortlessly manage and delete outdated RDS manual and cluster snapshots — helping you cut down on unnecessary storage costs while staying compliant with your organization’s data retention policies.
Scheduling the cleanup process through Amazon EventBridge ensures that it runs automatically, keeping your AWS environment clean and optimized without any manual intervention.
With this setup in place, your cloud infrastructure stays efficient, secure, and cost-effective.

Top comments (0)

The discussion has been locked. New comments can't be added.