How to Clean Up AWS EBS Volumes
When EC2 instances are removed, their storage volumes are sometimes left behind. Resoto can find and delete these unused storage volumes.
This guide assumes that you have already installed and configured Resoto to collect your AWS cloud resources.
Execute the following command in Resoto Shell to open the Resoto Worker configuration for editing:
> config edit resoto.worker
Enable cleanup by modifying the
resotoworkersection of the configuration as follows:
# Enable cleanup of resources
# Do not actually cleanup resources, just create log messages
# How many cleanup threads to run in parallel
When cleanup is enabled, marked resources will be deleted as a part of the
collect_and_cleanupworkflow, which runs each hour by default.tip
trueto simulate cleanup without actually deleting resources.
Execute the following search in Resoto Shell to list all unused EBS volumes:
> search is(ebs_volume) and not /ancestors.instance
Refine the search criteria to only include unmounted volumes older than 30 days that have not been accessed in the last 7 days, in specific accounts:
> search is(aws_ec2_volume) and /ancestors.account.reported.name in [eng-jenkins,eng-development] and volume_status = available and age > 30d and last_access > 7d
Now that we've defined the search for unused EBS volumes, simply pipe the result of the search query to the
> search is(aws_ec2_volume) and /ancestors.account.reported.name in [eng-jenkins,eng-development] and volume_status = available and age > 30d and last_access > 7d | cleannote
cleancommand flags a resource for cleanup.
Cleanup is performed whenever the
The workflow runs every hour by default, but can also be manually triggered using the
workflow run cleanupcommand.
Automate flagging unused EBS volumes for cleanup by creating a job:
> jobs add --id cleanup-unused-volumes --wait-for-event cleanup_plan 'search is(aws_ec2_volume) and /ancestors.account.reported.name in [eng-jenkins,eng-development] and volume_status = available and age > 30d and last_access > 7d | clean'
The job will now run each time Resoto emits the
post_cleanup_plan event. The
post_cleanup_plan event is emitted in the
cleanup phase of the
Each time the job runs, unused storage volumes will be flagged for removal during the next cleanup run.