Triage and Remediation
Remediation
Using Console
Using Console
Sure, here are the step by step instructions to remediate the unused AMIs issue in AWS using AWS console:
- Login to your AWS console.
- Go to the EC2 dashboard.
- Click on the “AMIs” option from the left-hand menu.
- Sort the AMIs by the “Creation Date” column to identify the oldest and unused AMIs.
- Select the unused AMIs that you want to remove.
- Click on the “Actions” button and select “Deregister” from the dropdown menu.
- Confirm the deregistration by clicking on the “Deregister” button in the confirmation window.
- Once the AMI is deregistered, you can delete the associated EBS snapshots by selecting the AMI and clicking on the “Snapshots” tab.
- Select the associated EBS snapshot(s) and click on the “Actions” button.
- From the dropdown menu, select “Delete” and confirm the deletion.
Using CLI
Using CLI
To remediate the misconfiguration of unused AMIs in AWS using AWS CLI, follow the below steps:This command will list all the AMIs that are not in use and have a Name tag.Replace Replace
- Open the AWS CLI in your terminal or command prompt.
- List all the AMIs that are not in use by running the following command:
- Identify the AMIs that are not required anymore and make a note of their IDs.
- Deregister the unused AMIs by running the following command:
<AMI-ID> with the actual ID of the unused AMI.- Verify that the AMI has been deregistered by running the following command:
<AMI-ID> with the actual ID of the unused AMI. If the command returns an error stating that the AMI does not exist, then it has been successfully deregistered.By following the above steps, you can remediate the misconfiguration of unused AMIs in AWS using AWS CLI.Using Python
Using Python
To remediate the unused AMIs misconfiguration in AWS using Python, you can follow these steps:This will deregister all the unused AMIs in your AWS account. Make sure to test this code in a non-production environment before running it in a production environment.
-
Install the Boto3 library for Python using pip:
pip install boto3 -
Create an AWS session using the
boto3.Session()method. -
Use the
ec2resource in Boto3 to get a list of all the AMIs currently available in your AWS account. You can use thefilter()method to filter out only the unused AMIs by checking theirstateattribute. For example:
- Once you have the list of unused AMIs, you can use the
deregister_image()method to remove them from your AWS account. For example: