Idle Resource Detection Features

Cloud Sweeper uses asynchronous scanning and cloud-native metrics to automatically identify and tag idle resources across AWS and Azure. Optimize your cloud spend by targeting unused EC2, VMs, disks, databases, and more.

AWS Supported Resources

19 resource types monitored

Compute & Container Services

• EC2 Instances

  Scans all running EC2 instances. Flags as idle if average CPUUtilization (CloudWatch) over a configurable period is below threshold. Idle instances are tagged and can be deleted.

• ECS Clusters

  Detects ECS clusters with low CPU utilization or no running services/tasks. Idle clusters are tagged.

• EKS Clusters

  Flags EKS clusters with low node CPU utilization or no node groups. Idle clusters are tagged.

• Lambda Functions

  Identifies Lambda functions with zero invocations or high error rates over the monitoring period. Idle functions are tagged for review.

Storage Services

• EBS Volumes

  Detects unattached EBS volumes older than a set threshold and above minimum size. Idle volumes are tagged and can be deleted.

• S3 Buckets

  Finds empty S3 buckets using BucketSizeBytes metrics. Idle buckets are tagged and can be deleted if empty.

• EBS Snapshots

  Identifies orphaned snapshots (no associated volume) or aged snapshots exceeding retention thresholds. Idle snapshots are tagged for cleanup.

• RDS Snapshots

  Detects orphaned database snapshots (no associated DB instance) or aged snapshots beyond retention policies. Idle snapshots are tagged.

Database & Caching Services

• RDS Database Instances

  Scans RDS instances for low CPU utilization, database connections, and IOPS. Idle databases are tagged.

• ElastiCache Clusters

  Scans Redis and Memcached clusters. Flags clusters with low CPU, memory, connections, and cache hit rate as idle. Idle clusters are tagged.

• DynamoDB Tables

  Identifies provisioned DynamoDB tables with low read/write capacity utilization and minimal request activity. Idle tables are tagged for right-sizing or on-demand conversion.

Networking Services

• Elastic IPs (EIP)

  Identifies unassociated Elastic IP addresses. Idle EIPs are tagged and can be released.

• NAT Gateways

  Detects NAT Gateways with minimal data transfer (low BytesInFromSource and BytesOutToDestination). Idle gateways are tagged for review.

• Application Load Balancers (ALB)

  Flags ALBs with low request counts and minimal active connections over the monitoring period. Idle load balancers are tagged.

• Network Load Balancers (NLB)

  Identifies NLBs with low connection activity and minimal processed bytes. Idle load balancers are tagged.

• Classic Load Balancers

  Detects Classic Load Balancers with minimal traffic (low request count and backend connections). Idle load balancers are tagged.

• API Gateway (HTTP APIs)

  Scans HTTP APIs with request count < 10/day for 30+ days and minimal 4xx/5xx error rates. Idle APIs are tagged for review or migration.

Container & Queue Services

• ECR Repositories

  Identifies ECR repositories with no images or zero pull activity over the monitoring period. Idle repositories are tagged.

• SQS Queues

  Detects SQS queues with low message activity, minimal API calls, empty queues, or old inactive queues. Idle queues are tagged.

Azure Supported Resources

17 resource types monitored

Compute & Container Services

• Virtual Machines (Classic & VMSS)

  Scans all classic VMs and VM Scale Sets. Flags as idle if status is "stopped" or "deallocated", or average CPU usage is below 5% over the monitoring period.

• AKS Clusters

  Flags AKS clusters with node_cpu_usage_percentage < 1% over the lookback window. Idle clusters are tagged.

• App Service Plans

  Detects plans with no hosted web apps and minimal CPU time and request count. Idle plans are tagged.

• Container Apps

  Flags Container Apps with zero active replicas or no CPU/HTTP requests over the lookback window. Idle apps are tagged.

• Azure Functions

  Identifies Function Apps with FunctionExecutionCount < 10 per day for 30+ days or high error rates. Idle functions are tagged for review or plan optimization.

Storage Services

• Unattached Disks

  Detects managed disks not attached to any VM. Idle disks are tagged and can be deleted.

• Storage Accounts

  Detects storage accounts with average egress < 500 bytes and transactions < 10 over the lookback window. Idle accounts are tagged.

Database Services

• MySQL Flexible Servers

  Detects MySQL servers with cpu_percent < 5% and connections == 0 over the lookback window. Idle servers are tagged.

• SQL Databases

  Flags SQL databases with avg_cpu_percent < 3% and connections < 5 over the lookback window. Idle databases are tagged.

• PostgreSQL Flexible Servers

  Detects PostgreSQL servers with cpu_percent < 5% and connections == 0 over the lookback window. Idle servers are tagged.

• Cosmos DB Accounts

  Flags Cosmos DB accounts with NormalizedRUConsumption < 5 over the lookback window. Idle accounts are tagged.

Caching Services

• Redis Caches

  Flags Redis caches with ConnectedClients < 1 and alloperationsPerSecond < 1 over 24 hours. Idle caches are tagged.

Networking Services

• Unassociated Public IPs

  Identifies static public IPs with no associated configuration. Idle IPs are tagged and can be released.

• Azure Application Gateways

  Detects gateways with throughput < 1000 bytes/sec, total requests < 10/day, and current connections = 0. Idle gateways are tagged for optimization or removal.

Container & Messaging Services

• Container Registries (ACR)

  Detects ACRs with zero pushes and pulls over the lookback window. Idle registries are tagged.

• Service Bus Namespaces

  Flags namespaces with zero incoming and outgoing messages over the lookback window. Idle namespaces are tagged.

• Event Hub Namespaces

  Detects namespaces with zero incoming bytes over the lookback window. Idle namespaces are tagged.

Search Services

• Search Services

  Flags Azure Search services with zero queries per second over the lookback window. Idle search services are tagged.