Flexible Shutdown & Startup of EC2 & RDS Instances #72
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow provides a straight forward example of how cron schedules can be used to orchestrate the shutdown and startup of ec2 and rds resources in a required sequence. | |
# For each step of the job, an "if" test is applied to determine the specific cron schedule. This means that individual steps can be run at given times based on the condition being tested. | |
# Tags are used to provide criteria as to which resources are in scope. This provides a high degree of flexbility. | |
# The workflow uses OIDC to connect to the Modernisation Platform member account. The account number is held as a github secret. | |
# This is for the sake of brevity a separate shell scrpt is used for the AWS CLI commands and so avoids the workflow becoming cluttered. | |
# Further information on the use of github cron schedules can be found here - https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule as well as the Modernisation Platform User Guide. | |
# IMPORTANT - teams using this approach to stop & start instances should apply the required tag to those instances to exclude it from the Automatic Instance Scheduling Service - https://user-guide.modernisation-platform.service.justice.gov.uk/concepts/environments/instance-scheduling.html#instance-scheduling-automatically-stop-non-production-instances-overnight | |
name: Flexible Shutdown & Startup of EC2 & RDS Instances | |
permissions: | |
id-token: write | |
contents: read | |
on: | |
schedule: | |
- cron: '20 7 * * *' # RDS Start | |
- cron: '10 8 * * *' # EC2 Start | |
- cron: '10 19 * * *' # EC2 Stop | |
- cron: '25 19 * * *' # RDS Stop | |
jobs: | |
stop-start-instances: | |
runs-on: ubuntu-latest | |
env: | |
EC2_TAG: 'flexi-startup' | |
EC2_TAG_VALUE: '8am' | |
RDS_TAG: 'application' | |
RDS_TAG_VALUE: 'example' | |
AWS_REGION: 'eu-west-2' | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
with: | |
sparse-checkout: | | |
scripts | |
- name: Configure AWS credentials | |
id: set-credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
audience: sts.amazonaws.com | |
aws-region: eu-west-2 | |
mask-aws-account-id: true | |
role-to-assume: arn:aws:iam::${{ secrets.EXAMPLE_ACCOUNT_NUMBER }}:role/modernisation-platform-oidc-cicd | |
- name: Start RDS instances with specific tags | |
if: github.event.schedule == '20 7 * * *' | |
run: | | |
echo $(date +%x_%r) | |
echo ${{ github.event.schedule }} | |
chmod +x scripts/flexistopstart.sh | |
bash scripts/flexistopstart.sh 'start_rds' $RDS_TAG $RDS_TAG_VALUE $AWS_REGION | |
- name: Start EC2 instances with specific tags | |
if: github.event.schedule == '10 8 * * *' | |
run: | | |
echo $(date +%x_%r) | |
echo ${{ github.event.schedule }} | |
chmod +x scripts/flexistopstart.sh | |
bash scripts/flexistopstart.sh 'start_ec2' $EC2_TAG $EC2_TAG_VALUE $AWS_REGION | |
- name: Stop EC2 instances with specific tags | |
if: github.event.schedule == '10 19 * * *' | |
run: | | |
echo $(date +%x_%r) | |
echo ${{ github.event.schedule }} | |
chmod +x scripts/flexistopstart.sh | |
bash scripts/flexistopstart.sh 'stop_ec2' $EC2_TAG $EC2_TAG_VALUE $AWS_REGION | |
- name: Stop RDS instances with specific tags | |
if: github.event.schedule == '25 19 * * *' | |
run: | | |
echo $(date +%x_%r) | |
echo ${{ github.event.schedule }} | |
chmod +x scripts/flexistopstart.sh | |
bash scripts/flexistopstart.sh 'stop_rds' $RDS_TAG $RDS_TAG_VALUE $AWS_REGION | |