AWS snapshot automation

amazon-web-services amazon-ec2 snapshot

Solution 1:

You may have to look in CloudTrail to find out what IAM Role was used to create the snapshots. That should take you in the right direction - whether it's a CloudWatch role, EC2 role, or some external script using IAM User keys.

Also have a look at AWS Backup - perhaps that is being used to create the images. In that case you can set the lifecycle policy there, e.g. delete snapshots after 4 weeks, etc.

Hope that helps :)

Solution 2:

Your best friend here will be CloudTrail. Turn it on if it's not enabled already and look for the CreateSnapshot activity, you can filter the results. Once you find out which service is doing it or which user/role authorized it, you'll have a starting point. Don't be afraid to ask around your coworkers if you find a non-descriptive user or role. You can go into the role's details in IAM and use the "Access Advisor" to see where and by what the role is being used (afaik this doesn't work with user access keys).

After you tracked it down, I would highly suggest implementing the Data Lifecycle Manager instead of doing anything yourselves, but I have a hunch you're already planning this, just needed to mention.

Related

Adding CloudFlare to S3 bucket
ubuntu only use 8 cpu for RX and TX queue with vmxnet3
Detect process that is doing an outbound DDoS attack [duplicate]
ESXi PCI passthrough SmartArray P812 with 12TB MSA60
How to re-create Qmail queue
windows server 2008 cannot connect to internet [closed]
Replicate Gmail [email protected] functionality using Postfix
migrating imap using imapsync
Adding cname without putting the subdomain
TCP/UDP Connection States documentation
Why do nslookup result differ when adding www? [closed]
Two IP addresses one network interface and virtualization