Understood! Here’s a structured blog post format for your content, including headings, subheadings, and references:
Automating Cost Optimization: Deleting Unattached EBS Volumes Using AWS Lambda and CloudFormation
Managing unused resources in your AWS account is crucial for cost optimization. One common source of unnecessary costs is unattached Elastic Block Store (EBS) volumes. In this guide, we’ll walk you through creating a Lambda function using AWS CloudFormation to identify and delete unattached EBS volumes with specific tags.
Why Automate EBS Volume Cleanup?
Unattached EBS volumes in the Available state can accumulate over time, leading to unnecessary costs. Automating their cleanup ensures your AWS environment stays optimized without manual intervention.
Step 1: Create the CloudFormation Template
The first step is to create a CloudFormation template that provisions the necessary resources, including the Lambda function and its associated IAM role.
Instructions:
- Open your text editor or IDE (e.g., Visual Studio Code).
- Create a new file named
ebs-unattached-volume-cleanup.yaml. - Copy and paste the following CloudFormation template into the file:
AWSTemplateFormatVersion: '2010-09-09'
Description: Lambda function to identify and delete unattached EBS volumes in the 'Available' state.
Resources:
# IAM Role for Lambda Execution
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: LambdaExecutionPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
Resource: arn:aws:logs:*:*:*
- Effect: Allow
Action:
- ec2:DescribeVolumes
- ec2:DeleteVolume
Resource: '*'
# Lambda Function to Delete Unattached EBS Volumes
LambdaFunction:
Type: AWS::Lambda::Function
Properties:
Code:
ZipFile: |
import boto3
def lambda_handler(event, context):
ec2 = boto3.client('ec2')
# Describe volumes with the state 'Available'
try:
response = ec2.describe_volumes(Filters=[
{'Name': 'status', 'Values': ['available']} # Filter by system-defined state
])
print(f"Describe Volumes Response: {response}") # Log the response for debugging
except Exception as e:
print(f"Error describing volumes: {str(e)}")
return
# Check if any volumes are found
if not response['Volumes']:
print("No unattached EBS volumes in the 'Available' state found.")
return # Exit without doing anything
for volume in response['Volumes']:
volume_id = volume['VolumeId']
# Delete the volume
try:
print(f"Deleting volume in 'Available' state: {volume_id}")
ec2.delete_volume(VolumeId=volume_id)
print(f"Successfully deleted volume: {volume_id}")
except Exception as e:
print(f"Failed to delete volume {volume_id}: {str(e)}")
Handler: index.lambda_handler
Role: !GetAtt LambdaExecutionRole.Arn
Runtime: python3.11
Timeout: 60
MemorySize: 128
# EventBridge Rule to Trigger Lambda Function
CleanupScheduleRule:
Type: AWS::Events::Rule
Properties:
ScheduleExpression: cron(0 11 ? * 6 *) # Runs every Friday at 13:00 CEST (11:00 UTC)
Targets:
- Arn: !GetAtt LambdaFunction.Arn
Id: LambdaTarget
State: ENABLED
# Grant EventBridge Permission to Invoke Lambda
LambdaPermissionForEventBridge:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !Ref LambdaFunction
Action: lambda:InvokeFunction
Principal: events.amazonaws.com
SourceArn: !GetAtt CleanupScheduleRule.Arn
- Save the file on your system.
Step 2: Deploy the CloudFormation Template
Once the template is ready, deploy it using the AWS Management Console.
Instructions:
- Log in to the AWS CloudFormation Console.
- Click Create stack and select With new resources (standard).
- Under Specify template, choose Upload a template file and upload the
ebs-unattached-volume-cleanup.yamlfile. - Enter a Stack name (e.g.,
UNATTACHEDEBSVOLUME-Cleanup-Lambda). - Review the stack details, acknowledge the creation of IAM resources, and click Create stack.
Step 3: Verify the Deployment
After the stack is created, verify that the Lambda function and associated resources have been deployed successfully.
Instructions:
- Wait for the stack status to change to CREATE_COMPLETE.
- Navigate to the Resources tab in the CloudFormation stack to find the Lambda function name.
- Go to the AWS Lambda Console to confirm the function exists.
Step 4: Test the Lambda Function
Finally, test the Lambda function to ensure it works as expected.
Instructions:
- Open the Lambda function in the AWS Lambda Console.
- Click Test and create a new test event (you can leave it empty for now).
- Run the test and check the logs to confirm that unattached EBS volumes are being identified and deleted.
Conclusion
By following this guide, you’ve successfully automated the cleanup of unattached EBS volumes using AWS Lambda and CloudFormation. This solution helps reduce unnecessary costs and keeps your AWS environment optimized.
References
