A Guide to Schedule Stop and Start EC2 Instances
Of course you can—and you absolutely should—schedule your EC2 instances to stop and start automatically. If your development, staging, or testing environments are running 24/7, you're almost certainly overspending on idle resources. Setting up a schedule is one of the fastest and most effective ways to slash your AWS bill without getting in the way of your team's work.
Tired of watching your AWS bill climb every month? Server Scheduler makes it easy to set up schedules without needing to write any code.
Contents
Ready to Slash Your AWS Costs?
Stop paying for idle resources. Server Scheduler automatically turns off your non-production servers when you're not using them.
Why You Should Schedule Your EC2 Instances
Leaving non-production environments powered on all the time is like leaving the lights on in an empty office building—it's just a waste of money. The biggest reason to schedule EC2 start and stop times is the immediate, significant cost savings. By simply shutting down resources during nights, weekends, and holidays, you stop paying for compute hours that aren't providing any value. This isn't just a minor optimization; it's a core FinOps practice. Teams that move their non-production instances to a scheduled on/off window often see 30–70% reductions in EC2 compute costs for those specific environments. Just turning instances off outside of business hours can cut out roughly 60% of their total runtime, leading to a direct and proportional drop in your bill.
Beyond the obvious savings, scheduling brings a much-needed layer of discipline to your operations. It standardizes when environments are available, cuts down on manual work for your DevOps team, and even shrinks your infrastructure's attack surface by minimizing uptime. It's a key part of most strategies to reduce operational costs, a top priority for any business running in the cloud. For a deeper look at the specifics, you can check out our complete guide on the EC2 instance scheduler and see how it fits into a larger cost management strategy.
Understanding the EC2 Instance Lifecycle Before You Automate
Before you start scheduling EC2 instances to turn off and on, it's crucial to understand what's actually happening behind the scenes. This is more than just flipping a power switch. Mistaking "stop" for a simple "pause" is a classic mistake that can lead to lost data, broken connections, and hours of frustrating troubleshooting. Getting the instance lifecycle right is the foundation of any reliable automation.
The first thing to get straight is the difference between EBS volumes and instance store volumes. Data on your root EBS volume, or any other EBS volumes you've attached, will absolutely be there when you start the instance again. That's what it's designed for—it's persistent storage. Instance store volumes, on the other hand, are ephemeral. Any data you write to an instance store is completely wiped out the moment the instance stops. They're fantastic for temporary caches or scratch disks, but a terrible choice for anything you need to keep.
When you stop an EC2 instance, you also say goodbye to its automatically assigned public IPv4 address. When it restarts, AWS will grab a completely new public IP from its massive pool and assign it to your instance. If you have DNS records or firewall rules pointing to the old address, they will break. The only way to keep a static public IPv4 address through stop/start cycles is by attaching an Elastic IP address. On the financial side, stopping an instance immediately halts the charges for compute hours, but you will continue to pay for any attached EBS volumes and Elastic IPs. For a deeper dive into all the states an instance can go through, check out the official AWS documentation.
Another common pitfall is trying to schedule a stop for an individual instance that's part of an Auto Scaling Group (ASG). An ASG’s entire reason for existing is to maintain a specific number of healthy instances. If you manually stop one, the ASG will see it as unhealthy, terminate it, and launch a brand new one to take its place. The correct way to handle this is to schedule changes to the ASG's desired capacity, not the instances themselves. If you're interested in other instance states, our guide on how to reboot an EC2 instance offers some related insights.
Building Your Automation with EventBridge and Lambda
Alright, let's get our hands dirty and build the automation for scheduling EC2 start and stop actions. We'll be using a powerful, serverless combination: AWS EventBridge and Lambda functions. This duo is my go-to for creating a reliable scheduling system without having to manage a single server. It's flexible, scales on its own, and is surprisingly cost-effective.
First things first: permissions. Before we even think about writing code, we need to give our Lambda functions the authority to act on our behalf. Security in AWS is non-negotiable, so we'll create a dedicated IAM role with a very specific, locked-down policy. This is called the principle of least privilege, and it ensures our function can only do exactly what it needs to—describe, start, and stop EC2 instances—and absolutely nothing else. The role needs to trust the Lambda service itself, and the policy we attach will grant the specific ec2:StartInstances, ec2:StopInstances, and ec2:DescribeInstances permissions.
With our IAM role ready, we can now create two separate Lambda functions using Python and the Boto3 SDK: one for stopping instances and one for starting them. Splitting them up keeps the code cleaner and makes the scheduling logic in EventBridge much simpler to manage. The logic for each function is pretty similar. It will scan for EC2 instances in a specific region that have a particular tag, like Auto-Schedule: On. When the "stop" function runs, it finds instances with this tag that are currently running and shuts them down. The "start" function does the opposite. Using tags is far more scalable than hardcoding a list of instance IDs, which quickly becomes a nightmare to maintain.
EventBridge is the glue that holds this whole setup together. Think of it as our cloud-native cron scheduler, kicking off the Lambda functions at precisely the right times. We'll create two separate rules: one for the stop schedule and one for the start schedule. For example, you could set up a rule to trigger your stop-ec2-instances Lambda every weekday at 7:00 PM UTC. These rules are defined using cron expressions. An expression like cron(0 19 ? * MON-FRI *) might look a bit cryptic, but it simply means "at 19:00 (7 PM), on every Monday through Friday." This gives you incredibly fine-grained control over your schedule. This whole approach is not just effective; it's also incredibly cheap. The cost for the Lambda invocations and EventBridge rules is usually a tiny fraction of the savings you get from shutting down idle instances.
Implementing Smart Tagging and Scheduling Logic
Once you've got the basic automation framework in place, the real magic happens when you start refining the logic. A truly smart system to schedule stop and start ec2 instances does more than just flick a switch on and off—it adapts to the actual rhythm of your business. This means getting comfortable with the quirks of cron expressions and building a tagging strategy that can grow with you, not against you. Getting a handle on resource scheduling is one of the most effective FinOps best practices you can adopt to keep cloud spending from getting out of control.
Cron expressions are the engine behind EventBridge scheduling, giving you pinpoint control over when your Lambda functions fire. A simple daily on/off schedule is a good start, but the real world is messy. For example, a typical development environment only needs to be running during business hours. The cron expression cron(0 9 ? * MON-FRI *) will kick instances on at 9 AM UTC, Monday through Friday, while cron(0 17 ? * MON-FRI *) will shut them down at 5 PM UTC. You can also create more specific schedules, such as triggering a job on the last day of every month or only on specific weekdays.
A scalable tagging strategy is non-negotiable. Hardcoding instance IDs into your Lambda functions is a terrible idea, as it creates fragile automation. The only way to build something that lasts is with a dynamic, tag-based system. A well-defined tagging policy is the foundation of scalable cloud automation. Tags like schedule:office-hours-pst or env:dev-team-alpha make your logic self-documenting and easy to manage, even as your infrastructure grows to hundreds of instances. With this approach, a new developer can spin up an instance, apply the right tag, and it is immediately enrolled in the correct schedule without any code changes.
One of the biggest "gotchas" when you schedule stop and start ec2 instances with EventBridge is the time zone. All EventBridge cron expressions operate in UTC. This is a non-negotiable detail that trips up even experienced teams. If your team is in Pacific Standard Time (PST, which is UTC-8), a 9 AM start time needs to be written as 5 PM (17:00) UTC in the cron expression. To sidestep this confusion, a great practice is to bake the time zone right into your schedule tags.
| Tagging Strategy | Pros | Cons | Best For |
|---|---|---|---|
schedule:office-hours-pst |
Clear, self-documenting, avoids ambiguity. | Requires more schedule definitions for different zones. | Distributed teams across multiple time zones. |
schedule:office-hours |
Simple and standardized. | Can be confusing if teams are in different time zones. | Teams operating primarily within a single time zone. |
instance-id-hardcoded |
Works for a single, static instance. | Completely unscalable, brittle, high maintenance. | Temporary tests or proof-of-concepts only. |
By standardizing your tag names to include time zone information, you make the whole system easier for everyone to understand and prevent costly scheduling mistakes.
How to Test and Validate Your Automation
Deploying automation without testing it is like launching a rocket without a pre-flight check—it's just asking for trouble. Before you hand over the keys to your new scheduler, you need to be absolutely sure it works exactly as planned. A good testing process doesn't just build confidence; it prevents your brilliant cost-saving script from accidentally causing an outage.
Are you looking for a no-code solution to schedule your servers? Server Scheduler provides a simple, visual interface to automate EC2 instances without writing a single line of code.
First rule of automation: never test on production. The right way to start is by isolating your test to a single, non-critical EC2 instance. Tag this instance with the schedule you want to validate, then head into the AWS console and trigger your Lambda function manually. This direct invocation gives you immediate feedback without having to wait for the EventBridge cron schedule to kick in. This simple check confirms your core logic and IAM permissions are on the right track. For more on this, check out our guide on test environment management best practices.
When things don't go according to plan, your first stop should always be Amazon CloudWatch Logs. Your Lambda function automatically streams all its output, including any print statements or errors, into a dedicated log group. This is where you’ll find the breadcrumbs that lead you to the root of the problem. You can spot common problems here pretty quickly, like IAM permission errors or tagging mismatches. Finally, a well-built scheduler is a resilient one that anticipates failure. A simple try...except block in Python can gracefully catch exceptions, such as trying to stop an instance that is already stopped. This ensures your function completes successfully and keeps your logs clean. As for a rollback plan, simply disable the EventBridge rules. This acts as an emergency brake, instantly halting all automation.
Frequently Asked Questions About EC2 Scheduling
Once you start automating your EC2 stop and start schedules, a few practical questions always pop up. Thinking through these "what-if" scenarios ahead of time is the key to building a system your team will actually appreciate. The stop command sent by your script is a forced shutdown and doesn't care about active user sessions. A common workaround is to use an override tag, like schedule-override:true, and tweak your Lambda function to check for this tag and skip the stop command if it's present.
You really shouldn't try to schedule individual instances inside an Auto Scaling Group (ASG). If your script stops one, the ASG sees it as unhealthy, terminates it, and spins up a brand-new replacement. The right way to do this is to schedule the ASG itself by changing its desired, minimum, and maximum capacity settings to zero. Finally, while you do stop paying for compute hours the moment an instance is stopped, some costs stick around. It's really important to remember that you're still on the hook for any attached Amazon EBS volumes and Elastic IP addresses.