How to minimize your cloud spending on AWS resources using Systems Manager Automation documents

awsmine

Revathi Joshi

Posted on March 8, 2024

How to minimize your cloud spending on AWS resources using Systems Manager Automation documents

An easy way to accomplish unneccessary spending and to minimize infrastructure when it’s not under heavy use, is - by turning off Amazon Elastic Compute Cloud (Amazon EC2) and Amazon Relational Database Service (Amazon RDS) instances for workloads outside of business hours. For workloads that cannot be turned off (due to dependencies on other systems), downsizing instance types is a good alternative.

Applying these measures you can save companies up to 70% in infrastructure costs.

In this post, I will show you how to use AWS Systems Manager Automation documents to turn off your Amazon EC2 and Amazon RDS instances. These Automation documents can then be scheduled for known low usage periods such as nights, holidays, and weekends.

You can use pre-defined Automation documents (prefixed with AWS) or define your own. These can be invoked on a schedule or via a trigger. For more information, check Systems Manager automation.

Let’s get started!

Please visit my GitHub Repository for EC2 articles on various topics being updated on constant basis.
Please visit my GitHub Repository for RDS articles on various topics being updated on constant basis.

For my article, I am going to use pre-defined Automation documents:

AWS-StartEC2Instance
AWS-StopEC2Instance
AWS-StartRdsInstance

Objectives:

1. Create an RDS database

2. Create EC2 Instance

3. Create an IAM Role

4. Add an Inline Policy to the IAM Role to allow Systems Manager to manage RDS Instance

5. Create an Association - Scheduling through State Manager to stop EC2 Instance

6. Create an Association - Scheduling through State Manager to stop RDS database

Pre-requisites:

  • AWS user account with admin access, not a root account.
  • Create an IAM role

Resources Used:

AWS Systems Manager Automation
AWS Systems Manager
State Manager Associations
IAM
EC2
RDS

Steps for implementation to this project:

1. Create an RDS database

1

Image description
2

Image description
3

Image description
4

Image description
5

Image description
6

Image description
7

Image description
8

Image description
9

Image description
10

Image description
11

Image description
12

Image description

Image description

2. Create EC2 Instance

1

Image description
2

Image description
3

Image description
4

Image description
5

Image description
6

Image description
7

Image description

8

Image description

3. Create an IAM Role

1

Image description
2

Image description
3

Image description

  • Next 4

Image description

  • Next

5

Image description
6

Image description

  • Create role

4. Add an Inline Policy to the IAM Role to allow Systems Manager to manage RDS Instance

  • Find out the ARN of your RDS database

Image description

Image description

  • Choose the role that you just created.
  • In the Permissions tab, choose Add inline policy, select the JSON tab, and replace the JSON content with the following code.
  • Make sure you replace both resource parameters with one or more ARNs of your databases
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "rds:StopDBInstance",
                "rds:StartDBInstance"
            ],
            "Resource": "arn:aws:rds:us-east-1:xxxxxxxxxxxx:cluster:database-1"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "rds:DescribeDBInstances",
            "Resource": "arn:aws:rds:us-east-1:xxxxxxxxxxxx:cluster:database-1"
        }
    ]
}
Enter fullscreen mode Exit fullscreen mode

1

Image description

2

Image description

  • Next

3

Image description

  • Create policy

Image description

5. Create an Association - Scheduling through State Manager to stop EC2 Instance

1

Image description
2

Image description
3

Image description
4

Image description

5

  • select the SSM Automation document named AWS-StopEC2Instance.
  • press Enter Image description

6

Image description
7

  • For a single EC2, choose Simple execution.
  • in the Input parameters section enter the EC2 instance id
  • In the AutomationAssumeRole box, pick the role EC2toSystemsManager.

Image description
8

  • In the Specify schedule section, choose On Schedule and CRON schedule builder.
  • Under Association runs, choose the last option, then choose Day, enter 18 and 00. You should now have the following: “Every Day at 18:00”. (that means Stop the EC2 instance at 6:00 pm or 18:00).
  • To ensure that the association doesn’t run upon creation, choose the Apply association only at the next specified cron interval check box.

Image description

  • Create association
  • you should now see your association in the list.

Image description

  • After waiting for 10-15 min, stops the EC2 instance

Image description

6. Create an Association - Scheduling through State Manager to stop RDS database

  • Follow all the steps as you did for AWS-StopEC2Instance

1

Image description

2

Image description

3

  • Use AWS-StopRDSInstance

Image description

4
Image description

5

  • In the Specify schedule section, choose On Schedule and CRON schedule builder.
  • Under Association runs, choose the last option, then choose Day, enter 18 and 20. You should now have the following: “Every Day at 18:20”. (that means Stop the EC2 instance at 6:20 pm or 18:20).
  • To ensure that the association doesn’t run upon creation, choose the Apply association only at the next specified cron interval check box.

Image description

6
Image description

  • After waiting for 10-15 min, stops the RDS database

Image description

Cleanup

  • delete RDS Database
  • delete EC2 instance
  • delete Association

What we have done so far

I showed you how to cut off your cloud spending for stopping EC2, and Amazon RDS instances based on a schedule.

💖 💪 🙅 🚩
awsmine
Revathi Joshi

Posted on March 8, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related