Wednesday, May 29, 2024
HomeBig DataAnalyze Elastic IP utilization historical past utilizing Amazon Athena and AWS CloudTrail

Analyze Elastic IP utilization historical past utilizing Amazon Athena and AWS CloudTrail


An AWS Elastic IP (EIP) handle is a static, public, and distinctive IPv4 handle. Allotted solely to your AWS account, the EIP stays beneath your management till you determine to launch it. It may be allotted to your Amazon Elastic Compute Cloud (Amazon EC2) occasion or different AWS assets reminiscent of load balancers.

EIP addresses are designed for dynamic cloud computing as a result of they are often re-mapped to a different occasion to masks any disruptions. These EIPs are additionally used for functions that should make exterior requests to companies that require a constant handle for enable listed inbound connections. As your utility utilization varies, these EIPs may see sporadic use over weeks and even months, resulting in potential accumulation of unused EIPs which will inadvertently inflate your AWS expenditure.

On this put up, we present you tips on how to analyze EIP utilization historical past utilizing AWS CloudTrail and Amazon Athena to have a greater perception of your EIP utilization sample in your AWS account. You need to use this answer commonly as a part of your cost-optimization efforts to securely take away unused EIPs to cut back your prices.

Resolution overview

This answer makes use of exercise logs from CloudTrail and the facility of Athena to conduct a complete evaluation of historic EIP attachment exercise inside your AWS account. CloudTrail, a crucial AWS service, meticulously logs API exercise inside an AWS account.

Athena is an interactive question service that simplifies information evaluation in Amazon Easy Storage Service (Amazon S3) utilizing commonplace SQL. It’s a serverless service, eliminating the necessity for infrastructure administration and costing you just for the queries you run.

By extracting detailed info from CloudTrail and querying it utilizing Athena, this answer streamlines the method of knowledge assortment, evaluation, and reporting of EIP utilization inside an AWS account.

To assemble EIP utilization reporting, this answer compares snapshots of the present EIPs, specializing in their most up-to-date attachment inside a customizable 3-month interval. It then determines the frequency of EIP attachments to assets. An attachment rely better than zero means that the EIPs are actively in use. In distinction, an attachment rely of zero signifies that these EIPs are idle and will be launched, aiding in figuring out potential areas for value discount.

Within the following sections, we present you tips on how to deploy the answer utilizing AWS CloudFormation after which run an evaluation.

Stipulations

Full the next prerequisite steps:

  1. In case your account doesn’t have CloudTrail enabled, create a path, then seize the S3 bucket identify to make use of later within the implementation steps.
  2. Obtain the CloudFormation template from the repository. You want this template.yaml file for the implementation steps.

Deploy the answer

On this part, you utilize AWS CloudFormation to create the required assets. AWS CloudFormation is a service that helps you mannequin and arrange your AWS assets in an effort to spend much less time managing these assets and extra time focusing in your functions that run in AWS.

The CloudFormation template creates Athena views and a desk to look previous AssociateAddress occasions in CloudTrail, an AWS Lambda perform to gather snapshots of current EIPs, and an S3 bucket to retailer the evaluation outcomes.

Full the next steps:

  1. On the AWS CloudFormation console, select on Create stack and select With new assets (commonplace).
  2. Within the Specify Template part, select an current template and add the template.yaml file downloaded from the conditions.
  3. Within the Specify stack particulars part, enter your most well-liked stack identify and the prevailing CloudTrail S3 location, and keep the default settings for the opposite parameters.
  4. On the backside of the Assessment and create web page, choose the acknowledgement verify field, then select Submit.

Anticipate the stack to be created. It ought to take a couple of minutes to finish. You may open the AWS CloudFormation console to view the stack creation course of.

Run an evaluation

You may have configured the answer to run your EIP attachments evaluation. Full the next steps to investigate your EIP attachment historical past. Should you’re utilizing Athena for the primary time in your account, it is advisable to arrange a question end result location in Amazon S3.

  1. On the Athena console, navigate to the question editor.
  2. For Database, select default.
  3. Enter the next question and select Run question:
choose 
eip.publicip,
eip.allocationid,
eip.area,
eip.accountid,
eip.associationid, 
eip.PublicIpv4Pool,
max(associate_ip_event.eventtime) as latest_attachment,
rely(associate_ip_event.associationid) as attachmentCount
from eip LEFT JOIN associate_ip_event on associate_ip_event.allocationid = eip.allocationid 
group by 1,2,3,4,5,6

All of the required tables are created beneath the default database.

Now you can run a question on the CloudTrail logs to look again in time for the EIP attachment. This question offers you with higher perception to securely launch idle EIPs to be able to cut back prices by displaying how ceaselessly every particular EIP was beforehand hooked up to any assets.

This report will present the next info:

  • Public IP
  • Allocation ID (the ID that AWS assigns to characterize the allocation of the EIP handle to be used with cases in a VPC)
  • Area
  • Account ID
  • latest_attachment date (the final time EIP was hooked up to a useful resource)
  • attachmentCount (variety of attachments)
  • The affiliation ID for the handle (if this area is empty, the EIP is idle and never hooked up to any assets)

The next screenshot reveals the question outcomes.

Clear up

To optimize value, clear up the assets you deployed for this put up by finishing the next steps:

  1. Delete the contents in your S3 buckets (eip-analyzer-eipsnapshot-* and eip-analyzer-athenaresulteipanalyzer-*).
  2. Delete the S3 buckets.
  3. On the AWS CloudFormation console, delete the stack you created.

Conclusion

This put up demonstrated how one can analyze Elastic IP utilization historical past to have a greater perception of EIP attachment patterns utilizing Athena and CloudTrail. Take a look at the GitHub repo to commonly run this evaluation as a part of your cost-optimization technique to establish and launch inactive EIPs to cut back prices.

You too can use Athena to investigate logs from different AWS companies; for extra info, see Querying AWS service logs.

Moreover, you’ll be able to analyze exercise logs with AWS CloudTrail Lake and Amazon Athena. AWS CloudTrail Lake is a managed information lake that allows organizations to mixture, immutably retailer, and question occasions recorded by CloudTrail for auditing, safety investigation, and operational troubleshooting. AWS CloudTrail Lake helps the gathering of occasions from a number of AWS areas and AWS accounts. For CloudTrail Lake, you pay for information ingestion, retention, and evaluation. Consult with AWS CloudTrail Lake pricing web page for pricing particulars.


Concerning the Creator

Aidin Khosrowshahi is a Senior Technical Account Supervisor with Amazon Net Providers based mostly out of San Francisco. He focuses on reliability, optimization, and bettering operational mechanisms along with his clients.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments