Introduction
Managing cloud costs effectively is crucial for businesses to ensure their AWS spending doesn't spiral out of control. One proactive measure is to automate stopping EC2 instances when costs exceed a predefined threshold. This blog post will guide you through setting up AWS Budgets, SNS, IAM, and Lambda to automatically stop your EC2 instances, ensuring you stay within your budget.
Step 1: Set Up AWS Budgets
First, we need to create a budget that will alert us when our costs are about to exceed our comfort zone.
- Navigate to the AWS Budgets dashboard and click on "Create budget".
- Choose "Cost budget" and fill in the details, such as the budget amount and the period (monthly, quarterly, etc.).
- Under the "Alerts" section, set up an alert threshold (e.g., 90% of your budget) and select "Email contacts" and "SNS topic" as the notification options.
Step 2: Configure an SNS Topic
AWS SNS (Simple Notification Service) will be used to trigger a Lambda function when your budget alert is activated.
- Go to the SNS dashboard and create a new topic.
- Name your topic something recognizable like "BudgetAlerts".
- Once created, note the ARN (Amazon Resource Name) of the SNS topic as it will be needed later.
- Configure Permission Policy for SNS Topic.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowBudgetsNotifications",
"Effect": "Allow",
"Principal": {
"Service": "budgets.amazonaws.com"
},
"Action": "SNS:Publish",
"Resource": "arn:aws:sns:region:account-id:topic-name"
}
]
}
Replace region, account-id, and topic-name with your actual values. region stands for the AWS region, account-id for your AWS account number, and topic-name for the name of your SNS topic.
Step 3: Create an IAM Role for Lambda
Your Lambda function needs the right permissions to stop EC2 instances.
- In the IAM dashboard, create a new role and select AWS Lambda as the use case.
- Attach policies that grant permissions to stop EC2 instances and publish messages to SNS topics.
- Name your role and create it.
Step 4: Deploy a Lambda Function
AWS Lambda will host our code, which listens for SNS notifications and stops running EC2 instances.
Head to the Lambda dashboard and create a new function. Choose "Author from scratch", select the IAM role created in Step 3, and use the following Python code snippet:
import boto3
def lambda_handler(event, context):
ec2 = boto3.client('ec2', region_name='your-region')
instances = ec2.describe_instances(Filters=[{'Name': 'instance-state-name', 'Values': ['running']}])
instance_ids = [i['InstanceId'] for r in instances['Reservations'] for i in r['Instances']]
if instance_ids:
ec2.stop_instances(InstanceIds=instance_ids)
print(f"Stopped instances: {instance_ids}")
else:
print("No running instances to stop.")
- Adjust 'your-region' to match where your instances are deployed.
- Save and deploy the function.
Step 5: Link SNS to Lambda
Configure the SNS topic created in Step 2 to trigger the Lambda function whenever a budget alert is sent.
- In the Lambda function dashboard, add a trigger and select the SNS topic you created.
- Save the changes.
Testing and Monitoring
Before relying on this setup, test it thoroughly:
- You might simulate reaching the budget threshold (if feasible) or trigger the Lambda function manually from the AWS Console to ensure it stops the instances as expected.
- Regularly check your Lambda function's execution logs in CloudWatch for errors or unexpected behavior.
Conclusion
By following these steps, you've built an automated system that helps control AWS costs by stopping EC2 instances when spending exceeds your set budget. This approach not only helps in managing expenses but also inculcates a discipline of resource optimization and cost-awareness across teams.
Remember, while this solution works great as a cost-control measure, ensure you understand the implications of stopping instances on your applications and workflows. Happy cost-saving!