⭐ Repository → 📁 Compliance Engine → 📁 CloudAware → 📁 AWS → 📁 EC2 → 🛡️ EBS Volume is idle🟢

🧠 AWS EBS Volume is idle - prod.logic.yaml🟢

• Contextual name: 🧠 prod.logic.yaml🟢
• ID: /ce/ca/aws/ec2/ebs-volume-idle/prod.logic.yaml
• Tags:
  • 🟢 Logic test success
  • 🟢 Logic with extracts
  • 🟢 Logic with test data

Uses

• 📗 AWS EBS Volume
• 🔌 AWS EBS Volume - object.extracts.yaml
• 🧪 test-data.json

Test Results 🟢

Generated at: 2025-10-01T12:44:54.941306871Z Open

Result	Id	Condition Index	Condition Text	Runtime Error
🟢	001	✔️ 99	✔️ isDisappeared(CA10__disappearanceTime__c)	✔️ null
🟢	002	✔️ 199	✔️ extract('CA10__status__c') != 'available' && extract('CA10__status__c') != 'in-use'	✔️ null
🟢	003	✔️ 299	✔️ extract('CA10__createTime__c').withinLastDays(30)	✔️ null
🟢	004	✔️ 399	✔️ extract('CA10__status__c') == 'available' && extract('CA10__readOpsSum30d__c').isEmpty() && extract('CA10__writeOpsSum30d__c').isEmpty()	✔️ null
🟢	005	✔️ 499	✔️ extract('CA10__attachmentAttachTime__c').isNotEmpty() && extract('CA10__attachmentAttachTime__c').withinLastDays(30)	✔️ null
🟢	006	✔️ 599	✔️ extract('CA10__status__c') == 'in-use' && extract('CA10__readOpsSum30d__c').isEmpty() && extract('CA10__writeOpsSum30d__c').isEmpty()	✔️ null
🟢	007	✔️ 699	✔️ extract('CA10__status__c') == 'in-use' && extract('CA10__readOpsSum30d__c') == number(0.0) && extract('CA10__writeOpsSum30d__c') == number(0.0)	✔️ null
🟢	008	✔️ 700	✔️ otherwise	✔️ null
🟢	009	✔️ 700	✔️ otherwise	✔️ null

Generation Bundle

	File	MD5
Open	/ce/ca/aws/ec2/ebs-volume-idle/policy.yaml	C8569F45BC0DB58031F8C89413C122A8
Open	/ce/ca/aws/ec2/ebs-volume-idle/prod.logic.yaml	2AB5D74C0F8174B875A53FA6D6FB23D6
Open	/ce/ca/aws/ec2/ebs-volume-idle/test-data.json	1E217B2E4E72B6CBB2A03DF27BB0344F
Open	/types/CA10__CaAwsVolume__c/object.extracts.yaml	D98F19A3E57995D503E82126277DD66A

Available Commands

repo-manager policies generate FULL /ce/ca/aws/ec2/ebs-volume-idle/prod.logic.yaml
repo-manager policies generate DEBUG /ce/ca/aws/ec2/ebs-volume-idle/prod.logic.yaml
repo-manager policies generate CAPTURE_TEST_DATA /ce/ca/aws/ec2/ebs-volume-idle/prod.logic.yaml
repo-manager policies generate TESTS /ce/ca/aws/ec2/ebs-volume-idle/prod.logic.yaml
# Execute tests
repo-manager policies test /ce/ca/aws/ec2/ebs-volume-idle/prod.logic.yaml

Content

Open File

---
inputType: "CA10__CaAwsVolume__c"
importExtracts:
  - file: "/types/CA10__CaAwsVolume__c/object.extracts.yaml"
testData:
  - file: 'test-data.json'
conditions:
  - status: "INAPPLICABLE"
    currentStateMessage: "The EBS volume is in a transient or error state."
    check:
      AND: 
        args:
          - NOT_EQUAL:
              left:
                EXTRACT: "CA10__status__c"
              right:
                TEXT: "available"
          - NOT_EQUAL:
              left:
                EXTRACT: "CA10__status__c"
              right:
                TEXT: "in-use"
  - status: "INAPPLICABLE"
    currentStateMessage: "The EBS volume has been created less than 30 days ago."
    check:
      IS_WITHIN_LAST_DAYS:
        offsetDays: 30
        arg:
          EXTRACT: "CA10__createTime__c"
  - status: "INCOMPLIANT"
    currentStateMessage: "The EBS volume is unattached and has no I/O metrics for the past 30 days."
    remediationMessage: "Consider creating a final snapshot of the volume for archival purposes and then deleting it."
    check:
      AND:
        args:
          - IS_EQUAL:
              left:
                EXTRACT: "CA10__status__c"
              right:
                TEXT: "available"
          - IS_EMPTY:
              arg:
                EXTRACT: "CA10__readOpsSum30d__c"
          - IS_EMPTY:
              arg:
                EXTRACT: "CA10__writeOpsSum30d__c"
  - status: "INAPPLICABLE"
    currentStateMessage: "The volume is attached for less than 30 days."
    check:
      AND:
        args:
        - NOT_EMPTY:
            arg:
              EXTRACT: "CA10__attachmentAttachTime__c"
        - IS_WITHIN_LAST_DAYS:
            offsetDays: 30
            arg:
              EXTRACT: "CA10__attachmentAttachTime__c"
  - status: INCOMPLIANT
    currentStateMessage: "The EBS volume is attached but has no read and write operations for the past 30 days."
    remediationMessage: "The volume is attached to an instance that has been stopped for over 30 days.\
      \ Consider detaching it, creating a snapshot for archival, and then deleting the volume."
    check:
      AND:
        args:
          - IS_EQUAL:
              left:
                EXTRACT: "CA10__status__c"
              right:
                TEXT: "in-use"
          - IS_EMPTY:
              arg:
                EXTRACT: "CA10__readOpsSum30d__c"
          - IS_EMPTY:
              arg:
                EXTRACT: "CA10__writeOpsSum30d__c"
  - status: INCOMPLIANT
    currentStateMessage: "The EBS volume is attached but has had zero read and write operations for the past 30 days."
    remediationMessage: "Investigate why the volume is attached but unused.\
      \ Consider detaching it, creating a snapshot for archival, and then deleting the volume."
    check:
      AND:
        args:
          - IS_EQUAL:
              left:
                EXTRACT: "CA10__status__c"
              right:
                TEXT: "in-use"
          - IS_EQUAL:
              left:
                EXTRACT: "CA10__readOpsSum30d__c"
              right:
                NUMBER: 0.0
          - IS_EQUAL:
              left:
                EXTRACT: "CA10__writeOpsSum30d__c"
              right:
                NUMBER: 0.0
otherwise:
  status: "COMPLIANT"
  currentStateMessage: "The EBS volume is not idle."