Analyze Elastic IP utilization historical past utilizing Amazon Athena and AWS CloudTrail

0
1


An AWS Elastic IP (EIP) tackle is a static, public, and distinctive IPv4 tackle. Allotted completely to your AWS account, the EIP stays beneath your management till you determine to launch it. It may be allotted to your Amazon Elastic Compute Cloud (Amazon EC2) occasion or different AWS assets corresponding to load balancers.

EIP addresses are designed for dynamic cloud computing as a result of they are often re-mapped to a different occasion to masks any disruptions. These EIPs are additionally used for functions that should make exterior requests to companies that require a constant tackle for permit listed inbound connections. As your software utilization varies, these EIPs would possibly see sporadic use over weeks and even months, resulting in potential accumulation of unused EIPs which will inadvertently inflate your AWS expenditure.

On this put up, we present you the right way to analyze EIP utilization historical past utilizing AWS CloudTrail and Amazon Athena to have a greater perception of your EIP utilization sample in your AWS account. You should use this resolution frequently as a part of your cost-optimization efforts to soundly take away unused EIPs to scale back your prices.

Resolution overview

This resolution makes use of exercise logs from CloudTrail and the ability of Athena to conduct a complete evaluation of historic EIP attachment exercise inside your AWS account. CloudTrail, a vital AWS service, meticulously logs API exercise inside an AWS account.

Athena is an interactive question service that simplifies knowledge evaluation in Amazon Easy Storage Service (Amazon S3) utilizing commonplace SQL. It’s a serverless service, eliminating the necessity for infrastructure administration and costing you just for the queries you run.

By extracting detailed data from CloudTrail and querying it utilizing Athena, this resolution streamlines the method of knowledge assortment, evaluation, and reporting of EIP utilization inside an AWS account.

To collect EIP utilization reporting, this resolution compares snapshots of the present EIPs, specializing in their most up-to-date attachment inside a customizable 3-month interval. It then determines the frequency of EIP attachments to assets. An attachment rely larger than zero means that the EIPs are actively in use. In distinction, an attachment rely of zero signifies that these EIPs are idle and may be launched, aiding in figuring out potential areas for price discount.

Within the following sections, we present you the right way to deploy the answer utilizing AWS CloudFormation after which run an evaluation.

Conditions

Full the next prerequisite steps:

  1. In case your account doesn’t have CloudTrail enabled, create a path, then seize the S3 bucket title to make use of later within the implementation steps.
  2. Obtain the CloudFormation template from the repository. You want this template.yaml file for the implementation steps.

Deploy the answer

On this part, you utilize AWS CloudFormation to create the required assets. AWS CloudFormation is a service that helps you mannequin and arrange your AWS assets so that you could spend much less time managing these assets and extra time focusing in your functions that run in AWS.

The CloudFormation template creates Athena views and a desk to look previous AssociateAddress occasions in CloudTrail, an AWS Lambda perform to gather snapshots of present EIPs, and an S3 bucket to retailer the evaluation outcomes.

Full the next steps:

  1. On the AWS CloudFormation console, select on Create stack and select With new assets (commonplace).
  2. Within the Specify Template part, select an present template and add the template.yaml file downloaded from the conditions.
  3. Within the Specify stack particulars part, enter your most well-liked stack title and the present CloudTrail S3 location, and keep the default settings for the opposite parameters.
  4. On the backside of the Overview and create web page, choose the acknowledgement test field, then select Submit.

Watch for the stack to be created. It ought to take a couple of minutes to finish. You possibly can open the AWS CloudFormation console to view the stack creation course of.

Run an evaluation

You could have configured the answer to run your EIP attachments evaluation. Full the next steps to research your EIP attachment historical past. Should you’re utilizing Athena for the primary time in your account, that you must arrange a question outcome location in Amazon S3.

  1. On the Athena console, navigate to the question editor.
  2. For Database, select default.
  3. Enter the next question and select Run question:
choose 
eip.publicip,
eip.allocationid,
eip.area,
eip.accountid,
eip.associationid, 
eip.PublicIpv4Pool,
max(associate_ip_event.eventtime) as latest_attachment,
rely(associate_ip_event.associationid) as attachmentCount
from eip LEFT JOIN associate_ip_event on associate_ip_event.allocationid = eip.allocationid 
group by 1,2,3,4,5,6

All of the required tables are created beneath the default database.

Now you can run a question on the CloudTrail logs to look again in time for the EIP attachment. This question supplies you with higher perception to soundly launch idle EIPs to be able to cut back prices by displaying how steadily every particular EIP was beforehand hooked up to any assets.

This report will present the next data:

  • Public IP
  • Allocation ID (the ID that AWS assigns to symbolize the allocation of the EIP tackle to be used with situations in a VPC)
  • Area
  • Account ID
  • latest_attachment date (the final time EIP was hooked up to a useful resource)
  • attachmentCount (variety of attachments)
  • The affiliation ID for the tackle (if this area is empty, the EIP is idle and never hooked up to any assets)

The next screenshot exhibits the question outcomes.

Clear up

To optimize price, clear up the assets you deployed for this put up by finishing the next steps:

  1. Delete the contents in your S3 buckets (eip-analyzer-eipsnapshot-* and eip-analyzer-athenaresulteipanalyzer-*).
  2. Delete the S3 buckets.
  3. On the AWS CloudFormation console, delete the stack you created.

Conclusion

This put up demonstrated how one can analyze Elastic IP utilization historical past to have a greater perception of EIP attachment patterns utilizing Athena and CloudTrail. Take a look at the GitHub repo to frequently run this evaluation as a part of your cost-optimization technique to determine and launch inactive EIPs to scale back prices.

You can too use Athena to research logs from different AWS companies; for extra data, see Querying AWS service logs.

Moreover, you’ll be able to analyze exercise logs with AWS CloudTrail Lake and Amazon Athena. AWS CloudTrail Lake is a managed knowledge lake that allows organizations to combination, immutably retailer, and question occasions recorded by CloudTrail for auditing, safety investigation, and operational troubleshooting. AWS CloudTrail Lake helps the gathering of occasions from a number of AWS areas and AWS accounts. For CloudTrail Lake, you pay for knowledge ingestion, retention, and evaluation. Consult with AWS CloudTrail Lake pricing web page for pricing particulars.


Concerning the Writer

Aidin Khosrowshahi is a Senior Technical Account Supervisor with Amazon Net Providers based mostly out of San Francisco. He focuses on reliability, optimization, and enhancing operational mechanisms along with his prospects.