AWS Introduction
AWS Pricing
AWS Threats
AWS Misconfigurations
- Getting Started with AWS Audit
- Permissions required for Misconfigurations Detection
- API Gateway Audit
- Cloudformation Audit
- CloudFront Audit
- CloudTrail Audit
- Cloudwatch Audit
- DynamoDB Audit
- EC2 Audit
- Elastic Search Audit
- ELB Audit
- IAM Audit
- KMS Audit
- Kubernetes Audit
- Lambda Audit
- RDS Audit
- Redshift Audit
- Route53 Audit
- S3 Audit
- Security Groups Audit
- SES Audit
- SNS Audit
- IAM Deep Dive
- App Sync Audit
- Code Build Audit
- Open Search Audit
- Shield Audit
- SQS Audit
EC2 Instances Should Not Be Underutilized
More Info:
Underutilized EC2 instances should be downsized in order to optimize your AWS costs.
Risk Level
Low
Address
Cost optimization
Compliance Standards
AWSWAF
Triage and Remediation
Remediation
To remediate the misconfiguration of underutilized EC2 instances in AWS, you can follow the below steps:
- Log in to your AWS Management Console.
- Go to the EC2 Dashboard.
- Click on the “Instances” option from the left-hand side menu.
- Select the underutilized EC2 instance(s) that you want to remediate.
- Click on the “Actions” button and select “Create Image” from the dropdown list.
- Enter the required details for creating an image of the instance and click on the “Create Image” button.
- Once the image is created, go to the “AMIs” section from the left-hand side menu.
- Select the newly created AMI and click on the “Launch” button.
- Follow the on-screen instructions to launch a new instance from the AMI.
- Once the new instance is launched, you can terminate the underutilized instance(s) to save costs.
By creating an AMI of the underutilized EC2 instance and launching a new instance from it, you can ensure that the new instance is properly configured and optimized for your workload. This will help you avoid underutilization of your EC2 instances and reduce your AWS costs.
To remediate EC2 instances that are underutilized in AWS using AWS CLI, you can follow these steps:
- Identify the underutilized EC2 instances by checking their CPU utilization metrics. You can use the following AWS CLI command to get the CPU utilization metrics for all running instances in your account:
aws cloudwatch get-metric-statistics --namespace "AWS/EC2" --metric-name "CPUUtilization" --dimensions "Name=InstanceId,Value=INSTANCE_ID" --start-time START_TIME --end-time END_TIME --period 300 --statistics "Average"
Replace INSTANCE_ID with the ID of the instance you want to check, START_TIME and END_TIME with the time range you want to check.
- Once you have identified the underutilized instances, you can take the following actions:
- Resize the instance: If the instance is underutilized because it has too few resources, you can resize the instance to a larger size using the
modify-instance-attributeAWS CLI command.
aws ec2 modify-instance-attribute --instance-id INSTANCE_ID --instance-type INSTANCE_TYPE
Replace INSTANCE_ID with the ID of the instance you want to resize and INSTANCE_TYPE with the new instance type.
- Terminate the instance: If the instance is underutilized because it is no longer needed, you can terminate the instance using the
terminate-instancesAWS CLI command.
aws ec2 terminate-instances --instance-ids INSTANCE_ID
Replace INSTANCE_ID with the ID of the instance you want to terminate.
- Monitor the CPU utilization metrics of your instances regularly to ensure they are not underutilized or overutilized. You can set up CloudWatch alarms to notify you when the CPU utilization exceeds or falls below a certain threshold.
By following these steps, you can remediate the misconfiguration of underutilized EC2 instances in AWS.
To remediate EC2 instances that are underutilized in AWS using Python, you can follow the below steps:
-
Identify underutilized instances:
- Use AWS SDK for Python (Boto3) to get the list of all EC2 instances.
- For each instance, get its CPU utilization metric using CloudWatch.
- If the average CPU utilization is below a certain threshold (e.g. 20%) for a certain period (e.g. 7 days), mark the instance as underutilized.
-
Stop underutilized instances:
- Use Boto3 to stop the identified underutilized instances.
- Before stopping the instance, make sure that it is not being used for any critical application or service.
-
Schedule start/stop instances:
- Use AWS Lambda and CloudWatch Events to schedule start/stop instances based on the usage pattern.
- For example, you can start instances during peak hours and stop them during off-hours to save costs.
-
Resize underutilized instances:
- Use AWS Auto Scaling to resize instances based on their usage pattern.
- For example, you can increase the instance size during peak hours and decrease it during off-hours to optimize costs.
-
Monitor and optimize:
- Monitor the instances regularly to ensure that they are not underutilized or overutilized.
- Optimize the instances based on the usage pattern and workload requirements to minimize costs and maximize performance.
Note: It is important to ensure that the remediation process does not affect the availability and performance of critical applications or services running on the EC2 instances.