Automating AWS Instance Start and Stop with Python and Lambda: A Step-by-Step Guide

In one of the recent AWS infrastructure migration projects that we worked on, the customer asked for our suggestions on reducing their AWS cloud IT infrastructure costs. After closely collaborating with the customer’s internal team to understand usage patterns, we realized that some of the EC2 instances were used exclusively during business hours, rendering their 24×7 operation unnecessary. Therefore, we decided to shut them down after business hours and automatically restart them in the morning using the AWS Lambda service.

Please note that stopping an EIP-allocated EC2 instance will result in additional charges. You have the option to remove the EIP for the instances you intend to shut down and restart automatically. After the instance starts up, you can update the new IP with your DNS provider, such as Route53 or Cloudflare, by enhancing the following script.

AWS Lambda: AWS Lambda is a serverless computing service provided by Amazon Web Services (AWS). It allows you to run code in response to various events without the need to provision or manage servers. With AWS Lambda, you can build and deploy applications without worrying about server infrastructure, scaling, or maintenance.

Amazon EventBridge: Amazon EventBridge is a serverless event bus service provided by Amazon Web Services. It enables you to build event-driven applications and allows different AWS services and custom applications to communicate with each other through events. Amazon EventBridge makes it easier to connect and coordinate various components of your applications and services in a highly scalable and decoupled manner.

Follow the steps below to automatically start and stop your EC2 instances:

Step 1: IAM Policy and Role creation

Create a policy and a role that will be used by our lambda function. First We create a policy that has the necessary permission to start and stop ec2 instances.

In AWS console search for “IAM” Service. Within IAM dashboard click on “Policies” and then click on “Create policy”.

Under the “Select Service” type and select EC2. The next page should prompt you to select “Access level”.

For ‘List’ access select ‘DecscribeInstance’, ‘DescribeInstanceStatus’, ‘DescribeInstanceTypes’, ‘DecscribeTags’.

For ‘Write’ access select ‘StartInstances’, ‘StopInstances’.

Under “Resources” select “all resources”. Then click on “Add additional permissions”.

Under the “Select Service” menu type and select “Cloudwatch logs”.

Under “Actions” please select all cloudwatch logs actions under the “manual action” subcategory which grant us all read and write access.

Under “Resources” select “all resources”.

Click on JSON format of your policy.

Provide a suitable name for your policy and click on “Create policy”.

Create “Role” after the policy has been created.

Click on “Roles” within IAM dashboard, then click on “Create role”

Select the “AWS Service” for “Trusted entity type” and “Lambda” for “Use case”, then click on “next”.

On the following page, search for and select the policy created in the steps above, then click “Next.”

Name the role, scroll down, and then click on “Create role.”

Step 2: Lambda Functions Creation

Within AWS console, search for Lambda. Once the Lambda dashboard is displayed, click on Create function located at the top right side.

  1. Select “Author from scratch”.
  2. Give a name for your function.
  3. Select runtime as “Python 3.11”.
  4. Under “Change default execution role”, click on “Use an existing role” and select the role we created earlier in step 2.
  5. Click on “Create function”.

The following is the Python code to stop your running instances:

import boto3
ec2 = boto3.client('ec2', region_name='eu-central-1')
instance_ids = ['i-0648899600e7450e1', 'i-0d84c68f2e1c5ed5f']
print("Instances stopped successfully.")

Please remember to replace the above instance ID’s and the region name based on your requirements. Add your Python code within the “Code” section.

After copying the code, click on ‘Deploy’, and then click on ‘Test’. You will receive the execution result as ‘Success’, and your running instances will be triggered and stopped.

Step 3: Create an EventBridge Rule to Trigger EC2 Instances.

In this step, we will create an EventBridge Rule that starts our EC2 instances based on the time we define using the Cron expression. Since Lambda functions are triggered by events, when an EC2 instance is stopped or running, it will send an event that triggers our function.

Search for “EventBridge” within the AWS console. Once the page is displayed, click on “Create Rule” on the right-hand side.

Provide a “schedule name”.

Choose the schedule pattern as “Recurring schedule”, define a schedule pattern by using the cron expression, and click “Next” to proceed.

Select the target as “Lambda” and choose the Lambda function, then click “Next.” Scroll down and provide the role (the execution role you provide must allow AWS EventBridge Scheduler to assume the role). Finally, scroll down and click on “Create Schedule.”

Your instances will be stopped/started at the scheduled time daily.

Please repeat the above steps and use the following Python code to start your stopped instances:

import boto3
ec2 = boto3.client('ec2', region_name='eu-central-1')
instance_ids = ['i-0648899600e7450e1', 'i-0d84c68f2e1c5ed5f']
print("Instances started successfully!")

Create the “Lambda function” and set up an “EventBridge” rule as described in steps 2 and 3. Modify the cron expression according to your requirements.

At Server Pundits, we offer cloud migration, DevOps, and Linux Server Administration services. If you are looking to save on cloud costs or set up your services on Amazon Web Services, please reach out to us!

Scroll to Top