⭐ Repository → 📁 Compliance Engine → 📁 CloudAware → 📁 Google → 📁 GCE

🛡️ Google GCE Instance is underutilized🟢

• Contextual name: 🛡️ Instance is underutilized🟢
• ID: /ce/ca/google/compute-engine/instance-underutilized
• Tags:
  • 🟢 Policy with categories
  • 🟢 Policy with type
  • 🟢 Production policy
• Policy Type: COMPLIANCE_POLICY
• Policy Categories: COST, PERFORMANCE

Logic

• 🧠 prod.logic.yaml🟢
  • 📗 Google GCE Instance
  • 🔌 Google GCE Instance - object.extracts.yaml
  • 🧪 test-data.json

Description

Open File

Description

This policy identifies Google GCE Instances that appear to be underutilized. By default, an instance is considered underutilized if its average CPU utilization remains below 40% and its maximum CPU utilization does not exceed 50% over a 14-day evaluation period.

Rationale

Underutilized instances contribute to unnecessary cloud expenditure. By identifying and rightsizing these resources, organizations can optimize their infrastructure and achieve cost savings without negatively affecting application performance.

Impact

Resizing an instance may require the instance to be stopped and restarted, resulting in a brief downtime.

Audit

This policy evaluates a Google GCE Instance based on its 14-day performance metrics.

The Instance is marked as INCOMPLIANT if all the following criteria are met:

• CPU Utilization, Average, % field is less than 40%.
• CPU Utilization, Max, % field is less than 50%.

The Instance is marked as INAPPLICABLE if it is not currently running, it has been running for less than 14 days, or this instance is idle and evaluated by the Google GCE Instance is idle policy.

... see more

Remediation

Open File

Remediation

Consider resizing an Google GCE Instance to a smaller, more cost-effective machine type that aligns with its workload requirements or terminating it if it's no longer required.

Resize the Instance

Using gcloud CLI

1. Stop the instance:

gcloud compute instances stop {{instance-name}} --zone=ZONE

2. Change the machine type:

gcloud compute instances set-machine-type {{instance-name}} \
    --machine-type={{new-machine-type}} \
    --zone={{zone}}

3. Start the instance:

gcloud compute instances start {{instance-name}} --zone={{zone}}

Considerations

• Ensure a recent snapshot or backup of the instance’s disks before resizing.
• Validate that the selected machine type provides sufficient performance for the application’s needs.

Terminate the Instance

Using gcloud CLI

If the instance is consistently underutilized and no longer required, terminate it to fully eliminate costs.

gcloud compute instances delete {{instance-name}} --zone={{zone}}

Considerations

• Termination is permanent and deletes all associated resources that are not separately preserved (e.g., disks if not set to retain).

... see more

policy.yaml

Open File

Linked Framework Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 Cloudaware Framework → 💼 Resource Right-Sizing			15		no data
💼 Cloudaware Framework → 💼 Workload Efficiency			24		no data