Ways you can use Python to Manage your EC2's…

4 min readJul 12, 2022

An important function of cloud management is being cost effective. One area requiring intentionality is “stopping” instances while they are not in use. One way you can do this is by utilizing a Python script that will stop all instances.

To get this example rolling, I wrote a script that creates 3 instances for 3 different departments. One is for the “Production” team, another for “Security”, and a final one for our “Dev” team.

It looks like this:

Note: If you use this script you will need to use your own "KeyName".

Now that we have our instances running…

Let’s move into operation management…

One way you can set your instances to a “stopped” status is by running more code. Using this method you can stop one specific instance, or all of them.

To stop all running instances at one time use code like this:

Caution: If you are operating on one of those instances you will get kicked off.

Although this method does help lower costs, more than likely you will have environments that would be harmful to stop. In this case you would want to stop individual instances. During the creation of our instances, we tagged each of them with their own environment. We will use that to identify and stop our “Dev” instance.

To “stop” this specific instance you can use code like this:

Note: if you replace ".stop" with ".start" on line 22, you can restart the instance with the same code.

Most Efficiently…

If you set up a Lambda Function to run on a schedule, you wont have to worry about “clocking out” on your EC2 instances. It can do this for you automatically.

There are 4 things you will need to cover in order for this to work:

Create an “IAM” policy and execution role for your Lambda function.
Set up the Lambda Functions that will start and stop the EC2 instances.
Do a test run.
Create the Event Bridge rules that trigger from the parameters you set.

Lets navigate to “IAM” to create our policy…

When you get to the dashboard, select create policy and under the JSON tab copy and paste this policy. (AWS has a great resource page on this HERE)

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents"
      ],
      "Resource": "arn:aws:logs:*:*:*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "ec2:Start*",
        "ec2:Stop*"
      ],
      "Resource": "*"
    }
  ]
}

select, “Next” and on the tags screen you can add “Lambda” for the key and “EC2 schedule” under value. Then move on to the next page to name and describe your policy. I named mine “Lambda-Dev_start-stop”.

Next, we will need to create a role for Lambda. You can find the “Roles” page on the left drop-down menu in your IAM dashboard. Chose “Create role”, select “Lambda” under trusted entity, and search for your newly created policy. Select it, and choose “Next”. Name your role, confirm the details, and finalize with “Create Role”.

Now lets make our way to the Lambda Dashboard…

From here, choose to create a new function (we will be creating 2 — a “stop” and “start” function) and select “Author from scratch”. Go ahead and name your function, and use “Python 3.9” for your runtime. Then under the “Change default execution role” dropdown, select “Use and existing role”, and find the new role you just created. Then choose, “Create function”.

Under the “Code” tab and in “Code source” copy, paste, and edit the specifications of this code to your specific EC2 instance into the “lambda_function” window.

This code will stop the EC2 instance. (> = a tab)

import boto3 region = 'us-east-1b' 
instances = ['i-0151f5e0236fa3037'] 
ec2 = boto3.client('ec2', region_name=region)def lambda_handler(event, context):       
> ec2.stop_instances(InstanceIds=instances)     
> print('stopped your instances: ' + str(instances))

On the Configuration tab, choose “General configuration”, “Edit”. Set Timeout to 10 seconds and then select Save and choose “Deploy”!

For the next function…

Repeat the steps of the last function but add this code (this will start the EC2 instance):

import boto3 region = 'us-east-1b' 
instances = ['i-0151f5e0236fa3037'] 
ec2 = boto3.client('ec2', region_name=region)  def lambda_handler(event, context):     
> ec2.start_instances(InstanceIds=instances)     
> print('started your instances: ' + str(instances))

Now let’s test em out!

Do this for both functions —

Select one of them and select “Test”. Choose to create a new event and name it and select “Save”.

Upon successful completion, make your way to the…

EventBridge Dashboard

Here you can “Create rule”, enter a name, then under “Rule type” choose “Schedule”. For our purposes, lets say no one in the “Dev” department should be working passed 9:00pm. The schedule would look like this:

Then select next, and under the target dropdown, choose “Lambda function”. Find the function you created earlier for stopping the instance, and go to the next page until you can “create rule”.

Repeat this process for the “start” function, but will a 9am start time.

You did it! Now, if you’d like to confirm your work on this schedule without waiting until 9pm, select a time nearest your convenience and see for yourself!

Again, these options are important to consider as you work toward being as cost effective as possible in your cloud management.

Thanks for the support and the claps!