Skip to main content

How to Clean Up AWS EBS Volumes

When EC2 instances are removed, their storage volumes are sometimes left behind. Resoto can find and delete these unused storage volumes.

Prerequisites​

This guide assumes that you have already installed and configured Resoto to collect your cloud resources.

Directions​

  1. Execute the following command in Resoto Shell to open the Resoto Worker configuration for editing:

    > config edit resoto.worker

  2. Enable cleanup by modifying the resotoworker section of the configuration as follows:

    resotoworker:
      # Enable cleanup of resources
      cleanup: true
      # Do not actually cleanup resources, just create log messages
      cleanup_dry_run: false
      # How many cleanup threads to run in parallel
      cleanup_pool_size: 16

    When cleanup is enabled, marked resources will be deleted as a part of the collect_and_cleanup workflow, which runs each hour by default.

    tip

    Set cleanup_dry_run to true to simulate cleanup without actually deleting resources.

  3. Execute the following search in Resoto Shell to list all unused EBS volumes:

    > search is(ebs_volume) and not /ancestors.instance

  4. Refine the search criteria to only include unmounted volumes older than 30 days that have not been accessed in the last 7 days, in specific accounts:

    > search is(aws_ec2_volume) and /ancestors.account.reported.name in [eng-jenkins,eng-development] and volume_status = available and age > 30d and last_access > 7d

  5. Now that we've defined the search for unused EBS volumes, simply pipe the result of the search query to the clean command:

    > search is(aws_ec2_volume) and /ancestors.account.reported.name in [eng-jenkins,eng-development] and volume_status = available and age > 30d and last_access > 7d | clean
    note

    The clean command flags a resource for cleanup. Cleanup is performed whenever the collect_and_cleanup workflow runs. The workflow runs every hour by default, but can also be manually triggered using the workflow run cleanup command.

  6. Automate flagging unused EBS volumes for cleanup by creating a job:

    > jobs add --id cleanup-unused-volumes --wait-for-event cleanup_plan 'search is(aws_ec2_volume) and /ancestors.account.reported.name in [eng-jenkins,eng-development] and volume_status = available and age > 30d and last_access > 7d | clean'

The job will now run each time Resoto emits the cleanup_plan event. The cleanup_plan event is a part of the collect_and_cleanup workflow and emitted after resource collection is complete but before the cleanup is performed.

Each time the job runs, unused storage volumes will be flagged for removal during the next cleanup run.

Further Reading​