AWS Public Sector Blog

Reduce IT costs by implementing automatic shutdown for Amazon EC2 instances

AWS branded background design with text overlay that says "Reduce IT costs by implementing automatic shutdown for Amazon EC2 instances"

To remain viable and continue to fulfill their mission, educational institutions are constantly seeking ways to optimize their IT costs while maintaining high-quality services. One often overlooked area for potential savings is the management of cloud resources, particularly Amazon Elastic Compute Cloud (Amazon EC2) instances. Many universities and colleges find themselves facing unexpected costs when EC2 instances are left running during off-peak hours or periods of inactivity.

In this post, I explore how higher education customers can implement automatic shutdown mechanisms for EC2 instances, significantly reducing cloud expenses. I show two straightforward and practical methods:

  1. Using Amazon CloudWatch alarms to dynamically shut down instances based on inactivity.
  2. Using AWS Lambda with Amazon EventBridge for scheduled and batch processing.

These approaches not only cut costs but also support sustainable IT practices in higher education.

Prerequisites

Prior to starting, make sure you have:

  1. An Amazon Web Services (AWS) account with appropriate permissions
  2. Basic familiarity with Amazon EC2, CloudWatch, Lambda, AWS Identity and Access Management (IAM), and EventBridge
  3. Basic Python programming knowledge

Method 1: Using CloudWatch alarms for dynamic instance shutdown

This method is ideal for automatically managing instances based on their activity levels. It provides fine-grained control over shutdown criteria, which means you can dynamically optimize resource usage and costs. By monitoring inactivity periods, CloudWatch alarms can trigger shutdowns for idle instances, ensuring efficient resource allocation across your AWS environment.

Step 1: Find your EC2 instance

To find your EC2 instance and create a CloudWatch alarm, follow these steps:

  1. On the Amazon EC2 console, select the instance you want to automatically shut down.
  2. Choose the + icon in the Alarm status column to create a CloudWatch alarm, as shown in the following screenshot.

Figure 1. Create a CloudWatch alarm on the EC2 console.

Step 2: Create a CloudWatch alarm

To create a CloudWatch alarm to automatically stop the instance when its CPU utilization remains at or below 3 percent for 1 hour, indicating inactivity, set the following on the Manage CloudWatch alarms page:

  1. Choose Create an alarm.
  2. (Optional) Enable Alarm notification and configure an Amazon Simple Notification Service (Amazon SNS) topic to receive alarm notification.
  3. Enable Alarm action and choose Stop.
  4. In the Alarm thresholds section, configure:

– In Group samples by, choose Average

– In Type of data to sample, choose CPU Utilization.

– In Alarm when, choose <=

– In Percent, choose 3

– In Consecutive period, choose 1

– In Period, choose 1 Hour

– Name your alarm (for example, AutoShutdownInstance).

– Enter an alarm description.

  1. Choose Create.

One potential pitfall of setting the CloudWatch alarm to automatically shut down the instance is inadvertently stopping instances that are performing critical background tasks with low CPU usage. To mitigate this risk, carefully review your instances’ workload patterns before implementing the automatic shutdown mechanism. Consider using additional metrics beyond CPU utilization, such as network activity or custom application metrics, to provide a more comprehensive assessment of instance activity.

Method 2: Using Lambda with EventBridge for scheduled and batch processing

This method offers enhanced scalability and flexibility, suitable for managing multiple instances across your educational institution’s AWS environment. It allows for both scheduled shutdowns at predetermined times and batch processing of instances based on resource tags, providing comprehensive control over your Amazon EC2 resource management.

Architecture

The solution architecture in the following diagram showcases how we use AWS services to automatically shut down EC2 instances based on predefined EventBridge schedules and resource tags, enabling efficient resource utilization and cost optimization.

Figure 2. Using Lambda with EventBridge for scheduled and batch processing.

Step 1: Create a Lambda function

To create a Lambda function, follow these steps:

  1. On the AWS Lambda console, choose Create function.
  2. Choose Author from scratch.
  3. Give the function a name, for example, “auto-stop-instances.
  4. For Runtime, choose Python 3.13.
  5. Choose Create function.
  6. On the Function page, on the Code tab, replace the default code with the following: 
    ```python
import boto3

def lambda_handler(event, context):
    # Initialize the EC2 client
    ec2 = boto3.client('ec2')
    
    # Define the tag key and value to identify instances to be stopped
    tag_key = 'AutoStop'
    tag_value = 'True'
    
    # Get a list of all instances
    instances = ec2.describe_instances(Filters=[{'Name': 'tag:'+tag_key, 'Values': [tag_value]}])
    
    # Iterate through reservations and instances
    for reservation in instances['Reservations']:
        for instance in reservation['Instances']:
            instance_id = instance['InstanceId']
                    
            # Check the current state of the instance
            instance_state = instance['State']['Name']
                  
            # If the instance is running, stop it
            if instance_state == 'running':
                ec2.stop_instances(InstanceIds=[instance_id])
                print(f"Stopped EC2 instance {instance_id}")
            else:
                print(f"EC2 instance {instance_id} is in state {instance_state}, skipping.")
```
    Python

    You can replace the variable values for tag_key and tag_value to the values you want to assign to the EC2 instances.

  7. Deploy the function.

Step 2: Modify the Lambda function execution role

To modify the Lambda function execution role, follow these steps:

  1. On the Lambda function page, on the Configuration tab, in the navigation pane, choose Permissions.
  2. Under Role name, choose the role link to open the Lambda function execution role in the IAM console.

    Figure 3. Open Lambda function execution role.

  3. On the IAM role page, choose Add permissions, then Create inline policy.
  4. Use the JSON editor and replace the default policy with the following policy: 
    ```json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2:StopInstances",
                "ec2:DescribeInstances"
            ],
            "Resource": "*"
        }
    ]
}
```
    JSON

    The Amazon EC2 ec2:Describe* API actions do not support resource-level permissions, which means you cannot restrict users’ access to view specific resource in the console. This is why the * wildcard is required in the Resource element of the IAM policy statement.

  5. Choose Next.
  6. Give the policy a name, for example auto-stop-instance-policy.
  7. Choose Create policy.

Step 3: Create an EventBridge schedule

To create an EventBridge schedule, follow these steps:

  1. On the Amazon EventBridge console, in the navigation pane, choose Schedules, then choose Create schedule.
  2. On the schedule detail page, give the schedule a name, for example “auto-stop-instances.
  3. In the Schedule pattern section, configure:
    • In Occurrence, choose Recurring schedule.
    • In Time zone, choose the time zone for the schedule.
    • In Schedule type, choose Cron-based schedule.
    • In Cron expression, enter your parameters. For example, you can enter 0 17 * * ? * as the cron expression to trigger at 17:00 every day, as shown in the following screenshot.
    • In Flexible time window, choose Off.
    • Choose Next.

      Figure 4. Example cron expression for 17:00 every day.

  4. On the Select target page, choose Templated targets, then choose AWS Lambda.
  5. Choose the Lambda function you created in Step 1 as the target. Choose Next.
  6. Keep the default settings on the Settings. Choose Next.
  7. Review the settings, then choose Create schedule.

Step 4: Tag your EC2 instances

For each EC2 instance you want to automatically shut down, add a tag with the key and value you set in the Python code of the Lambda function created in step 1. The default (key, value) pair is:

tag_key = 'AutoStop'
tag_value = 'True'

You can apply tags to EC2 instances by using the Tags tab on the relevant Amazon EC2 console screen, or you can use the Tag Editor in the AWS Resource Groups console. Now, the Lambda function will automatically stop all EC2 instances with the resource tag at the scheduled time.

Implementation success story

Our customers in higher education have implemented both methods across their AWS environment:

  • Method 1 – Using Amazon CloudWatch alarms to dynamically shut down instances based on inactivity. This was applied to critical instances that required individual monitoring and immediate action upon detecting prolonged inactivity.
  • Method 2 – Using AWS Lambda with Amazon EventBridge for scheduled and batch processing. This approach was implemented for use cases where automated, scheduled shutdown of multiple instances proved more efficient. A prime example is in educational settings where EC2 instances frequently remain active after hands-on labs and courses have concluded. This method allows for systematic, timely shutdown of resources, preventing unnecessary costs and optimizing resource utilization across the institution’s AWS environment.

The results are significant:

  • More than 30 percent reduction in overall EC2 costs within the first month
  • Improved resource allocation, allowing for investment in other critical IT initiatives
  • Enhanced sustainability practices by reducing unnecessary compute usage

Best practices and considerations

  1. Regular review – Periodically review your automatic shutdown settings to verify they align with changing usage patterns.
  2. Communication – Make certain all team members are aware of the automatic shutdown policies to prevent unexpected interruptions.
  3. Exceptions handling – Implement a process for temporarily excluding instances from automatic shutdown during critical periods.
  4. Monitoring and logging – Configure comprehensive logging to track shutdown events and any potential issues.
  5. Cost analysis – Regularly analyze the cost savings achieved through automatic shutdown to demonstrate return on investment (ROI) to stakeholders.

Clean up

To avoid ongoing costs, remember to delete the resources you created during this tutorial if you no longer need them:

  1. Delete the CloudWatch alarms you created.
  2. Stop or terminate any EC2 instances used for testing.
  3. Delete the Lambda function created.
  4. Delete the EventBridge schedule.
  5. Delete any IAM roles or policies created specifically for this tutorial.

By cleaning up these resources, you avoid charges for unused services. Always review your AWS account to confirm all unnecessary resources are removed.

Conclusion

Implementing automatic shutdown for EC2 instances can significantly reduce IT costs in educational institutions. By using two practical methods, universities can align their cloud usage with actual demand, improving budget management and supporting sustainable IT practices. The first method uses Amazon CloudWatch alarms to dynamically shut down instances based on inactivity, ideal for monitoring critical resources. The second method uses AWS Lambda with Amazon EventBridge for scheduled and batch processing, enabling efficient management of multiple instances. These approaches help optimize the use of EC2 resources, shutting down when not needed and thereby minimizing unnecessary expenses.

I encourage you to implement these methods in your AWS environment and share your experiences. Remember, optimizing your cloud costs is an ongoing process. Stay informed about the latest AWS features and best practices to maximize the value you get from your cloud investment.

Next steps

To further optimize your AWS environment and manage costs effectively, consider the following resources:

  • AWS Well-Architected Framework – Study the Cost Optimization pillar, which provides guidance on running systems at the lowest price point while maintaining business value.
  • Cost Optimization with AWS – Explore this comprehensive webpage for an overview of strategies to optimize cloud spending and improve efficiency across AWS services.
  • Amazon EC2 Cost and Capacity Optimization – Visit this service page to learn how to save money on compute resources while maximizing efficiency.
  • Instance Scheduler on AWS – For users with advanced AWS skills and resources to maintain a more comprehensive solution, explore this AWS Solution that provides additional flexibility and features for scheduling EC2 and Amazon Relational Database Service (Amazon RDS) instances across multiple AWS accounts and regions.
  • Using Amazon CloudWatch alarms – Consult the user guide for detailed instructions on setting up alarms and monitoring your AWS resources effectively.
  • AWS Lambda – Dive into the AWS Lambda Developer Guide to master the creation and management of Lambda functions for serverless computing.
  • Amazon EventBridge – Review the Amazon EventBridge User Guide to learn how to schedule automated tasks and create event-driven architectures in your AWS environment.

By using these resources, you’ll be well-equipped to implement cost-effective solutions and optimize your AWS infrastructure.