LogoLogo
  • Getting Started
    • Introduction to OneLens
    • Operational Cost of OneLens
    • Onboarding Guide
    • Accessing OneLens
  • Integrations
    • Cloud Services
      • Connect to AWS
    • Kubernetes
      • OneLens Agent
        • Onboarding a K8s Cluster
        • Artifacts
      • Enable Split Cost Allocation for EKS
  • User Guide
    • Observe ( Visibility and Insights)
      • Cost Analyzer
        • Saved Views
      • Cost Watcher
        • Cost Anomaly
      • Data Transfer Cost Reports
    • Optimize (Cost Savings & Recommendations)
      • Saving Dashboard
        • About Potential Savings
        • View Potential Savings
        • About Achieved Savings
        • View Achieved Savings
      • Policy Violations
        • Drill Down into Policy Violations
      • S3 Optimization
        • Detailed View of Buckets
        • Cost & Usage Breakdown
        • S3 Insights
    • Automate
      • Workflows & Automation
        • Triggers
        • Actions
        • Usecases
          • Automating Periodic Cloud Cost Reports
          • Automatically Create Jira Issues for New Tickets
          • Email Notifications of New Tickets
          • Configure Periodic Digests for Pending Tickets
          • Automating Cost Anomalies Email Alerts
          • Escalation of High-Value Pending Tickets
      • Remediations (Runbooks)
        • Install Runbooks
        • Runbook Catalog
          • Delete CloudWatch Alarms in Insufficient State
          • Delete EBS Snapshots for which corresponding volumes are not in use
          • Delete Idle ElastiCache/Memcached Cluster
          • Delete RDS Snapshots older than a specified period of time
          • Delete idle Classic/Application Load Balancers
          • Delete unused EBS Volumes
          • Delete unused Elastic IP
          • Delete unused NAT Gateway
          • Migrate EBS Volumes from gp2 to gp3
          • Set retention period for CloudWatch Logs
        • Execution Logs
    • Govern ( Control & Governance)
      • Cost Optimization Policies
  • Facts & FAQs
    • FAQs
      • Connect Slack Private Channels to OneLens
Powered by GitBook
On this page
  • What It Does
  • Risk and Scope
  • Optimization Policies Addressed
  • Risk Mitigation
  • How to Install
  • Runbook Workflow
  • Step 1: Start
  • Step 2: CheckAndDelete
  • Step 3: If/Else
  • See How It Works
  • Triggering the Runbook
  • 1. Locate the Ticket
  • 2. Execute the Runbook
  1. User Guide
  2. Automate
  3. Remediations (Runbooks)
  4. Runbook Catalog

Delete unused NAT Gateway

What It Does

Deletes unused NAT gateways that no longer serve active traffic. Unused NAT gateways can accumulate avoidable costs. Removing them helps lower VPC-related expenses without affecting ongoing workloads.

Risk and Scope

Detail
Value

Risk Level

Low

AWS Service Targeted

VPC

Permissions Required

Delete Permissions

  • ec2:DeleteNatGateway

Read Permissions

  • ec2:DescribeNatGateways

These permissions are granted only to the runbook, not to the OneLens platform itself.

Optimization Policies Addressed

This runbook remediates violation tickets of the following policy:

Policy ID
Policy Name

vpc_103

NAT Gateway with no outgoing traffic should be deleted

Risk Mitigation

Risk Mitigation Strategy

  • The change is assessed as low risk with limited scope and impact.

  • No downtime is expected during or after implementation.

  • No additional safety measures are required due to the non-disruptive nature of the change.

  • A rollback plan is not defined, as standard procedures are sufficient to manage the change.

How to Install

Runbook Workflow

Step 1: Start

Trigger: Begins the runbook to identify and delete unused NAT gateways.

Step 2: CheckAndDelete

Action: Executes a script that checks for unused NAT gateways and flags them for deletion.

Step 3: If/Else

Condition: Checks if any NAT gateway is unused and eligible for deletion.

  1. If eligible, proceeds to delete the unused NAT gateway:

    1. DeleteNatGateway Executes DeleteNatGateway on the identified EC2 NAT gateway resource.

  2. Else:

    Workflow terminates if no deletable NAT gateway is found.

See How It Works

Triggering the Runbook

To run this workflow:

1. Locate the Ticket

Identify the ticket associated with the above mentioned policy violation.

2. Execute the Runbook

PreviousDelete unused Elastic IPNextMigrate EBS Volumes from gp2 to gp3

Last updated 1 month ago

Refer to the for steps to install and enable this runbook in your environment.

Follow the steps described in the section to apply this runbook to the ticket.

Runbook Setup Guide
executing a runbook