Identify any Amazon Elasticsearch (ES) clusters that appear to be idle and remove them from your account to help lower the cost of your monthly AWS bill. By default, an AWS ES cluster (domain) is considered "idle" when meets the following criteria:
The average CPU Utilization has been less than 2% for the last 7 days.
- The AWS CloudWatch metrics used to detect idle Elasticsearch clusters are:
CPUUtilization - the percentage of CPU resources used for data nodes within the ES cluster (Units: Percentage).
Note 1: You can easily change the default threshold for this rule on Cloud Conformity console and set your own value for the CPU usage in order to configure the ES clusters idleness based on your requirements.
Note 2: For this rule Cloud Conformity assumes that your Elasticsearch domains (clusters) are tagged with "Role" and "Owner" tags which provide visibility into their usage profile and help you decide whether it`s safe or not to terminate these resources. Knowing the role and the owner of these resources before you take the decision to terminate them is very important because, for example, a minimal CPU utilization recorded within a 48 hour period may mean that the cluster is being idle or not being used at all.
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
optimisation
Idle AWS ES clusters represent a good candidate to reduce your monthly AWS costs and avoid accumulating unnecessary usage charges.
Audit
To identify any idle ES clusters currently available in your AWS account, perform the following:
Remediation / Resolution
Option 1: Delete any AWS Elasticsearch clusters that are currently running in idle mode. To remove the idle ES clusters (domains), perform the following actions:
Option 2: Disable the rule check. If the selected idle Elasticsearch domain (cluster) is needed (its role within your application stack/environment is important), you may want turn off the conformity rule check for the specified AWS ES cluster from the Cloud Conformity console.
References
- AWS Documentation
- Trusted Advisor Best Practices (Checks)
- Amazon Elasticsearch Service Metrics and Dimensions
- AWS Namespaces
- Managing Amazon Elasticsearch Service Domains
- AWS Command Line Interface (CLI) Documentation
- es
- list-domain-names
- describe-elasticsearch-domain
- list-tags
- delete-elasticsearch-domain
- cloudwatch
- get-metric-statistics
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Idle Elasticsearch Clusters
Risk level: High