-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathec2-start-stop-lambda-cloudwatch.yaml
159 lines (147 loc) · 5.26 KB
/
ec2-start-stop-lambda-cloudwatch.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
# Usage:
# aws cloudformation --region <region> create-stack --stack-name <stack name> --template-body file://vpc-fargate.yaml
# This template will:
# Create a cron rule in Event Bridge
# Also create corresponding Lambda functions and link the rules
# Which will automate the task of stopping and starting ec2 instances
#
# Example:- This may help you to save some cost by automatically stopping your instances every night
AWSTemplateFormatVersion: '2010-09-09'
Description: Lambda function with cfn-response.
Parameters:
instances:
Default: i-0b7e303c1cb46a2fe
Description: Instance ID's seperated by commers
Type: String
Region:
Default: ap-southeast-1
Description: region only 1 region supported
Type: String
StopScheduled:
Default: cron(0 13 ? * MON-SAT *)
Description: enter an Schedule expression example cron(0 20 ? * MON-SAT *) see https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html
Type: String
StartScheduled:
Default: cron(0 1 ? * MON-SAT *)
Description: enter an Schedule expression example cron(0 8 ? * MON-SAT *) see https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html
Type: String
Resources:
StopEC2Instances:
Type: AWS::Lambda::Function
Properties:
Runtime: python3.8
Role: !GetAtt Role.Arn
Handler: index.lambda_handler
Timeout: 60
Environment:
Variables:
instances: !Ref instances
Region: !Ref Region
Code:
ZipFile: |
import json
import re
import os
import boto3
def lambda_handler(event, context):
# TODO implement
instances_str = os.environ['instances']
region = os.environ['Region']
ec2 = boto3.client('ec2', region_name=region)
instances= re.findall(r"i-[0-9a-z]{17}|i-[0-9a-z]{8}", instances_str)
print('stopped your instances: ' + str(instances) + "in Region "+ region)
ec2.stop_instances(InstanceIds=instances)
return {
'statusCode': 200,
'body': json.dumps('stopped your instances: ' + str(instances))
}
Description: Function that stops instances
permissionForEventsToInvokeStopEC2Instances:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !GetAtt StopEC2Instances.Arn
Action: lambda:InvokeFunction
Principal: events.amazonaws.com
"SourceArn" : !GetAtt StopScheduledRule.Arn
StartEC2Instances:
Type: AWS::Lambda::Function
Properties:
Runtime: python3.8
Role: !GetAtt Role.Arn
Handler: index.lambda_handler
Timeout: 60
Environment:
Variables:
instances: !Ref instances
Region: !Ref Region
Code:
ZipFile: |
import json
import re
import os
import boto3
def lambda_handler(event, context):
# TODO implement
instances_str = os.environ['instances']
region = os.environ['Region']
ec2 = boto3.client('ec2', region_name=region)
instances= re.findall(r"i-[0-9a-z]{17}|i-[0-9a-z]{8}", instances_str)
print('started your instances: ' + str(instances)+ "in Region "+ region)
ec2.start_instances(InstanceIds=instances)
return {
'statusCode': 200,
'body': json.dumps('started your instances: ' + str(instances))
}
Description: Function that started instances
permissionForEventsToInvokeStartEC2Instances:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !GetAtt StartEC2Instances.Arn
Action: lambda:InvokeFunction
Principal: events.amazonaws.com
"SourceArn" : !GetAtt StartScheduledRule.Arn
Role:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- 'sts:AssumeRole'
Path: /
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
Policies:
- PolicyName: Ec2permissions
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- "ec2:StartInstances"
- "ec2:StopInstances"
Resource: '*'
StopScheduledRule:
Type: AWS::Events::Rule
Properties:
Description: "ScheduledRule"
ScheduleExpression: !Ref StopScheduled
State: "ENABLED"
Targets:
-
Arn: !GetAtt StopEC2Instances.Arn
Id: "TargetFunctionV1"
StartScheduledRule:
Type: AWS::Events::Rule
Properties:
Description: "ScheduledRule"
ScheduleExpression: !Ref StartScheduled
State: "ENABLED"
Targets:
-
Arn: !GetAtt StartEC2Instances.Arn
Id: "TargetFunctionV1"