Reserved Instances Should Not Be Unused

More Info:

AWS EC2 Reserved Instances should be fully utilized.

Risk Level

Low

Address

Cost Optimisation

Compliance Standards

AWSWAF

Triage and Remediation

Remediation

Using Console

Using CLI

To remediate the issue of unused reserved instances in AWS using AWS CLI, follow these steps:

Identify the unused reserved instances by running the following command:

aws ec2 describe-reserved-instances --filters "Name=state,Values=active" "Name=instance-state-name,Values=stopped" --query "ReservedInstances[].{ID:ReservedInstancesId,Type:InstanceType,State:State,Count:InstanceCount,Start:Start,End:End}" --output table

This command will list all the reserved instances that are in active state but not being used.

Once you have identified the unused reserved instances, you can either modify or delete them. To modify the unused reserved instances, you can change the instance type or the availability zone to match your current usage. To modify a reserved instance, run the following command:
```
aws ec2 modify-reserved-instances --reserved-instances-id <reservation-id> --target-configuration InstanceCount=<new-count>,InstanceType=<new-type>,AvailabilityZone=<new-zone>
```
Replace <reservation-id> with the ID of the unused reserved instance, <new-count> with the number of instances you want to reserve, <new-type> with the instance type you want to reserve, and <new-zone> with the availability zone you want to reserve the instance in. To delete the unused reserved instances, run the following command:
```
aws ec2 cancel-reserved-instances-merchandise --reserved-instances-id <reservation-id>
```
Replace <reservation-id> with the ID of the unused reserved instance you want to delete.
Verify that the unused reserved instances have been modified or deleted by running the command in step 1 again.

Using Python

To remediate the misconfiguration “Reserved Instances Should Not Be Unused” in AWS using python, follow these steps:

Identify the unused reserved instances in your AWS account. You can do this by using the AWS SDK for Python (boto3) to list all your reserved instances and their utilization status.

import boto3

# Create an EC2 client
ec2 = boto3.client('ec2')

# List all the reserved instances
reserved_instances = ec2.describe_reserved_instances()

# Identify the unused reserved instances
unused_reserved_instances = []
for ri in reserved_instances['ReservedInstances']:
    if ri['State'] == 'active' and ri['InstanceCount'] > 0 and ri['InstanceCount'] == ri['AvailableInstanceCount']:
        unused_reserved_instances.append(ri['ReservedInstancesId'])

Once you have identified the unused reserved instances, you can either sell them on the AWS Reserved Instance Marketplace or exchange them for other instances that you need. To sell the unused reserved instances, you can use the AWS SDK for Python (boto3) to create a listing on the AWS Reserved Instance Marketplace.

import boto3

# Create an EC2 client
ec2 = boto3.client('ec2')

# Create a listing for the unused reserved instances
response = ec2.create_reserved_instances_listing(
    ReservedInstancesId='YOUR_RESERVED_INSTANCE_ID',
    InstanceCount=1,
    PriceSchedules=[
        {
            'Term': 12,
            'Price': 1000.0,
            'CurrencyCode': 'USD'
        },
    ],
    ClientToken='YOUR_CLIENT_TOKEN'
)

If you want to exchange the unused reserved instances for other instances, you can use the AWS SDK for Python (boto3) to modify the reserved instances.

import boto3

# Create an EC2 client
ec2 = boto3.client('ec2')

# Modify the unused reserved instances to exchange them for other instances
response = ec2.modify_reserved_instances(
    ReservedInstancesIds=[
        'YOUR_RESERVED_INSTANCE_ID',
    ],
    TargetConfigurations=[
        {
            'AvailabilityZone': 'us-west-2a',
            'InstanceCount': 1,
            'InstanceType': 't2.micro',
            'Platform': 'Linux/UNIX',
            'Scope': 'Availability Zone',
        },
    ]
)

By following these steps, you can remediate the misconfiguration “Reserved Instances Should Not Be Unused” in AWS using python.

Additional Reading:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-reserved-instances.html

AWS Introduction

AWS Pricing

AWS Threats

AWS Misconfigurations

Reserved Instances Should Not Be Unused

More Info:

Risk Level

Address

Compliance Standards

Triage and Remediation

Remediation

Additional Reading:

AWS Introduction

AWS Pricing

AWS Threats

AWS Misconfigurations

​More Info:

​Risk Level

​Address

​Compliance Standards

​Triage and Remediation

​Remediation

​Additional Reading:

More Info:

Risk Level

Address

Compliance Standards

Triage and Remediation

Remediation

Additional Reading: