Skip to content

Latest commit

 

History

History

idle_compute_instances

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
CHANGELOG.md
CHANGELOG.md
 
 
README.md
README.md
 
 
google_idle_compute_instances.pt
google_idle_compute_instances.pt
 
 

README.md

Google Idle Compute Instances

Deprecated

This policy is no longer being updated. The Google Rightsize VM Recommender policy now includes this functionality and is the recommended policy for getting idle VM recommendations.

What It Does

This Policy Template checks for idle instance in Google Compute Engine and then terminates them upon approval.

How It Works

  • If APIs & Services are not enabled for a project, the policy will skip that particular project. On the next run if APIs & Services are enabled, then the project will be considered for execution.
  • This policy identifies all instances reporting performance metrics to Google StackDriver and delivers a report, for instances whose CPU or Memory utilization is below the thresholds set in the Average used memory percentage and Average used CPU percentage parameters. These thresholds are what you would consider to be and idle instance.
  • This policy can terminate instances after approval for instances that match the criteria.
  • If you get an N/A in a field you will need to install the StackDriver Agent on the instance to get those metrics.
  • This policy only pulls running instances, as it is unable to get correct monitoring metrics from instances in other states

Input Parameters

This policy has the following input parameters required when launching the policy.

  • Email addresses of the recipients you wish to notify - A list of email addresses to notify
  • Average used memory percentage" - Set to -1 to ignore memory utilization
  • Average used CPU percentage - Set to -1 to ignore CPU utilization
  • Exclusion label Key:Value - Cloud native label to ignore instances. Format: Key:Value
  • Automatic Actions - When this value is set, this policy will automatically take the selected action(s).

Please note that the "Automatic Actions" parameter contains a list of action(s) that can be performed on the resources. When it is selected, the policy will automatically execute the corresponding action on the data that failed the checks, post incident generation. Please leave it blank for manual action. For example if a user selects the "Terminate Instances" action while applying the policy, all the resources that didn't satisfy the policy condition will be terminated.

Actions

The following policy actions are taken on any resources found to be out of compliance.

  • Send an email report
  • Delete all instances after approval

Prerequisites

This policy uses credentials for connecting to the cloud -- in order to apply this policy you must have a credential registered in the system that is compatible with this policy. If there are no credentials listed when you apply the policy, please contact your cloud admin and ask them to register a credential that is compatible with this policy. The information below should be consulted when creating the credential.

Credential configuration

For administrators creating and managing credentials to use with this policy, the following information is needed:

Provider tag value to match this policy: gce

Required permissions in the provider:

  • The Monitoring Viewer Role
  • The compute.instances.delete permission
  • The compute.instances.list permission
  • The compute.instances.get permission
  • The resourcemanager.projects.get permission

Supported Clouds

  • Google

Cost

This policy template does not incur any cloud costs.