Introduction:
We can create Lambda Functions to start and stop EC2 Instances and use cloud watch event to trigger Lambda Function.
High Level Steps are mentioned below:
- Create Lambda functions to start and stop EC2 instances
- Create CloudWatch Events that triggers instances to start in the morning and stop at night
Pre-Requisites:
- SNS Topic created and Subscriptions Confirmed , with ARN noted
- Log Group and Log Streams Created for Lambda Functions
Reference Architecture:
In the above example we can see that , we are triggering Lambda function based on schedule event and then notifying through SNS service once function execution is completed.
STEP1: Create IAM Role for Executing Lambda Function
The IAM Role should include the below permissions for Lambda to execute properly.
- Permissions for Lambda function to stop and start EC2 instances
- Permissions for Lambda Function to publish SNS Notifications through SNS
- Permissions for Lambda Function to push the Logs and Events to CloudWatch
Steps:
- Go to IAM Service
- Select Role
- Select AWS LAMBDA service and Click on Permissions
- Create Policy
- Choose Service
- SNS
- Write – Publish,Subscribe
- Add appropriate SNS ARN , Region and Account ID under Resources Section
- Write – Publish,Subscribe
- EC2
- Write – StartInstances, StopInstances
- CloudWatch Logs
- write – CreateLogGroup,CreateLogStream,PutLogEvents
- Add Appropriate Log Group and Stream in the Resource Section
- write – CreateLogGroup,CreateLogStream,PutLogEvents
- SNS
- Choose Service
- Select the above created Policy and Create the role.
Policy JSON Format
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "SubscribePublishSNS",
"Effect": "Allow",
"Action": [
"sns:Publish",
"sns:Subscribe"
],
"Resource": "<SNS TOPIC ARN>"
},
{
"Sid": "EC2StartandStop",
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:CreateLogGroup",
"logs:PutLogEvents",
"ec2:Start*",
"ec2:Stop*"
],
"Resource": "*"
}
]
}
STEP2: Create Lambda Function
Open the AWS Lambda console and select the Create a Lambda function.
- Select Author from Scratch
- Name the Function
- Select the runtime env of your function . In this case we are choosing "Python 3.7"
- Select "Choose and Existing Role" under "Role" Options
- Select "Role created in Step-1" under "Existing Role"
- Click on "Create Function"
Enter the appropriate python program mentioned below into the Function code editor.
- To Start Instance
import boto3 # Enter the region your instances are in. Include only the region without specifying Availability Zone; e.g.; 'us-east-1' region = 'eu-west-1' # Enter your instances here: ex. ['X-XXXXXXXX', 'X-XXXXXXXX'] instances = ['instance-id1', 'instance-id2'] def lambda_handler(event, context): ec2 = boto3.client('ec2', region_name=region) ec2.start_instances(InstanceIds=instances) print ("Started your instances:" + str(instances)) # Create an SNS client sns = boto3.client('sns') # Publish a simple message to the specified SNS topic response = sns.publish( TopicArn='<SNS TOPIC ARN>', Message='AWS DEV and Stage Instances have been Started! on Non-Prod VPC', ) # Print out the response print(response)
- To Stop instances
import boto3 # Enter the region your instances are in. Include only the region without specifying Availability Zone; e.g., 'us-east-1' region = 'eu-west-1' # Enter your instances here: ex. ['X-XXXXXXXX', 'X-XXXXXXXX'] instances = ['instance-id1', 'instance-id2'] def lambda_handler(event, context): ec2 = boto3.client('ec2', region_name=region) ec2.stop_instances(InstanceIds=instances) print ("stopped your instances:" + str(instances)) # Create an SNS client sns = boto3.client('sns') # Publish a simple message to the specified SNS topic response = sns.publish( TopicArn='<SNS TOPIC ARN>', Message='AWS DEV and Stage Instances have been Stopped on Non-Prod VPC!', ) # Print out the response print(response)
- To Reboot Instances
import boto3 # Enter the region your instances are in. Include only the region without specifying Availability Zone; e.g., 'us-east-1' region = 'eu-west-1' # Enter your instances here: ex. ['X-XXXXXXXX', 'X-XXXXXXXX'] instances = ['instance-id1', 'instance-id2'] def lambda_handler(event, context): ec2 = boto3.client('ec2', region_name=region) ec2.stop_instances(InstanceIds=instances) print ("Rebooted your instances:" + str(instances)) # Create an SNS client sns = boto3.client('sns') # Publish a simple message to the specified SNS topic response = sns.publish( TopicArn='<SNS TOPIC ARN>', Message='AWS DEV and Stage Instances have been Rebooted on Non-Prod VPC!', ) # Print out the response print(response)
In Basic settings, enter 10 seconds for the function Timeout
Choose Save
Repeat the above steps to create another function that stops or Reboots your instances. Choose appropriate Python Programme accordingly
Note: Use a Name and Description that indicate the function purpose
STEP3: Test Lambda Function
1. Open the AWS Lambda console, and then choose Functions.
2. Choose your function, and then choose Test.
3. In Event name, type a name, and then choose Create.
4. Choose Test to execute the function.
2. Choose your function, and then choose Test.
3. In Event name, type a name, and then choose Create.
4. Choose Test to execute the function.
Note: The body of the test event doesn't affect your function, because the function doesn't use it.
STEP4: Create a CloudWatch Event that Triggers Lambda Function
1. Open the Amazon CloudWatch console.
2. Choose Events, and then choose Create rule.
3. Choose Schedule under Event Source.
4. Enter an interval of time or cron expression that tells Lambda when to stop your instances.
2. Choose Events, and then choose Create rule.
3. Choose Schedule under Event Source.
4. Enter an interval of time or cron expression that tells Lambda when to stop your instances.
For more information on the correct syntax, see Schedule Expression Syntax for Rules.
Note: Cron expressions are evaluated in UTC. Be sure to adjust the expression for your preferred time zone.
5. Choose Add target, and then choose Lambda function.
6. For Function, choose the Lambda function that stops your instances.
7. Choose Configure details.
8. Use the following information in the provided fields:
For Name, type a meaningful name, such as "StopEC2Instances."
For Description, add a meaningful description, such as “stops EC2 instances every day at night.”
For State, choose Enabled.
Choose Create rule.
6. For Function, choose the Lambda function that stops your instances.
7. Choose Configure details.
8. Use the following information in the provided fields:
For Name, type a meaningful name, such as "StopEC2Instances."
For Description, add a meaningful description, such as “stops EC2 instances every day at night.”
For State, choose Enabled.
Choose Create rule.
To restart your instances in the morning, repeat these steps and use your preferred start time.
No comments:
Post a Comment