Automation
Three different automation tasks have been added to CloudCheckr, which will allow you to remove unused resources from your AWS account:
- Cleanup Security Groups: CloudCheckr will detect security groups that are not assigned to any resources and will purge those security groups for you. Cleanup Security Groups requires the following IAM permission:
ec2:DeleteSecurityGroup
- Cleanup EBS Volumes: CloudCheckr will detect Volumes that are older than 4 weeks with a Status that is not In-Use and purge those Volumes for you. Cleanup Volumes requires the following IAM permission:
ec2:DeleteVolume
- Cleanup Snapshots: CloudCheckr will detect Snapshots that are older than 8 weeks and purge those snapshots for you. Cleanup Snapshots requires the following IAM permission:
ec2:DeleteSnapshot
- Start/Stop EC2 Instances: CloudCheckr will detect EC2 instances based on the criteria that you specify and start or stop those selected EC2 instances automatically. Start/Stop EC2 Instances requires the following IAM permissions:
ec2:StartInstances
ec2:StopInstances
You have the option to manually run these tasks yourself, or have CloudCheckr run these automatically. CloudCheckr will not automatically cleanup any resources unless you explicitly configure the tasks to do so. If you do not add the delete permissions to your IAM policy, CloudCheckr will not be able to run the tasks manually or automatically.