Rajendra Gupta
Create an AWS Lambda Function

Automatically Start/Stop an AWS RDS SQL Server using AWS Lambda functions

June 12, 2020 by

This article gives you an overview of the AWS Lambda function to automatically start and stop AWS RDS SQL Server.

Introduction

In the article, How to stop an AWS RDS SQL Server using web console and AWS CLI, we explored the importance of stopping RDS instance for cost optimization of your AWS resources. It covered stop and start RDS using AWS web console and CLI.

Usually, we can decide to stop RDS in the night and start it again in the morning. It is not feasible to do this task manually daily at a fixed schedule. You can also forget or skip it, and it could cost you big bucks the end of the day. AWS provides ways to automate Start and Stop RDS instances. You need to configure it once, and it follows the schedules defined by you.

Let’s follow this article to automate the RDS instance Start and Stop activity.

Lambda function to automate AWS RDS SQL Server Startup

AWS provides a useful Lambda service to automate code execution without managing the infrastructure. We can supply the code in any supported language such as Python, Node.js, Ruby, Java, and it executes the code in scalable and highly available systems. It does not charge for any resources, and you pay only for the compute time of your code.

We can configure a lambda function for an event response. For example, we can trigger a code once the user uploads a file in the S3 bucket. We can deploy a web application by supplying the code in lambda functions. It supports serverless Framework.

Steps to create an AWS Lambda function for AWS RDS SQL Server

We use the following steps to configure a lambda function.

Create an IAM policy

The first step is to define an IAM policy to gain access to RDS actions and AWS Cloud Watch Log Events. Navigate to IAM in the services and click on Policies-> Create Policy.

Create an IAM policy

To create the Policy, we can either use the Visual editor or specify the JSON statement. It requires following permissions in this Policy

  • RDS:
    • DescribeDBInstances: It returns information about existing RDS instances for your account
    • StopDBInstance: Permissions to stops the AWS RDS SQL Server
    • StopDBInstance: Permissions to start the RDS instance

  • CloudWatch Logs
    • CreateLogGroup: It creates a log group in the CloudWatch. The log group name remains unique in the account
    • CreateLogStream: It creates a log stream for the specified log group created using the CreateLogGroup
    • PutLogEvents: It uploads a batch of events in the specified log stream

You can copy the above JSON policy and paste in the Create Policy, as shown below.

JSON policy

In the next step, give a name, description for it. You can also view the summary of permissions we assign for the RDS and CloudWatch logs.

Summary of permissions

We can see that the customer-managed policy RDS_Stop_Start_policy is created.

Customer-managed policy

Create an IAM Role and attach RDS_Stop_Start_policy Policy for AWS RDS SQL Server

In this step, we create an IAM role and attach the Policy created in the previous step. Click on Roles -> Create Role in the IAM dashboard.

  • Select the type of trusted entity: Select AWS Service
  • Choose a use case: We require AWS lambda function to perform the task for us. Select the Lambda user case

Create an IAM Role for AWS RDS SQL Server

In the next step, search the Policy we wish to attach with this Role. In my case, it is RDS_Stop_StartPolicy.

Search the Policy

We can skip the tags. It is an optional field. Review the role definition, specify a role name and create the IAM role.

specify a role name

In this step, we created the IAM role RDS_Lambda.

View role

Create an AWS Lambda Function

Once we have the IAM policy and IAM role configured, we can create lambda functions. We can find Lambda service in the Compute section of services.

Create an AWS Lambda Function

We should create the lambda function in the same region where our RDS instance exists. You can see existing utilized resources in the AWS lambda dashboard. We need different functions for stopping and starting the RDS instance.

Lambda function to start AWS RDS SQL Server

Here, we create a function to start the AWS RDS SQL Server. Click on Create function in the dashboard.

Lambda dashboard

In the Create function, do the following tasks.

  • Select the option – Author from Scratch

    Create function

  • Function name: Specify a lambda function name. I specify the RDSStartFunction name to start my RDS instance
  • RunTime: As specified earlier, the lambda function supports multiple languages such as Python, Ruby
  • Permissions: Click on Use an existing role and choose the IAM role RDS_Lambda that we created earlier

Function configurations

It creates the lambda function, as shown below. You can see ARN (Amazon resource name) at the top of the dashboard. We require this ARN (Amazon Resource Name) in the next step of the lambda function configuration.

ARN: arn:aws:lambda:us-east-1:147081669821:function:RDSStartFunction

Amazon resource name

Add inline Policy in existing IAM role

Now, open a new tab for the IAM role and edit the existing Role RDS_Lambda. In the summary page, click on Add Inline Policy.

Add Inline Policy

In the Inline policy editor, paste the following JSON. Here, you note that we used the AWS lambda ARN in the resource section. You can copy ARN for your existing lambda ARN.

Lambda ARN follows the format: arn:aws:lambda:<Region>-<AWS Account o>:function:<lambda function Name>

Lambda ARN

Click on Review policy, specify the policy name and Create inline Policy.

Review policy

Now, we can see two policies in the RDS_Lambda function:

  • Managed policy: RDS_Stop_Start_Policy
  • Inline Policy: Manual_RDS_Schedule

Summary

Now, go back to the lambda function. In the designer, we can see function and options to add trigger and destination.

Function designer

Function Code: Scroll down and paste the Python code inside the editor. You need to select appropriate language in the run time. I go with the latest version Python 3.8

Function Code

In this code, we do the following tasks:

  • Import Python modules
    • Botocore works as a base for the AWS CLI and boto3 module
    • Boto3 is the AWS SDK for Python
  • lambdaFunc.get_function_configuration() function gets configuration of the lambda function
  • It uses the AWS CLI function rds.start_db_instance() to start function programmatically
  • We can create another function to stop RDS instance with similar steps. We only need to modify the function rds.start_db_instance() to rds.stop_db_instance():
    response = rds.stop_db_instance
    (
    DBInstanceIdentifier=DBinstance
    )

  • Environment variable: We used the environment variable in the above script to get the RDS instance name.

    Scroll down in the environment variable section. We need to map the existing RDS instance using the environment variable

    Environment variable

    In the edit environment variables, click on the Add environment variable

    Edit Environment variable

    AWS Lambda uses a key-value pair for the environment variable:

    • Key: DBInstanceName ( Do not change the key name)
    • Value: Specify the RDS instance name in this value. You can get the RDS instance name from the RDS dashboard

      Specify RDS name

    Click on Save, and you get a confirmation in the green box:

    Save function

Click on Test, and it gives the option to Configure Test. You get the hello-world event template with the event name and key-value pairs. We do need any changes here. Specify an event name and click on Create.

hello-world event template

We can see an event name in the highlighted box of the below screenshot. Now, we are ready to start the RDS instance. Click on Test to execute the lambda function.

Click on Test

You see the logs, and it begins the process of starting the RDS instance.

View logs

You can click on the Monitoring tab, and it shows the CloudWatch requests, duration, billed duration.

CloudWatch requests

We can refresh the RDS dashboard, and it changes instance status from Stopped to Starting.

RDS dashboard

Create a CloudWatch rule to automatic Start/Stop RDS

Once we created a lambda function, we can schedule it using the CloudWatch rules. Go to CloudWatch and Click on Rules -> Create Rule.

CloudWatch rule

Step 1: Create Rule:

  • Select the event source as Schedule

    Step 1: Create Rule

  • Select the target as Lamda function and choose the function we created earlier from the drop-down
  • Specify the Schedule in the crontab format. In the below, we specified expression to execute lambda function daily at 5 AM GMT automatically. You see the next 10 trigger dates once you specified the Cron expression

You can refer Cron Expressions to learn the Schedule using Cron expressions.

Cron expressions

Click on Configure details and enter the rule name, description. You can also enable and disable the Rule as well.

Step 2: Configure rule details

Step 2: Configure rule details

It creates the rules to execute the lambda function automatically.

Search IAM role

Conclusion

In this article, we explored the lambda function to automatically start an RDS instance. You can configure a similar function for stopping AWS RDS SQL Server. It helps to manage the RDS costs effectively without manual intervention. You can also create bash scripts to manage RDS instances stop/start. I will cover it in further articles. Stay tuned!

Rajendra Gupta
AWS RDS

About Rajendra Gupta

Rajendra has 8+ years of experience in database administration having a passion for database performance optimization, monitoring, and high availability and disaster recovery technologies, learning new things, new features. While working as a Senior consultant DBA for big customers and having certified with MCSA SQL 2012, he likes to share knowledge on various blogs. He can be reached at rajendra.gupta16@gmail.com View all posts by Rajendra Gupta

4,155 Views