All examples for AWS Resource Cleanup Runbook

EBS Volumes Safe Deletion with Rollback

Complete runbook for safely deleting unattached EBS volumes including safety checklist, snapshot backup, bulk deletion commands, and rollback procedures.

Input

What you provide to the skill

We finished a project last quarter and still have 12 unattached EBS volumes in us-east-1. Can you provide safe deletion commands with rollback procedures?

Output

What the skill generates for you

Unattached EBS Volumes Cleanup - us-east-1

Pre-Deletion Safety Checklist

⚠️ IMPORTANT: Complete these verification steps before deleting any volumes.

Step 1: Verify Volumes are Truly Unused

# List all 12 unattached volumes with full details

aws ec2 describe-volumes \

  --region us-east-1 \

  --filters Name=status,Values=available \

  --query 'Volumes[*].{ID:VolumeId,Size:Size,Type:VolumeType,Created:CreateTime,AZ:AvailabilityZone,Tags:Tags}' \

  --output table

Step 2: Check CloudWatch Metrics (Last 30 Days)

# For each volume, check if there was any recent I/O activity

aws cloudwatch get-metric-statistics \

  --region us-east-1 \

  --namespace AWS/EBS \

  --metric-name VolumeReadOps \

  --dimensions Name=VolumeId,Value=vol-xxxxx \

  --start-time $(date -u -d '30 days ago' +%Y-%m-%dT%H:%M:%S) \

  --end-time $(date -u +%Y-%m-%dT%H:%M:%S) \

  --period 86400 \

  --statistics Sum

Step 3: Search CloudTrail for Recent Attach Events

# Check if any volumes were recently detached

aws cloudtrail lookup-events \

  --region us-east-1 \

  --lookup-attributes AttributeKey=ResourceType,AttributeValue=AWS::EC2::Volume \

  --start-time $(date -u -d '7 days ago' +%Y-%m-%dT%H:%M:%S) \

  --query 'Events[*].{Time:EventTime,Event:EventName,Volume:Resources[0].ResourceName}' \

  --output table

Step 4: Create Snapshots for Rollback

# Create snapshots with descriptive tags

for volume_id in $(aws ec2 describe-volumes \

  --region us-east-1 \

  --filters Name=status,Values=available \

  --query 'Volumes[*].VolumeId' \

  --output text); do

  

  echo "Creating snapshot of $volume_id..."

  aws ec2 create-snapshot \

    --region us-east-1 \

    --volume-id $volume_id \

    --description "Pre-deletion backup - $(date +%Y-%m-%d)" \

    --tag-specifications "ResourceType=snapshot,Tags=[{Key=Purpose,Value=PreDeletionBackup},{Key=OriginalVolumeId,Value=$volume_id}]"

  

  sleep 2

done

Step 5: Document Volume Details

# Save complete volume configuration for rollback

mkdir -p ebs-backup-$(date +%Y%m%d)

cd ebs-backup-$(date +%Y%m%d)



for volume_id in $(aws ec2 describe-volumes \

  --region us-east-1 \

  --filters Name=status,Values=available \

  --query 'Volumes[*].VolumeId' \

  --output text); do

  

  aws ec2 describe-volumes \

    --region us-east-1 \

    --volume-ids $volume_id \

    > volume-$volume_id.json

done

Safe Deletion Commands

Option 1: Delete Single Volume (Recommended First)

# Delete specific volume by ID

aws ec2 delete-volume \

  --region us-east-1 \

  --volume-id vol-xxxxx

Verify deletion:

aws ec2 describe-volumes \

  --region us-east-1 \

  --volume-ids vol-xxxxx

# Expected: "The volume 'vol-xxxxx' does not exist"

Option 2: Bulk Delete All 12 Volumes

⚠️ WARNING: Only proceed after completing safety checklist.

# DRY RUN: List what would be deleted

echo "The following volumes will be deleted:"

aws ec2 describe-volumes \

  --region us-east-1 \

  --filters Name=status,Values=available \

  --query 'Volumes[*].{ID:VolumeId,Size:Size,Type:VolumeType}' \

  --output table



echo "Press Ctrl+C to cancel, or Enter to continue..."

read



# Proceed with deletion

for volume_id in $(aws ec2 describe-volumes \

  --region us-east-1 \

  --filters Name=status,Values=available \

  --query 'Volumes[*].VolumeId' \

  --output text); do

  

  echo "Deleting $volume_id..."

  aws ec2 delete-volume \

    --region us-east-1 \

    --volume-id $volume_id

  

  if [ $? -eq 0 ]; then

    echo "✓ Successfully deleted $volume_id"

  else

    echo "✗ Failed to delete $volume_id"

  fi

  

  sleep 2

done

Rollback Procedures

Restore from Snapshot

# 1. Find the snapshot for the deleted volume

aws ec2 describe-snapshots \

  --region us-east-1 \

  --owner-ids self \

  --filters Name=tag:OriginalVolumeId,Values=vol-xxxxx \

  --query 'Snapshots[*].{ID:SnapshotId,Created:StartTime}' \

  --output table



# 2. Create new volume from snapshot

aws ec2 create-volume \

  --region us-east-1 \

  --availability-zone us-east-1a \

  --snapshot-id snap-xxxxx \

  --volume-type gp3 \

  --tag-specifications 'ResourceType=volume,Tags=[{Key=Name,Value=Restored}]'



# 3. Attach to instance if needed

aws ec2 attach-volume \

  --region us-east-1 \

  --volume-id vol-new-xxxxx \

  --instance-id i-xxxxx \

  --device /dev/sdf

Recovery Time: 5-15 minutes
Data Loss Risk: None if snapshot was created before deletion

Cost Savings Estimation

# Calculate your savings

total_gb=$(aws ec2 describe-volumes \

  --region us-east-1 \

  --filters Name=status,Values=available \

  --query 'sum(Volumes[*].Size)' \

  --output text)



echo "Total unattached storage: ${total_gb} GB"

echo "Monthly cost (gp3): \$$(echo "$total_gb * 0.08" | bc)"

echo "Annual savings: \$$(echo "$total_gb * 0.08 * 12" | bc)"
Scenario Total Size Monthly Savings Annual Savings
12 × 100GB volumes 1,200 GB $96/mo $1,152/yr
12 × 50GB volumes 600 GB $48/mo $576/yr
12 × 20GB volumes 240 GB $19/mo $230/yr
View all examples for AWS Resource Cleanup Runbook

About This Skill

Identify and safely clean up unused AWS resources with prioritized audit checklists and ready-to-use CLI commands.

View Skill Details

More Examples

Comprehensive AWS Account Audit

Complete audit framework with prioritized resource checklist, ready-to-run discovery commands for 8+ resource types, and cost impact analysis.

Multi-Region Cost Spike Investigation

Systematic investigation framework for identifying hidden AWS costs across multiple regions, with 7 common culprits and ready-to-run discovery commands.

View all examples