⭐ Repository → 📁 Compliance Engine → 📁 CloudAware → 📁 Google → 📁 GCE

🛡️ Google GCE Instance is idle🟢

Contextual name: 🛡️ Instance is idle🟢
ID: /ce/ca/google/compute-engine/instance-idle
Tags:
- 🟢 Policy with categories
- 🟢 Policy with type
- 🟢 Production policy
Policy Type: COMPLIANCE_POLICY
Policy Categories: PERFORMANCE, COST

Logic

🧠 prod.logic.yaml🟢
- 📗 Google GCE Instance
- 🔌 Google GCE Instance - object.extracts.yaml
- 🧪 test-data.json

Description

Description

This policy identifies Google Compute Engine (GCE) instances that appear to be idle. An instance is considered idle if it consistently meets the following low-utilization criteria over a 14-day period:

Average CPU utilization below 5%

Maximum CPU utilization below 15%

Average network I/O less than 100 MB

Rational

Idle instances generate costs without delivering business value. By identifying and addressing these instances, organizations can reduce unnecessary GCP spending and improve overall resource efficiency.

Impact

Before terminating an instance, verify that it is not required for periodic tasks, disaster recovery, or other non-continuous workloads.

Audit

This policy evaluates an Google GCE Instance based on its 14-day performance metrics.

The Instance is marked as INCOMPLIANT if all the following criteria are met:

CPU Utilization, Average, % field is less than 5%.

CPU Utilization, Max, % field is less than 15%.

Network In, Sum, Megabytes field is less than 100 MB.

Network Out, Sum, Megabytes field is less than 100 MB.

... see more

Remediation

Open File

Remediation

Before taking action, verify whether the instance is still required. Idle instances may serve non-critical purposes such as development, testing, or periodic workloads.

Stop the Instance

Stop the instance if it is temporarily not needed but may be required later. This halts billing for compute resources, although storage charges for attached persistent disks will continue.
gcloud compute instances stop {{instance-name}} --zone={{zone}}
Rightsize the Instance

If the instance is oversized for its workload, resize it to a smaller, more cost-effective machine type.

Stop the instance.

Change the machine type:
gcloud compute instances set-machine-type {{instance-name}} \
    --zone={{zone}} \
    --machine-type={{new-machine-type}}
Restart the instance:
gcloud compute instances start {{instance-name}} --zone={{zone}}
Delete the Instance

If the instance is no longer required, delete it to eliminate all associated costs. This action is irreversible and will also remove any attached non-boot disks configured for auto-deletion.

... see more

policy.yaml

Open File

Linked Framework Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 Cloudaware Framework → 💼 Waste Reduction			25		no data
💼 Cloudaware Framework → 💼 Workload Efficiency			24		no data

Logic​

Description​

Description​

Rational​

Impact​

Audit​

Remediation​

Remediation​

Stop the Instance​

Rightsize the Instance​

Delete the Instance​

policy.yaml​

Linked Framework Sections​

Logic

Description

Description

Rational

Impact

Audit

Remediation

Remediation

Stop the Instance

Rightsize the Instance

Delete the Instance

policy.yaml

Linked Framework Sections