AWS Cloud Cost Optimization — Identifying Stale Resources
Identifying Stale EBS Snapshots
As a devops or cloud engineer its our responsibility to check the resources on cloud and monitor if there is unnecessary resources are there or resource which are no longer in use but developer did not delete that resource it can cause huge billing.
In this project, we’ll create a Lambda function that identifies EBS snapshots that are no longer associated with any active EC2 instance and deletes them to save on storage costs.
Description:
The Lambda function fetches all EBS snapshots owned by the same account (‘self’) and also retrieves a list of active EC2 instances (running and stopped). For each snapshot, it checks if the associated volume (if exists) is not associated with any active instance. If it finds a stale snapshot, it deletes it, effectively optimizing storage costs.
Lets start the project:
First we will create an EC2 instance:
When we create an instance a volume is also created with it and attached to that instance:
Now we will create snapshot of ebs volume of this instance:
Let suppose in future this instance is no longer needed and person deleted the instance and volumes attach to it, but he has taken many snapshots and forgot to delete those snapshot, so we will write a lambda function that will check and delete those unused snapshots.
But currently we have only one snapshot of volume and that volume is attached to instance right now so it will not delete the snapshot:
Use the below python code:
First click on deploy button to save the code then click on test button and create test event:
Increase the default execution time of our function from 3 to 10 seconds as it is a bit bigger code so 3 seconds are not enough:
But this function has not the permission to describe the ebs volumes so that we will assign permission:
We will create new policy for this role so that it can describe ebs volumes:
Name to the policy:
Now our role has this new policy also:
Now try to execute the function, but it should not delete the snapshot as snapshot of volume is currently attached to ec2 instance:
It gave an error:
Because we are also describing ec2 instances and volumes in our function so update the policy again:
Now again test the function, this time it just run successfully but did not delete any snapshot because volume is attached to an instance:
Now delete the instance it will delete the attached volume as well, then re run the the lambda function:
Now it deleted our snapshot:
The scope of this project is very big, you can use this idea for any aws service like S3 buckets, EKS etc.
Thats all in this project.
Github: https://github.com/devops-CloudComputing/AWS_Cost_Optimization_Through_Lambda_Function
