Which solution will accomplish this?

By:
On:
In: DOP-C01
Tagged:
With: 0 Comments
A company that runs many workloads on AWS has an Amazon EBS spend that has increased over time.The DevOps team notices there are many unattachedEBS volumes.Although there are workloads where volumes are detached, volumes over 14 days old are stale and no longer needed.A DevOps engineer has been tasked with creating automation that deletes unattached EBS volumes that have been unattached for 14 days.

Which solution will accomplish this?

Configure the AWS Config ec2-volume-inuse-check managed rule with a configuration changes trigger type and an Amazon EC2 volume resource target. Create a new Amazon CloudWatch Events rule scheduled to execute an AWS Lambda function in 14 days to delete the specified EBS volume.

Use Amazon EC2 and Amazon Data Lifecycle Manager to configure a volume lifecycle policy. Set the interval period for unattached EBS volumes to 14 days and set the retention rule to delete. Set the policy target volumes as *.

Create an Amazon CloudWatch Events rule to execute an AWS Lambda function daily. The Lambda function should find unattached EBS volumes and tag them with the current date, and delete unattached volumes that have tags with dates that are more than 14 days old.

Use AWS Trusted Advisor to detect EBS volumes that have been detached for more than 14 days. Execute an AWS Lambda function that creates a snapshot and then deletes the EBS volume.

Explanations:

The AWS Config rule “ec2-volume-inuse-check” does not directly support deleting unattached volumes, and AWS Lambda is not triggered by configuration changes in this case. CloudWatch Events also does not trigger Lambda based on volume attachment status alone without additional configuration.

Amazon Data Lifecycle Manager is for creating policies for backup and snapshot management, not for automatically deleting unattached volumes. It doesn’t offer a way to set a retention rule to delete unattached EBS volumes after a certain period.

This approach involves using a CloudWatch Events rule to run a Lambda function that checks for unattached EBS volumes, tags them with the current date, and deletes those that have been unattached for 14 days, which is exactly what the task requires.

AWS Trusted Advisor can identify unattached EBS volumes, but it does not provide automated actions to delete volumes. Additionally, the Lambda function would not typically create snapshots for deletion, and automation using Trusted Advisor isn’t intended for this specific use case.

Leave a Reply

Your email address will not be published. Required fields are marked *

3 × 4 =