Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for AWS EBS Snapshot Lock mode #1005

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add support for AWS EBS Snapshot Lock mode #1005

wants to merge 1 commit into from

Conversation

ruimarinho
Copy link

@ruimarinho ruimarinho commented Aug 22, 2024
edited
Loading

This pull request introduces support for AWS EBS Snapshot Lock to protect Amazon EBS snapshots against accidental or malicious deletions, or to store them in WORM (Write-Once-Read-Many) format for a specific duration.

While a snapshot is locked, as long as it is out of the cool-off period, it can't be deleted by any user, regardless of their IAM permissions.

Overview of changes

  • Added new command-line arguments for AWS snapshot lock mode, lock duration, cool-off period, and expiration date. Implemented mutual exclusivity checks for lock duration and expiration date, as per AWS requirements.
    • --aws-snapshot-lock-mode
    • --aws-snapshot-lock-duration
    • --aws-snapshot-lock-cool-off-period
    • --aws-snapshot-lock-expiration-date
  • Added new provider-specific snapshot_lock_mode to backup metadata json.
  • Implemented checks to prevent attempting to deleted a locked snapshot until it becomes expired.

If the approach looks good, I will start working on documentation next.

Closes #972.

@ruimarinho ruimarinho requested a review from a team as a code owner August 22, 2024 17:38
diogotorres97
diogotorres97 approved these changes Aug 23, 2024
View reviewed changes
Copy link

@diogotorres97 diogotorres97 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is a great feature that we were waiting for! Already tested it in an AWS EC2 instance with barman installed and it is working as expected!

@diogotorres97 diogotorres97 mentioned this pull request Aug 23, 2024
Open
@diogotorres97
Copy link

diogotorres97 commented Aug 28, 2024
edited
Loading

ping

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@diogotorres97 diogotorres97 diogotorres97 approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add "AWS Snapshot Lock" feature
2 participants
@ruimarinho @diogotorres97