Idle Resource Detection and Cleanup
Idle resources are 5-15% of any mature cloud bill. Cleanup is mechanical once detection is in place.
Why idle accumulates
Resources outlive their creators. Engineers leave; environments are forgotten; volumes detached for ‘just in case’ sit forever.
Without active cleanup, idle resources only grow.
Four detection patterns
- 1. Unattached volumes (no instance for >30 days).
- 2. Old snapshots (older than retention policy).
- 3. Unused load balancers (no traffic for 14 days).
- 4. Idle dev environments (no logins for 30 days).
Auto-cleanup pipeline
Daily scan; tag for archive; weekly archive; monthly delete unless tagged keep-alive.
Pipeline runs forever; the savings recur.
Owner-of-record opt-out
Owners can tag for keep-alive with a justification. Justification reviewed quarterly.
Without an opt-out path, real legitimate resources get nuked.
Antipatterns
- Manual cleanup. Always falls behind.
- Aggressive auto-delete with no notice. Outages.
- Cleanup without owner-of-record. No accountability.
What to do this week
Three moves. (1) Apply this lever to your highest-spend workload. (2) Measure the dollar impact for one month. (3) Roll the practice out to the next two services if the savings hold.