elastic
CNVM: Clean-up old snapshots on startup
Motivation This came up in https://github.com/elastic/sdh-security-team/issues/1168 and in our own AWS accounts. Old snapshots that for some reason have failed to be deleted by cloudbeat during the normal cycle, persist in accounts without a purpose. We should delete older snapshots created by cloudbeat in a background job.
Definition of done What needs to be completed at the end of this task
- [ ] Background cleaner is implemented
- [ ] Verify results in AWS account
Out of scope Graceful shutdown https://github.com/elastic/cloudbeat/issues/1181
Related tasks/epics
- https://github.com/elastic/sdh-security-team/is[sues/1168
- https://github.com/elastic/cloudbeat/issues/2221
- https://github.com/elastic/cloudbeat/issues/1181
- https://github.com/elastic/cloudbeat/issues/950
- https://github.com/elastic/cloudbeat/pull/3090
is there a way to create snapshots with a defined TTL?
None that I can find. Amazon Data Lifecycle Manager can automatically archive snapshots but only those created by that Manager: https://aws.amazon.com/blogs/storage/automatically-archive-amazon-ebs-snapshots-with-amazon-data-lifecycle-manager/
Verified in eu-west-1 (oldest snapshot is 2 days old which is the limit).