/
Additional Resources. AWS Instance Scheduler Configuration Guide (Single Account)

Additional Resources. AWS Instance Scheduler Configuration Guide (Single Account)

This material is an official document provided by AWS ( Automate starting and stopping AWS instances - Instance Scheduler on AWS (amazon.com) ) was written based on.

Therefore, please refer to the official documentation above for detailed information omitted from this guide.

This guide is based on AWS documentation and only covers the basics of configuring aws-instance-scheduler in a single account.

Therefore, explanations of various settings have been omitted, and only the essential information required for basic configuration is included in the guide, so please refer to it.

1. Preparing the Instance Scheduler CloudFormation Template

Step 1: Launch the instance scheduler hub stack - Instance Scheduler on AWS (amazon.com) Go to the link on the left

"Launch Solution" If you select , you can use a Cloudformation template to automatically configure the instance scheduler. (See image below)

image-20240912-093610.png

To configure the instance scheduler, you can simply use the Cloudformation template provided by AWS.

The region where the single instance scheduler will be configured must be changed to the region used by the account, so make sure to check. Select the correct regionPlease.

 

If you have selected the correct region, you can click the "Next" button.

 

2. Configuring AWS Instance Scheduler Based on Cloudformation

On the next screen, you can see the pre-prepared settings related to the instance scheduler.

Please note that this guide only covers the minimum settings required for configuration.

  • Stack name

    • → Name of the CloudFormation Stack that configures the instance scheduler.

  • Instance Scheduler tag name

    • → This is a tag key that distinguishes the schedule target. ScheduleWe recommend using the (default) value.

  • Service(s) to schedule

    • → You can select EC2, RDS, and Both. Generally, if you plan to set power schedules for both EC2 and RDS resources, Both Select .

  • Schedule Aurora Clusters

    • → Select Yes if a schedule is required for the Aurora Cluster.

  • Create RDS instance snapshot

    • → If you need a previous snapshot when the scheduler turns it OFF Yes Select .

  • Default time zone

    • → Select the time zone you use. For Korean users Asia/Seoul Select .

 

Leave other settings at their default values and select "Next".

image-20240912-093706.png

On the next screen, select “Next” without changing any settings.

image-20240912-093816.png

On this screen, you can check the settings comprehensively. 

If there are no special circumstances, check the checkbox below and select "Submit".

When you select "Submit", you can check the CloudFormation resource creation status as follows. It takes approximately 5-10 minutes to create the resource.

After 5-10 minutes, you can see that all resources have been created through the Stack status on the left.

 

 

3. ⭐ Add KMS Permissions ⭐

The instance scheduler configuration is now complete.

but Stopping and starting EC2/RDS requires the Decrypt permission for volumes encrypted via KMS.

Therefore, it is essential to grant KMS decryption permission to the Role used in the instance scheduler through the guide below. 

Access the Lambda service and select the Lambda Function corresponding to the instance scheduler you just configured.

If you access configuration → Permisstions, you can check the Role used by the Lambda.

 

{ "Version": "2012-10-17", "Statement": [ { "Sid": "Statement1", "Effect": "Allow", "Action": [ "kms:Decrypt" ], "Resource": [ "*" ] } ] }

 

Create the above policy separately and add it to the relevant Role.

 

These permissions settings allow the Lambda used by the instance scheduler to obtain decryption permissions for the KMS set up on EBS when running EC2, thereby satisfying the permissions to launch the instance.

 

 

4. Setting up a new Schedule and Period

The schedule and period of the instance scheduler are configured through the ConfigTable of the instance configured in DynamoDB, and the configured schedule can be individually set through the Schedule tag of the instance.

 

Let's access and check the ConfigTable created by the instance scheduler in DynamoDB.

Menu: DynamoDB → Explore items → *-ConfigTable-

The main types here are schedule , period am.

A period can be defined for begintime (the time the instance turns ON) and endtime (the time the instance turns OFF), and the defined period value can be specified in the schedule.

 

example)

period

  • name : weekdays_08_19

  • begintime : 08:00

  • endtime : 19:00

  • weekdays : 0-5

schedule

  • name : SEOUL-OFFICE-HOURS-19

  • period : weekdays_08_19

 

If you set it as above, EC2 or RDS Schedule In the tag value SEOUL-OFFICE-HOURS-19 If you set this, the instance will be turned on at 08:00 and turned off at 19:00 during the Mon-Fri period.

 

 

5. Notice

  • When creating a schedule, .begintime must always be set to a time earlier than endtime.

    • If you set begintime : 18:00 . endtime : 17:00 , the instance scheduler will not work.

  • The scheduler consults DynamoDB's StateTable to determine whether an instance is stopped or running.

    • So, after the instance scheduler stops a particular instance, if the user starts the instance manually, the schedule will not work until the next stop schedule time.