This application will automatically detect long running Packer-created instances. Default behaviour is that it will send notifications about this to a created SNS topic, but it can be configured to automatically stop or terminate instances as well.
Please ensure you subscribe to the created SNS topic in order to receive the notifications.
The easiest way to deploy it is by using the Serverless Application Repository. Search for it there and install. Alternatively you can run the provided packaged-sam-template.yml
yourself. Either way, there are 2 parameters that can be provided:
- RunFrequency: When should the applications run checks? Defaults to once per hour
- MaxRuntime: How many hours is a Packer created instance allowed to run before being marked as too long?
- CleaningMethod: What should be done with the instances found? Defaults to only sending a notification, but allows for stopping or terminating the instance. For the stop or terminate options you will need to manually provide additional IAM permissions.
A scheduled CloudWatch Event is automatically created to trigger the function, by default running every hour.
The Serverless Application Repository doesn't allow for the automatic creation of the permissions required for stopping or terminating an instance, so these need to be configured manually. For this you will need to edit the created IAM role and add the following permissions (adjusted for whether you want to stop or terminate).
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:StopInstances",
"ec2:TerminateInstances"
],
"Resource": [
"*"
]
}
]
}
Instances are detected by the name of the SSH key that is automatically generated by Packer. These are named as packer_randomvalue
. Because of this, do not attempt to use this application if you use similar key names for your instances.
Currently the script only cleans up the instances, as those are what cost money. Packer can also creates security groups and keys, but these are not removed as they will require additional IAM permissions.