In my ever-growing quest to automate my AWS infrastructure deployments, I realized that just checking my tags wasn’t good enough. I should force myself to put tags in otherwise my instances won’t launch at all.
I find this particularly useful because I utilize AWS Backup to do automated snapshots nightly of all of my instances. If I don’t put the “Backup” tag onto my instance it will not be included in the rule. This concept of forced tagging could be utilized across many different applications including tagging for development, production, or testing environments.
To do this I created the Lambda function below. Utilizing EventBridge I have this function every time there is an EC2 instance that enters the “running” state.
import json import boto3 def lambda_handler(event, context): detail = event['detail'] ids = detail['instance-id'] eventname = detail['state'] ec2 = boto3.resource('ec2') while eventname == 'Running': print(ids) #Check to see if backup tag is added to the instance tag_to_check = 'Backup' instance = ec2.Instance(ids) for tag in instance.tags: if tag_to_check not in [t['Key'] for t in instance.tags]: instance.stop() print("Stopping Instance: ", instance) #Get instance state to break the infinite loop state = instance.state['Name'] if state == "shutting-down": print("instance is shutting-down") break elif state == "stopped": print("Instance is already stopped") break elif state == "stopping": print("instance is stopping") break break
The function then will check the status of the instance to ensure that it is stopped and then break the loop.
You can clone the repository from GitHub here:
If you utilize the script please share it with your friends. Feel free to modify it as you please and let me know how it works for you! As always, if you have any questions feel free to reach out here or on any other platform!