Skip to content

Flexible Shutdown & Startup of EC2 & RDS Instances #11

Flexible Shutdown & Startup of EC2 & RDS Instances

Flexible Shutdown & Startup of EC2 & RDS Instances #11

# This workflow provides a straight forward example of how cron schedules can be used to orchestrate the shutdown and startup of ec2 and rds resources in a required sequence.
# For each step of the job, an "if" test is applied to determine the specific cron schedule. This means that individual steps can be run at given times based on the condition being tested.
# Tags are used to provide criteria as to which resources are in scope. This provides a high degree of flexbility.
# The workflow uses OIDC to connect to the Modernisation Platform member account. The account number is held as a github secret.
# This is for the sake of brevity a separate shell scrpt is used for the AWS CLI commands and so avoids the workflow becoming cluttered.
# Further information on the use of github cron schedules can be found here - https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule as well as the Modernisation Platform User Guide.
# IMPORTANT - teams using this approach to stop & start instances should apply the required tag to those instances to exclude it from the Automatic Instance Scheduling Service - https://user-guide.modernisation-platform.service.justice.gov.uk/concepts/environments/instance-scheduling.html#instance-scheduling-automatically-stop-non-production-instances-overnight
name: Flexible Shutdown & Startup of EC2 & RDS Instances
permissions:
id-token: write
contents: read
on:
schedule:
- cron: '45 6 * * *' # RDS Start
- cron: '25 7 * * *' # EC2 Start
- cron: '25 17 * * *' # EC2 Stop
- cron: '25 18 * * *' # RDS Stop
jobs:
stop-start-instances:
runs-on: ubuntu-latest
env:
EC2_TAG: 'application'
EC2_TAG_VALUE: 'example'
RDS_TAG: 'application'
RDS_TAG_VALUE: 'example'
AWS_REGION: 'eu-west-2'
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
sparse-checkout: |
scripts
- name: Configure AWS credentials
id: set-credentials
uses: aws-actions/configure-aws-credentials@v4
with:
audience: sts.amazonaws.com
aws-region: eu-west-2
mask-aws-account-id: true
role-to-assume: arn:aws:iam::${{ secrets.EXAMPLE_ACCOUNT_NUMBER }}:role/modernisation-platform-oidc-cicd
- name: Start RDS instances with specific tags
if: github.event.schedule == '45 6 * * *'
run: |
echo $(date +%x_%r)
echo ${{ github.event.schedule }}
chmod +x scripts/flexistopstart.sh
bash scripts/flexistopstart.sh 'start_rds' $RDS_TAG $RDS_TAG_VALUE $AWS_REGION
- name: Start EC2 instances with specific tags
if: github.event.schedule == '25 7 * * *'
run: |
echo $(date +%x_%r)
echo ${{ github.event.schedule }}
chmod +x scripts/flexistopstart.sh
bash scripts/flexistopstart.sh 'start_ec2' $EC2_TAG $EC2_TAG_VALUE $AWS_REGION
- name: Stop EC2 instances with specific tags
if: github.event.schedule == '25 17 * * *'
run: |
echo $(date +%x_%r)
echo ${{ github.event.schedule }}
chmod +x scripts/flexistopstart.sh
bash scripts/flexistopstart.sh 'stop_ec2' $EC2_TAG $EC2_TAG_VALUE $AWS_REGION
- name: Stop RDS instances with specific tags
if: github.event.schedule == '25 18 * * *'
run: |
echo $(date +%x_%r)
echo ${{ github.event.schedule }}
chmod +x scripts/flexistopstart.sh
bash scripts/flexistopstart.sh 'stop_rds' $RDS_TAG $RDS_TAG_VALUE $AWS_REGION