Open in app

Sign in

Write

Sign in

How to automatically start and stop EC2 instances with Amazon Systems Manager

In this step-by-step guide, we will demonstrate how to use Amazon Systems Manager and CloudWatch Events to schedule automatic starts and stops of EC2 instances. As a result, you will be able to specify a time period during which you want to have your EC2 running.

Classmethod Canada
5 min readJun 18, 2021

AWS Services used in this solution

  • Amazon Systems Manager (SSM)
  • Cloudwatch Events (monitoring service for AWS)
  • EC2 (cloud server)
  • IAM (Identity and Access Management, control security access)

Step 1 — Create an IAM role

First, let’s create an IAM role for CloudWatch Events. CloudWatch Events requires permission to call SSM Start Automation Execution with the provided Automation documents and parameters.

In this example we will use the IAM console to create a role. After the role named event-ssm-automation-role is created, attach the AWS managed policy named AmazonSSMAutomationRole to the IAM role as shown below.

01

Next, we will have to edit trust relationship. Open the “Trust Relationships” tab in IAM role, and click on Edit trust relationship

02

Edit the trusted relationship as below:

{ “Version”: “2012–10–17”,
“Statement”: [ { “Sid”: “”, “Effect”: “Allow”, “Principal”: { “Service”: “events.amazonaws.com” }, “Action”: “sts:AssumeRole” } ] }

Step 2 — Create rules for CloudWatch events to start an EC2 instance

Create a rule for CloudWatch Events to automatically start your EC2 instance. Click the Create Rule button from the CloudWatch Console event.

03

Set the “Event Source” as shown in the image below. This time we will set the EC2 instance to start at a specific time every day, so we will use cron expression. For more detailed instructions on how to formulate a cron expression, refer to the following document.

AWS Documentation: Cron Expression-Rule Schedule Expression-Amazon CloudWatch Events

The Cron expression in this example is as follow:

30 18 * * ? *

This setting will invoke the Target every day at 18:30 UTC.

04

Next, set the target using the Add Target button. Change the role to Use existing role and select the IAM role we’ve created in Step 1. After setting everything up, click the Configure details button.

05

Enter a name and description for the rule and click Create Rule.

06

The rule named ssm-auto-start-ec2 has been created successfully.

07

Step 3 — Create rules for CloudWatch events to stop an EC2 instance

Follow the same procedure from Step 2 to create a CloudWatch event rule that automatically stops the EC2 instance. Select “Schedule” under the “Event Source” section and enter the follow in the Cron expression field.

0 19 * * ? *

This setting will invoke the event every day at 19:00 UTC.

Create rule

The settings to set the target are the same as in Step 2. Except for the “Document” name under the “SSM Automation” section. After setting everything up, click the Configure details button.

08

Under “Step 2: Configure rule details”, define the name and description for the rule and then click the Create Rule button.

09

The rule named ssm-auto-stop-ec2 has been created successfully.

10

Step 4 — Execution confirmation to start an EC2 instance

First, we will check the automatic startup of the instance. The specified instance status is “Stopped”.

11

The status of the instance becomes “Running” at the scheduled time.

12

We can verify in the Amazon Systems Manager console that the automation is successful. Go to AWS Systems Manager, then proceed to Automation to view “Automation executions”.

13

Step 5 — Execution confirmation to stop an EC2 instance

Afterwards, the specific instance becomes “Stopped” at the scheduled time. The stop automation was successful.

14

We can also verify if our executions were successful under the “Automation Executions” section in the Amazon Systems Manager console.

15

In addition, when we checked the event history in the CloudTrail console, “StartInstance” was as expected, but “StopInstance” was recorded twice. When we checked the details, the second “StopInstance” was killed with “force”: true.

16

“requestParameters”: { “instancesSet”: { “items”: [ { “instanceId”: “i-*******” } ] }, “force”: true },

When we looked into the contents of the SSM document, “AWS-StopInstance” was created to execute “forceStopInstances” after normal “StopInstances”.

17

There is a possibility that the instance can’t be stopped at a given time with only “StopInstances”, due to a hardware failure, for instance. Therefore, “forceStopInstances” is applied to ensure the instance is stopped.

What are the benefits of EC2 automation?

By implementing this solution you will be able to:

  • Employ cost-optimization strategies for efficient resource utilization
  • Automate manual or repeatable processes to minimize management overhead

If you have problems implementing this solution, you are welcome to discuss with us.

AWS
Cloud Computing
Automation
Cost Saving Tips
Unlisted

--

--

Classmethod Canada
Classmethod Canada

Written by Classmethod Canada

7 Followers
4 Following

We are Vancouver-based cloud integrators and solutions architects focusing on cloud system infrastructure, IoT cloud architecture and cloud migration .

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams