Skip to main content

Use Case for Idle AWS EFS File System Detector

  1. Configure Idle AWS EFS File System Detector
  2. Use Case for Idle AWS EFS File System Detector
  3. Triage Guides by Violation Type
    1. Triage Idle AWS EFS File System Detector EFS_INACTIVITY

Why Use This Policy?

Pros:

  • Saves Costs: Identifies EFS File Systems with no recent activity, allowing decommission or archival, reducing costs.
  • Improves Resource Utilization: Encourages optimal utilization of AWS services.
  • Promotes Hygiene: Keeps the AWS environment clean by flagging unused resources.

Cons:

  • Potential Data Loss: Careless decommissioning can lead to data loss if the data is still needed.

How the Policy Works:

This policy uses the ClientConnections CloudWatch metric to check for the last active connection to an EFS File System. If no connection has been made for the specified number of days, it triggers a violation.

Variables:

  • inactiveDaysThreshold: The number of days that constitute inactivity (default is 30).
  • violationTypeId: Identifiers for different types of policy violations. In this case, we have 'EFS_INACTIVITY' for unused EFS File Systems.

Each violationTypeId corresponds to a specific scenario or condition that was deemed a violation during policy evaluation.