Luuk's AWS engineering blog

Easy automation in AWS using cloud custodian (and reduce spend!)

Luuk's photo
Luuk
·

2 min read

As an engineer or developer, your primary goal is often to deliver new business value. This often puts pressure on tasks like for example improving automation, cost optimization or other maintenance tasks that would make your future work easier.

The video below will help you to implement automation for common operational tasks in minutes using the open source tool cloud custodian.

The focus lies on the use-case of automatically shutting down EC2 instances in dev/test environments. You only write a yaml policy like below, and cloud custodian manages the scheduling, scanning an filtering resources, and execution logic of stopping the instances. It's fully serverless, the costs for running cloud custodian itself are negligible!

Have fun automating!

" data-card-controls="0" data-card-theme="light">

Example policy for EC2

The following policy stops and starts instances that are opted in based on tagging. It excluded autoscaling groups (they would be started again anyway) and also sends a notification via the cloud custidian plugin c7n mailer. If you don't want to use the mailer, feel free to comment out that action.

policies:
  - name: offhours-ec2-stop
    resource: ec2
    mode:
      type: periodic
      schedule: "cron(0/15 * ? * * *)"
      role: arn:aws:iam::{account_id}:role/CloudCustodianAdminRole
    filters:
      - type: onhour
        weekends: false
        default_tz: cet
        tag: offhours:OptIn
        opt-out: false
        onhour: 8
      - "tag:aws:autoscaling:groupName": absent
    actions:
      - stop
      - type: notify
        slack_template: slack
        slack_msg_color: good
        to:
          - https://hooks.slack.com/services/ABCDEFGH/ABCDEFGHIJ/0123456789ABCDEFGHIIJKLMNOP
        transport:
          type: sqs
          queue: https://sqs.us-east-1.amazonaws.com/012345678901/c7n-mailer

  - name: offhours-ec2-start
    resource: ec2
    mode:
      type: periodic
      schedule: "cron(0/15 * ? * * *)"
      role: arn:aws:iam::{account_id}:role/CloudCustodianAdminRole
    filters:
      - type: offhour
        weekends: false
        default_tz: cet
        tag: offhours:OptIn
        opt-out: false
        offhour: 20
      - "tag:aws:autoscaling:groupName": absent
    actions:
      - start
      - type: notify
        slack_template: slack
        slack_msg_color: good
        to:
          - https://hooks.slack.com/services/ABCDEFGH/ABCDEFGHIJ/0123456789ABCDEFGHIIJKLMNOP
        transport:
          type: sqs
          queue: https://sqs.us-east-1.amazonaws.com/012345678901/c7n-mailer

More examples on autoscaling or RDS cost reduction can be found at github.com/CloudNation-nl/Publications/tree...

cost-optimisationAWSaws lambdaCloudAutomate