In this occasion we share an AWS Lambda that checks if the EBS are available in an AWS region and with CloudWatch events we call upon to eliminate EBS volume. However, it is also possible to add a tag for EBS volume that is available, and it does not require to be deleted.
Definitions
AWS Lambda “Lambda is a compute service that lets you run code without provisioning or managing servers. Lambda runs your code on a high-availability compute infrastructure and performs all of the administration of the compute resources, including server and operating system maintenance, capacity provisioning and automatic scaling, code monitoring and logging. With Lambda, you can run code for virtually any type of application or backend service.” 1
AWS Elastic Block Store (EBS) “provides block level storage volumes for use with EC2 instances. EBS volumes behave like raw, unformatted block devices.” 2
CloudWatch Events “delivers a near real-time stream of system events that describe changes in Amazon Web Services (AWS) resources. Using simple rules that you can quickly set up, you can match events and route them to one or more target functions or streams.” 3
Warning
We recommend that you execute this configuration first in a controlled environment for tests or sandbox.
Using the next repository
https://github.com/vperezpereira/ebs-delete
- In an AWS account using CloudShell download the git repository and execute the following commands. git clone https://github.com/vperezpereira/ebs-delete.git
sam build
sam deploy --guided
If an error like this occurs using the last command:
“Error: Failed to create changeset for the stack: ebs-ireland, ex: Waiter ChangeSetCreateComplete failed: Waiter encountered a terminal failure state: For expression "Status" we matched expected path: "FAILED" Status: FAILED. Reason: Requires capabilities : [CAPABILITY_NAMED_IAM]”
Execute the following command:
sam deploy --capabilities CAPABILITY_NAMED_IAM
In this point, SAM will require confirmation for deployment
- An AWS Lambda with the code that executes revision and deletes EBS volume.
- A S3 Bucket where the deleted EBS volume is stored.
- Finally, the permissions necessary for deployment.
Result of deploy
The configuration of creating the CloudWatch events rule is not added to the template because we think that it will depend on the requirements of each individual.
- Creating CloudWatch events Rule.
For this demo, we add a Rule each 5 minutes that calls upon that AWS Lambda: ebs-ireland-EBSDelete
We activate and finish the rule creation.
We validate that AWS Lambda has the correct environments, you can also modify them, or add a tag on EBS volume that you wish to protect from elimination.
For a demo, we created two EBS volumes available.
Then the result is that the eliminated EBS volume goes to the S3 Bucket and then we review the file log.
The file indicates that EBS volumes ID were eliminated.
Top comments (0)