Identify any Amazon RDS database instances that appear to be idle and delete them to help lower the cost of your monthly AWS bill. By default, an RDS instance is considered 'idle' when meets the following criteria (to declare the instance 'idle' both conditions must be true):
- The average number of database connections has been less than 1 for the last 7 days.
- The total number of database ReadIOPS and WriteIOPS recorded per day for the last 7 days has been less than 20 on average.
The AWS CloudWatch metrics used to detect idle RDS instances are:
- DatabaseConnections - the number of RDS database connections in use (Units: Count).
- ReadIOPS and WriteIOPS - the average number of disk I/O (Input/Output) operations per second (Units: Count/Second).
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Idle RDS instances represent a good candidate for reducing your monthly AWS costs. Regularly checking your AWS RDS instances for the number of database connections performed will help you efficiently detect and remove any idle RDS resources from your AWS account in order to avoid accumulating unnecessary charges.
Note 1: Backing up your RDS databases before termination is highly recommended because once these instances are deleted, all their automated backups (snapshots) will be permanently lost.
Note 2: Knowing the role and the owner of an AWS RDS instance before you take the decision to remove it from your account is very important. For this rule Cloud Conformity assumes that your RDS instances are tagged with 'Role' and 'Owner' tags which provide visibility into their usage profile and help you decide whether it's safe or not to terminate these resources.
Note 3: You can change the default threshold for this rule on the Cloud Conformity console and set your own values for the number of database connections, and the total number of ReadIOPS and WriteIOPS for each condition in order to configure the instances idleness.
Note 4: If the RDS database instance selected for the checkup is needed within your application stack, you can suppress (disable) the conformity rule check for the instance from the Cloud Conformity console.
To identify any idle RDS database instances currently available within your AWS account, perform the following:
Remediation / Resolution
Option 1: terminate the idle instances. To terminate (delete) any AWS RDS instances that are currently running in idle mode, perform the following commands:
Option 2: disable the rule check. If the selected idle RDS database instance is needed (its role within your application stack is important), you should turn off the conformity rule check for the instance from the Cloud Conformity console.
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
Idle RDS Instance
Risk level: High