Attempting to disable automatic backups in AWS EFS? Take a break and read what our skilled Support Engineers have to say.

If you are looking for a way to remove previously backed-up data by disabling the automatic backup feature on your Amazon EFS, you have come to the right place. With Bobcares by your side, this is going to be a breeze.

About automatic backups in AWS EFS

The Amazon Elastic File System, by default, creates a backup of data automatically. This is stored as a recovery point which you can access via AWS Backup. In case you attempt to remove it, you will get this error message:
“Access Denied: Insufficient privileges to perform this action. Please consult with the account administrator for necessary permissions.”
Our Support Engineers recommend keeping the Auto-Backup enabled. It helps your restore your file system to the last recovery point in case of accidental data deletion.
However, you can also disable automatic backups as well. Let’s take a look at how this can be done.

Disable automatic backups in AWS EFS

1. First, open the Amazon EFS at this link.
2. Then, navigate to File Systems. After that, select the file system that you want to disable automatic backup for.
3. Select Edit from the General panel.
4. Clear Enable automatic backups to turn automatic backups off.
5. Finally, click Save changes.

Delete Recovery Point

In order to delete the recovery point, follow these steps:

1. First, open the AWS Backup Management console.
2. Next, choose aws/efs/automatic-backup-vault. The Backups section comprises your data backups, listed as Recovery Points.
3. The Access Policy is by default, set to deny deletions as seen in the example below:

   {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Effect": "Deny",
               "Principal": {
                   "AWS": "*"
               },
               "Action": [
                   "backup:DeleteBackupVault",
                   "backup:DeleteBackupVaultAccessPolicy",
                   "backup:DeleteRecoveryPoint", 
                   "backup:StartCopyJob",
                   "backup:StartRestoreJob",
                   "backup:UpdateRecoveryPointLifecycle" 
               ],
               "Resource": "*"
           } 
       ]
   }

   In other words, you will have to change ”Effect” : ”Deny” to ”Effect” : ”Allow” as seen below:

   {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Effect": "Allow",
               "Principal": {
                   "AWS": "*"
               },
               "Action": [
                   "backup:DeleteBackupVault",
                   "backup:DeleteBackupVaultAccessPolicy", 
                   "backup:DeleteRecoveryPoint", 
                   "backup:StartCopyJob",
                   "backup:StartRestoreJob",
                   "backup:UpdateRecoveryPointLifecycle" 
               ],
               "Resource": "*"
           } 
       ]
   }

   This change allows the user to do any listed delete actions. In order to allow further delete permissions, the policy can be adjusted accordingly.

4. After that, select Attach Policy.
5. Then, choose the Recovery Point That has to be deleted and select delete.

Furthermore, we would like to point out that you will not be able to delete the backup vault automatic-backup-vault or the default backup plan.

[Looking for assistance? We are here to help.]

Conclusion

To sum up, we learned how to disable automatic backup and delete a recovery point in AWS EFS from the proficient Support Engineers at Bobcares.