How can I stop an Amazon Aurora cluster for longer than seven days?
I want to stop an Amazon Relational Database Service (Amazon Aurora clusters) for longer than the seven-day duration.
Short description
You can start and stop your Amazon Aurora clusters easily within a few minutes. This feature supports cost-saving for databases that aren't required to be running all the time. You can stop a database (DB) cluster for up to seven days. If you don't manually start your DB cluster after seven days, your DB cluster is automatically started. This happens so that the cluster doesn't fall behind any required maintenance updates.
To stop your Aurora cluster for more than seven days without missing the required maintenance updates, do the following:
1. Set up the AWS Identity Access Management (IAM) permissions to allow AWS Lambda to do the following: Start the instance. Stop the instance. Retrieve information on the instance.
2. Add tags for Aurora clusters that you want to start and stop automatically.
3. Create a Lambda function to start the cluster.
4. Create a Lambda function to stop the cluster.
5. Create a schedule to do the following: Start Aurora cluster at the beginning of the weekly maintenance window. Stop Aurora cluster at the end of the maintenance window.
Resolution
Configure IAM permissions
Create an IAM policy to allow Lambda to start and stop the cluster and retrieve information on the cluster.
1. Open the IAM console.
2. In the navigation pane, choose Policies.
3. Choose Create Policy.
4. Choose the JSON tab.
5. Copy the following policy and paste the policy under the JSON tab to grant the required IAM permissions:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "rds:StartDBCluster", "rds:StopDBCluster", "rds:ListTagsForResource", "rds:DescribeDBInstances", "rds:StopDBInstance", "rds:DescribeDBClusters", "rds:StartDBInstance" ], "Resource": "*" } ] }
6. Choose Next: Tags.
7. (Optional) To add a tag, choose Add tag, and then enter the appropriate values for the Key and Value - optional fields.
8. Choose Next: Review.
9. On the Review policy page, for Name, enter the name for your policy. Review the Summary section to see the permissions that are granted by your policy.
10. Choose Create policy.
For more information, see Creating policies on the JSON tab.
Create an IAM role, and then attach the required policies
1. Open the IAM console.
2. In the navigation pane, choose Roles.
3. Choose Create role.
4. For Select type of trusted entity, Choose AWS service.
5. Under Or select a service to view its use cases, choose Lambda.
6. Choose Next: Permissions.
7. For Filter-policies, enter the name of the policy created in the previous section. When the policy that you created appears, select the policy. For Filter-policies, enter AWSLambdaBasicExecutionRole. When the managed policy AWSLambdaBasicExecutionRole that you created appears, select the policy.
8. Choose Next: Tags.
9. (Optional) To add a tag, enter the appropriate values for the Key and Value (optional) fields.
10. Choose Next: Review.
11. On the Create role page, for Role name, enter the name for the role that you're creating.
12. Choose Create role.
For more information, see Creating a role for an AWS service (console).
Add tags for DB clusters
1. Open the Amazon RDS console.
2. In the navigation pane, Choose Databases.
3. Choose the DB cluster that you want to start and stop automatically.
4. In the details section, scroll down to the Tags section.
5. Under the Tags tab, choose Add. For Tag key, enter autostart. For Value, enter yes. Choose Add to save your changes.
6. Choose Add again. For Tag key, enter autostop. For Value, enter yes. Choose Add to save your changes.
For more information, see Adding, listing, and removing tags.
Create a Lambda function to start the tagged DB instances
1. Open the Lambda console.
2. In the navigation pane, choose Functions.
3. Choose Create function.
4. Choose Author from scratch.
5. For Function name, enter the name of your function.
6. For Runtime, select Python 3.7.
7. For Architecture, leave the default selection of x86_64.
7. Expand Change default execution role.
8. For Execution role, select Use an existing role.
9. For Existing role, select the IAM role that you created earlier.
10. Choose Create function.
11. Choose the Code tab.
12. In the Code source editor, delete the sample code and paste the following:
import boto3 rds = boto3.client('rds') def lambda_handler(event, context): #Start DB clusters dbs = rds.describe_db_clusters() for db in dbs['DBClusters']: #Check if DB cluster stopped. Start it if eligible. if (db['Status'] == 'stopped'): doNotStart=1 try: GetTags=rds.list_tags_for_resource(ResourceName=db['DBClusterArn'])['TagList'] for tags in GetTags: #if tag "autostart=yes" is set for cluster, start it if(tags['Key'] == 'autostart' and tags['Value'] == 'yes'): result = rds.start_db_cluster(DBClusterIdentifier=db['DBClusterIdentifier']) print ("Starting cluster: {0}.".format(db['DBClusterIdentifier'])) if(doNotStart == 1): doNotStart=1 except Exception as e: print ("Cannot start cluster {0}.".format(db['DBClusterIdentifier'])) print(e) if __name__ == "__main__": lambda_handler(None, None)
13. Choose File, choose Save, and then choose Deploy.
15. Choose the Configuration tab, choose General configuration, and then choose Edit.
16. Under Timeout, do the following: For min, select 0. For sec, select 10. 17. Choose Save.
Create a Lambda function to stop the tagged DB instances
Use the instructions in the previous section Create a Lambda function to start the tagged DB clusters to stop tagged DB clusters. You must make the following change:
In the Code source editor, delete the sample code and paste the following:
import boto3 rds = boto3.client('rds') def lambda_handler(event, context): #Stop DB clusters dbs = rds.describe_db_clusters() for db in dbs['DBClusters']: #Check if DB cluster started. Stop it if eligible. if (db['Status'] == 'available'): doNotStop=1 try: GetTags=rds.list_tags_for_resource(ResourceName=db['DBClusterArn'])['TagList'] for tags in GetTags: #if tag "autostop=yes" is set for cluster, stop it if(tags['Key'] == 'autostop' and tags['Value'] == 'yes'): result = rds.stop_db_cluster(DBClusterIdentifier=db['DBClusterIdentifier']) print ("Stopping cluster: {0}.".format(db['DBClusterIdentifier'])) if(doNotStop == 1): doNotStop=1 except Exception as e: print ("Cannot stop cluster {0}.".format(db['DBClusterIdentifier'])) print(e) if __name__ == "__main__": lambda_handler(None, None)
Perform function testing
Suppose that your tagged DB clusters are in the Stopped state. To perform function testing, do the following:
1. Open the Lambda functions list.
2. Choose the function that you created to start the DB clusters.
3. Choose Actions, and then choose Test.
4. Under the Test tab, for Name, enter the name of your event.
5. Choose Save changes, and then choose Test.
Create the schedule
Suppose that the weekly maintenance window for the tagged DB clusters is Sunday 22:00 - 22:30. You can set up a schedule by creating two rules for the following:
- Automatically start the DB cluster 30 minutes before the maintenance window begins
- Automatically stop the DB cluster 30 minutes after the maintenance window ends
To create the rule to automatically start the DB instance 30 minutes before the maintenance window, do the following:
1. Open the Lambda functions list.
2. Choose the function that you created to start the DB instances.
3. Under Function overview, choose Add trigger.
4. Select EventBridge (CloudWatch Events), and then select Create a new rule.
5. For Rule name, enter the name of the rule that you want to create.
6. For Schedule Expression, add a cron expression for the automated schedule (Example: cron(30 21 ? * SUN *)).
7. Choose Add.
Use the same instructions to create another rule to automatically stop the DB cluster 30 minutes after the maintenance window. Be sure to change the name of the rule and the cron expression for the automated schedule accordingly (Example: cron(00 23 ? * SUN *)).
Related information
How can I stop an Amazon RDS instance for longer than seven days?
Relevant content
- asked 5 months agolg...
- asked 8 months agolg...
- asked 6 months agolg...
- asked a year agolg...
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a month ago