Automation

Three different automation tasks have been added to CloudCheckr, which will allow you to remove unused resources from your AWS account:

  1. Cleanup Security Groups
    CloudCheckr will detect security groups that are not assigned to any resources and will purge those security groups for you.
    Cleanup Security Groups requires the following IAM permission:

    “ec2:DeleteSecurityGroup”
  2. Cleanup EBS Volumes
    CloudCheckr will detect Volumes that are older than 4 weeks with a Status that is not “In-Use” and purge those Volumes for you.
    Cleanup Volumes requires the following IAM permission:

    “ec2:DeleteVolume”
  3. Cleanup Snapshots
    CloudCheckr will detect Snapshots that are older than 8 weeks and purge those Snapshots for you.
    Cleanup Snapshots requires the following IAM permission:

    “ec2:DeleteSnapshot”

NOTE: You have the option to manually run these tasks yourself, or have CloudCheckr run these automatically.  CloudCheckr will not automatically cleanup any resources unless you explicitly configure the tasks to do so.  If you do not add the delete permissions to your IAM policy, CloudCheckr will not be able to run the tasks manually or automatically.