Skip to main content

AWS Recommendations

Recommendations help kickstart your journey with governance. Essentially, Harness run certain policies behind the scenes to generate recommendations for your governance-enabled AWS accounts. These policies not only help to cut costs but also increase the efficiency of your system. On the Governance Overview page, Harness showcases recommendations that will benefit you to save costs on associated resources. You can click on any recommendation to view its details.

Listed below are the custodian policies which are used to generate recommendations that Harness offers for AWS. Along with each policy, you can also find their respective descriptions, the logic behind savings computation and the permissions required to generate or apply these recommendations.

Recommendation: delete-unattached-ebs

Description: Delete all ebs volumes which are unattached

Policy Used:

policies:
- name: delete-unattached-ebs
resource: ebs
filters:
- Attachments: []
- State: available
actions:
- delete

Savings Computed: The policy identifies a list of resources on which potential savings are calculated by summing up cost of each resource for last 30 days.

Permissions Required:

  • Dry Run:
    • ec2:DetachVolume
    • ec2:DescribeVolumes
  • Run Once:
    • ec2:DetachVolume
    • ec2:DeleteVolume
    • ec2:DescribeVolumes

Recommendation: elb-low-request-count-list

Description: List ELBs with low request count

Policy Used:

policies:
- name: elb-low-request-count-list
resource: elb
description: List ELBs with low request count
filters:
- type: metrics
name: RequestCount
statistics: Sum
days: 7
value: 7
missing-value: 0
op: less-than

Savings Computed: The policy identifies a list of resources on which potential savings are calculated by summing up cost of each resource for last 30 days.

Permissions Required:

  • Dry Run:

    • cloudwatch:GetMetricData
    • elasticloadbalancing:DescribeLoadBalancers
  • Run Once:

    • cloudwatch:GetMetricData
    • elasticloadbalancing:DescribeLoadBalancers

Recommendation: migrate-gp2-to-gp3-ebs-volumes

Description: Migrate gp2 volumes to gp3

Policy Used:

policies:
- name: migrate-gp2-to-gp3-ebs-volumes
resource: ebs
filters:
- VolumeType: gp2
- modifyable
actions:
- type: modify
volume-type: gp3

Savings Computed: The policy identifies a list of resources on which potential savings are calculated by summing up cost of each resource for last 30 days. Then, 20% of that sum is taken as the savings.

Ref: https://aws.amazon.com/blogs/storage/migrate-your-amazon-ebs-volumes-from-gp2-to-gp3-and-save-up-to-20-on-costs/

Permissions Required:

  • Dry Run:
    • ec2:DescribeVolumeAttribute
    • ec2:DescribeVolumesModifications
  • Run Once:
    • ec2:DescribeVolumeAttribute
    • ec2:ModifyVolumeAttribute
    • ec2:DescribeVolumesModifications

Recommendation: delete-snapshot-with-no-volume

Description: Delete snapshots with no volumes

Policy Used:

policies:
- name: delete-snapshot-with-no-volume
description: Find any snapshots that do not have a corresponding volume.
resource: aws.ebs-snapshot
filters:
- type: volume
key: VolumeId
value: absent
actions:
- delete

Savings Computed: The policy identifies a list of resources on which potential savings are calculated by summing up cost of each resource for last 30 days.

Permissions Required:

  • Dry Run:
    • ec2:DescribeVolumes
  • Run Once:
    • ec2:DescribeVolumes
    • ec2:DeleteSnapshot

Recommendation: stop-unused-rds

Description: Stop unused RDS database

Policy Used:

 policies:
- name: stop-unused-rds
resource: rds
description: Stop unused RDS database
filters:
- type: value
key: DBInstanceStatus
value: available
- type: metrics
name: DatabaseConnections
statistics: Sum
days: 7
value: 0
op: equal
actions:
- stop

Savings Computed: The policy identifies a list of resources on which potential savings are calculated by summing up cost of each resource for last 30 days.

Permissions Required:

  • Dry Run:
    • rds:DescribeDBInstances
  • Run Once:
    • rds:DescribeDBInstances
    • rds:StopDBInstance

Recommendation: elb-delete-unused

Description: Delete unused ELB

Policy Used:

policies:
- name: elb-delete-unused
resource: elb
filters:
- Instances: []
actions:
- delete

Savings Computed: The policy identifies a list of resources on which potential savings are calculated by summing up cost of each resource for last 30 days.

Permissions Required:

  • Dry Run:
    • elasticloadbalancing:DescribeLoadBalancers
  • Run Once:
    • elasticloadbalancing:DescribeLoadBalancers
    • elasticloadbalancing:DeleteLoadBalancer

Recommendation: release-unattached-eips

Description: Release unattached Elastic IPs

Policy Used:

policies:
- name: release-unattached-eips
resource: aws.elastic-ip
filters:
- AssociationId: absent
actions:
- release

Savings Computed: The policy identifies a list of resources on which potential savings are calculated by summing up cost of each resource for last 30 days.

Permissions Required:

  • Dry Run:
    • ec2:DescribeAddresses
  • Run Once:
    • ec2:DescribeAddresses
    • ec2:ReleaseAddress