Benchmark: EC2 Checks
Thrifty EC2 Benchmark
Thrifty developers eliminate their unused and underutilized EC2 instances. This benchmark focuses on finding resources that have not been restarted recently, have low utilization, using very large instance sizes, and reserved instances scheduled to expire within the next 30 days or have expired in the preceding 30 days.
Variables
Variable | Description | Default |
---|---|---|
ec2_instance_allowed_types | A list of allowed instance types. PostgreSQL wildcards are supported. | ["%.nano", "%.micro", "%.small", "%.medium", "%.large", "%.xlarge", "%._xlarge"] |
ec2_instance_avg_cpu_utilization_high | The average CPU utilization required for instances to be considered frequently used. This value should be higher than ec2_instance_avg_cpu_utilization_low . | 35% |
ec2_instance_avg_cpu_utilization_low | The average CPU utilization required for instances to be considered infrequently used. This value should be lower than ec2_instance_avg_cpu_utilization_high . | 20% |
ec2_reserved_instance_expiration_warning_days | The number of days reserved instances can be running before sending a warning. | 30 days |
ec2_running_instance_age_max_days | The maximum number of days instances are allowed to run. | 90 days |
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-thrifty
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select EC2 Checks.
Run this benchmark in your terminal:
powerpipe benchmark run aws_thrifty.benchmark.ec2
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_thrifty.benchmark.ec2 --share
Controls
- Application load balancers having no targets attached should be deleted
- Classic load balancers having no instances attached should be deleted
- Gateway load balancers having no targets attached should be deleted
- EC2 instances should not use older generation t2, m3, and m4 instance types
- EC2 instances without graviton processor should be reviewed
- Network load balancers having no targets attached should be deleted
- EC2 reserved instances scheduled for expiration should be reviewed
- Which EC2 instances have very low CPU utilization?
- Large EC2 instances should be reviewed
- Long running EC2 instances should be reviewed