Automating AWS Cost Optimization: A Lambda Function Approach

Automating AWS Cost Optimization: A Lambda Function Approach

In this blog, we delve into the pivotal role of Lambda functions and their profound impact on the tasks of DevOps engineers. Lambda functions, a cornerstone of serverless computing, empower DevOps professionals by streamlining and automating complex tasks. With the ability to run code without the hassle of server management, Lambda functions enhance efficiency, optimize resource utilization, and enable seamless integration into various AWS services. This exploration sheds light on how Lambda functions become an invaluable tool in the toolkit of DevOps engineers, contributing to agile, scalable, and cost-effective cloud operations.

What is Lambda Function?

AWS Lambda is a serverless computing service provided by Amazon Web Services (AWS). It allows you to run code without provisioning or managing servers.

Features:

Serverless Computing

EventDriven Execution

Pay-as-you-go model

Real-Time Use Case :

Scenario: Automated Snapshot Cleanup

Problem Statement:

  • Suppose you want to ensure efficient resource management in AWS and avoid unnecessary costs associated with unattached EBS (Elastic Block Store) snapshots. This means you created unlimited resources that are inactive but are causing unnecessary costs. So we need to create an automated program that runs periodically and removes/deletes these inactive resources

How does AWS Lambda bring the solution?

  1. Lambda Function Creation:

    • Develop a Lambda function that identifies and deletes unattached EBS snapshots. This function utilizes the AWS SDK to interact with the AWS EC2 service.
  2. CloudWatch Events:

    • Schedule the Lambda function to run at specific intervals using CloudWatch Events.

    • For example, you can set it to run daily or weekly to regularly clean up unattached snapshots.

  3. Automation and Cost Optimization:

    • This Lambda function, triggered by CloudWatch, automates the cleanup process, ensuring that unattached EBS snapshots are regularly removed.

    • This automation optimizes costs by preventing the accumulation of unused storage resources.

This explained scenario is our main objective in this project. Let's start the project:

Create an ec2 instance

Here for this instance, we have attached a volume with id vol-0b61a32be947716c3 with 8GB capacity.

Create the Snapshot for Volume.

Go to ec2 dashboard > click "snapshot" > click "create snapshot"

Here, I've selected a volume and chosen the specific volume ID for which I intend to create a snapshot. Feel free to pick the available volume ID that corresponds to the snapshot you wish to generate.

Create lambda function

Search for "Lamda function" in the search bar > click on "lambda" >click "create lambda" then:

Author from scratch

Function name: cost-optimize-ebs-snapshot

Runtime: python 3.12

architecture: x86_64

Permissions: default

Save configuration

Now copy the code for the Lambda from GitHub. Copy the code and paste it into the

editor.

This Python script, utilizing the Boto3 library, defines an AWS Lambda function for the automated cleanup of unattached EBS snapshots. The function fetches all owned snapshots and active EC2 instances and then iterates through the snapshots. Unattached snapshots are promptly deleted, and those attached to volumes not linked to running instances are also removed. Boto3 functions such as describe_snapshots and delete_snapshot simplify AWS interactions, showcasing efficient automation for cost optimization.

save the code and deploy. Once it is deployed, click on test, and a window will open and enter the event name.

As we can see on clicking the Test, our code is failed and shows the following error.

Since the code execution timed out in just 3 seconds, so I have increased the execution time up to 10 seconds.

Remember: Minimizing the execution time is advisable, as AWS charges are influenced by the duration of execution. AWS considers the execution time as a factor in determining costs.

Let's test our code once the execution time is increased to 10 seconds.

We can see that the error indicates that the user, with the given ARN (arn:aws:sts::128571802491:assumed-role/cost-optimize-ebs-snapshot-role-g6a8dccq/cost-optimize-ebs-snapshot), lacks the necessary permissions for the ec2:DescribeSnapshots action. So we are required to attach the policy, granting permissions for the ec2:DescribeSnapshots action.

click on the Execution role, a window will open, and click "Add permissions". Click on Create Inline Policy.

Now we have chosen the policy rules including Describe Snapshots and DeleteSnapshots.

Once completing the configuration click on Create Policy and name the Policy name as below.

Now let's test the code after attaching the policy.

The error DescribeInstance shows that permission is not allowed.

Let's create a new policy that includes: DescribeInstance & DescribeVolume in the same way in which we created the Snapshot policy. Once created save the policy as below.

We can the below policies attached.

Now let's execute and view the output.

Let's conduct a successful test run by deleting our EC2 instance along with the attached volume. Afterward, we'll execute the test to verify whether the unattached snapshot gets deleted or not.

Observing the deletion of an EBS snapshot with the snapshot ID, we have successfully initiated the Lambda function manually. Now, let's streamline this process by automating the execution through the CloudWatch service.

CloudWatch is a monitoring and management service provided by Amazon Web Services (AWS). It helps you collect and track metrics, collect and monitor log files, and set alarms. With CloudWatch, you can gain system-wide visibility into resource utilization, application performance, and operational health.

To attach to the cloudwatch, search cloudwatch in the search bar and click on it.

In the Cloudwatch screen, we can see the events in the left pan and click on rules and then > "Create Rule".

Now create the rule as follows:

Click on "Continue in EventBridge Scheduler"

In this step, choose recurring schedule so that at any time if there is any unattached snapshot, it will automatically deleted once the recurring schedule is executed and for this set the cron job at what time you want the execution to be started.

Now in this step, choose the AWS Lambda as this contains our cost optimization program.

Choose cost-optimize-ebs-snapshot as the Lambda function.

Absolutely! We've successfully set up cost optimization in AWS using a Lambda function and automated it by scheduling the execution with CloudWatch using a cron job. This ensures that unattached snapshots are automatically deleted based on the specified schedule, reducing unnecessary costs and improving resource management.

After the completion of the project do not forget to terminate the services like lambda function, snapshots, and ec2 instances as they may incur higher charges.

Happy Learning!!