⭐ Repository → 📁 Compliance Engine → 📁 CloudAware → 📁 AWS → 📁 RDS

🛡️ AWS RDS Instance is underutilized🟢

• Contextual name: 🛡️ Instance is underutilized🟢
• ID: /ce/ca/aws/rds/instance-underutilized
• Tags:
  • 🟢 Policy with categories
  • 🟢 Policy with type
  • 🟢 Production policy
• Policy Type: COMPLIANCE_POLICY
• Policy Categories: COST, PERFORMANCE

Logic

• 🧠 prod.logic.yaml🟢
  • 📗 AWS RDS Instance
  • 🔌 AWS RDS Instance - object.extracts.yaml
  • 🧪 test-data.json

Description

Open File

Description

This policy identifies Amazon RDS database instances that appear to be underutilized based on their performance metrics over the last 30 days. An instance is flagged as underutilized if it meets the following conditions:

1. Average CPU utilization has been below 20%.
2. Average disk read IOPS has been under 50.
3. Average disk write IOPS has been under 50.

Rationale

Right-sizing underutilized RDS instances helps reduce costs while maintaining application performance. Aligning resources with actual workload requirements ensures efficient use of infrastructure and prevents unnecessary spend.

Impact

It is crucial to analyze performance data carefully before resizing to avoid any negative impact on application availability or responsiveness.

Audit

This policy evaluates an RDS Instance based on its 30-day performance metrics.

The Instance is marked as INCOMPLIANT if all the following criteria are met:

• CloudWatch: CPU, 30-Day metric is less than 20%.
• CloudWatch: Disk Read IOPS, 30-Day metric is less than 50 IOPS.

... see more

Remediation

Open File

Remediation

Right-Size Underutilized Instances

Key considerations

• Ensure that the new instance class supports your workload and storage requirements.
• Coordinate with application owners before resizing to avoid unexpected performance issues.

Downsize the DB instance

From Command Line

To apply during the next maintenance window (recommended for production):

aws rds modify-db-instance \
    --db-instance-identifier {{db-instance-id}} \
    --db-instance-class {{new-instance-class}} \
    --apply-immediately false

To apply immediately (causes a brief outage while resizing):

aws rds modify-db-instance \
    --db-instance-identifier {{db-instance-id}} \
    --db-instance-class {{new-instance-class}} \
    --apply-immediately true

policy.yaml

Open File

Linked Framework Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 Cloudaware Framework → 💼 Resource Right-Sizing			15		no data
💼 Cloudaware Framework → 💼 Workload Efficiency			24		no data