Download as PDF, PPTX
![12
Policies
- name: start-hybris-tst01
resource: ec2
filters:
- "tag:environment": tst01
- "State.Name": stopped
- "tag:offhours": present
- type: value
key: "tag:type"
op: regex
value: (tst01_hybrismaster.*)
- type: onhour
tag: type
onhour: 6
default_tz: cet
weekends: true
actions:
- start
- type: unmark
tags: [ "offhours" ]
- name: start-rds-tst01
resource: rds
filters:
- "tag:environment": tst01
- "DBInstanceStatus": stopped
- "tag:offhours": present
- type: onhour
tag: offhours
onhour: 5
default_tz: cet
weekends: true
actions:
- start
- type: unmark
tags: [ "offhours" ]](https://image.slidesharecdn.com/awsmeetupsept19-180920075321/75/AWS-Cost-Control-Cloud-Custodian-12-2048.jpg)
Uploaded byOlinData
AWS Cost Control: Cloud Custodian
This document outlines strategies for optimizing AWS costs based on the lessons learned from Scrooge McDuck. It discusses using the right instance types, reserved instances, spot instances, monitoring usage, redesigning architecture, and removing idle and unnecessary resources. It provides examples of policies for automatically stopping and starting test environments outside of business hours to save on costs. Specifically, it shows policies for suspending auto scaling groups, stopping EC2 instances and RDS databases in test environments during off hours, and resuming them during on hours.
In this document
Powered by AI
Overview of the transformative process of becoming Scrooge McDuck by Choon Ming Goh.
Discusses designing AWS infrastructure, discovering new tools, experimentation, and cost-saving initiatives.
Emphasizes the importance of minimizing spending while using AWS services effectively through various strategies.
Introduces Cloud Custodian policies for managing costs, including monitoring and actions for resources across environments.
Presentation of a demo followed by results, showcasing the effectiveness of the implemented cost-saving measures.
More Related Content
![[Cloud OnAir] Cloud Data Fusion で GCP にデータを集約して素早く分析を開始しよう 2019年10月31日 放送](https://cdn.slidesharecdn.com/ss_thumbnails/1031-191031092923-thumbnail.jpg?width=640&height=640&fit=bounds)
![[GKE & Spanner 勉強会] Cloud Spanner の技術概要](https://cdn.slidesharecdn.com/ss_thumbnails/gke02-200121091040-thumbnail.jpg?width=640&height=640&fit=bounds)
![Naver속도의, 속도에 의한, 속도를 위한 몽고DB (네이버 컨텐츠검색과 몽고DB) [Naver]](https://cdn.slidesharecdn.com/ss_thumbnails/naver-190916181334-thumbnail.jpg?width=640&height=640&fit=bounds)
![[AWSマイスターシリーズ] Instance Store & Elastic Block Store](https://cdn.slidesharecdn.com/ss_thumbnails/20140129aws-meister-reloaded-ephemeral-ebs-public-140130055222-phpapp02-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to AWS Cost Control: Cloud Custodian
![[Jun AWS 201] Technical Workshop](https://cdn.slidesharecdn.com/ss_thumbnails/aws201general201tworkshop-130708040331-phpapp01-thumbnail.jpg?width=640&height=640&fit=bounds)
AWS Cost Control: Cloud Custodian
- 1. The Journey ofBecoming Scrooge McDuck Choon Ming Goh
- 2. ● Designing ourAWS infrastructure ● Discovery of new tools ● Experimentation ● Start spending! 2 The beginning of our journey
- 3. ● Optimisation ● Costsaving initiative ● Integration with third party ● etc... 3 Half way through
- 4. ● Do everythingyou need BUT!! ● Spend as little as you can! ● If possible, do not pay for anything at all 4 Scrooge McDuck lessons!
- 5. ● Use theright instance type ● Reserved instance ● Spot instances ● Monitoring and analysing your usage ● Don’t use AWS support ● Redesign the whole architecture ● Idle resources ● Remove unnecessary resources ● and the list goes on…. 5 AWS cost saving measures
- 6. ● Policy based ●Compliance ● Cost management ● Idle resources 6 Cloud Custodian
- 7. policies: - name: remediate-extant-keys description:Scan through all s3 buckets in an account and ensure all objects are encrypted (default to AES256). resource: s3 actions: - encrypt-keys - name: ec2-require-non-public-and-encrypted-volumes resource: ec2 description: Provision a lambda and cloud watch event target that looks at all new instances and terminates those with unencrypted volumes. mode: type: cloudtrail events: - RunInstances filters: - type: ebs key: Encrypted value: false actions: - terminate 7 Sample Policy
- 8. ● Amazon MachineImages (AMI) ● Application Load Balancers (AppELB) ● Auto Scaling Groups (ASG) ● ElastiCache Clusters ● ElastiCache Cluster Snapshots ● CloudFormation ● Elastic Block Store Volumes (EBS Volumes) ● Elastic Block Store Snapshots (EBS Snapshots) ● Elastic Cloud Compute (EC2) ● Elastic Load Balancers (ELB) ● Key Management Service (KMS) ● Relational Database Service (RDS) ● Relational Database Service DB Clusters (RDS DB Clusters) ● Relational Database Service DB Cluster Snapshots (RDS DB Cluster Snapshots) ● Relational Database Service DB Snapshots (RDS DB Snapshots) ● Redshift ● Simple Storage Service (S3) 8 Supported Resources
- 9. ● Multiple environments ○4 test environments ● Multiple EC2 hosts (SAP) ● Multiple RDS instances ● ECS cluster per environment ○ All test environments share a single cluster ● Tagging ● Public IP 9 Scenario
- 10. 10 Policies - name: suspend-asg-tst resource:asg filters: - "tag:template": tst - "tag:ecs_cluster": app-tst - type: offhour tag: ecs_cluster offhour: 20 default_tz: cet weekends: true actions: - type: resize min-size: 0 max-size: 0 desired-size: 0 save-options-tag: OffhoursPrevious - name: resume-asg-tst resource: asg filters: - "tag:template": tst - "tag:ecs_cluster": app-tst - type: onhour tag: ecs_cluster onhour: 6 default_tz: cet weekends: true actions: - type: resize restore-options-tag: OffhoursPrevious
- 11. 11 Policies - name: stop-hybris-tst01 resource:ec2 filters: - "tag:environment": tst01 - "State.Name": running - type: value key: "tag:type" op: regex value: (tst01_hybrismaster.*) - type: offhour tag: type offhour: 20 default_tz: cet weekends: true actions: - type: mark-for-op tag: "offhours" op: stop - stop - name: stop-rds-tst01 resource: rds filters: - "tag:environment": tst01 - "DBInstanceStatus": available - type: offhour tag: environment offhour: 6 default_tz: cet weekends: true actions: - type: mark-for-op tag: "offhours" op: stop - stop
- 12. 12 Policies - name: start-hybris-tst01 resource:ec2 filters: - "tag:environment": tst01 - "State.Name": stopped - "tag:offhours": present - type: value key: "tag:type" op: regex value: (tst01_hybrismaster.*) - type: onhour tag: type onhour: 6 default_tz: cet weekends: true actions: - start - type: unmark tags: [ "offhours" ] - name: start-rds-tst01 resource: rds filters: - "tag:environment": tst01 - "DBInstanceStatus": stopped - "tag:offhours": present - type: onhour tag: offhours onhour: 5 default_tz: cet weekends: true actions: - start - type: unmark tags: [ "offhours" ]
- 13.
- 14.