sourav chakraborty for AWS Community Builders

Posted on Mar 22

# 🧹 Build an AWS Orphan Resource Cleaner with Go (Step-by-Step + Visual Guide)

💸 Stop wasting money on unused AWS resources — automate cleanup with Go

🚀 Introduction

Cloud environments grow fast… and so do unused resources.

Unattached EBS volumes, unused Elastic IPs — they sit quietly and increase your AWS bill every month.

In this tutorial, you’ll build a real-world Orphan Resource Cleaner using Go and the AWS SDK for Go v2.

🧠 What Are Orphan Resources?

Orphan resources are:

AWS resources that are no longer in use but still cost money

Examples:

🪫 Unattached EBS volumes
🌐 Unassociated Elastic IPs

🖼️ Architecture Overview

Flow:

EventBridge (Scheduler)
        ↓
Go Program (Scanner)
        ↓
AWS APIs (EC2)
        ↓
Detect Orphan Resources
        ↓
Alert / Delete

⚡ Why Use Go for This?

🟢 Single Binary Deployment

No runtime dependency → perfect for automation & Lambda

⚡ High Performance

Fast execution for large AWS environments

🧵 Built-in Concurrency

Scan multiple regions in parallel using goroutines

🔐 Safer Automation

Strong typing → reduces accidental deletion risks

🟢 Go Basics (Quick Primer)

If you're new to Go, here’s what you need:

Hello World

package main

import "fmt"

func main() {
    fmt.Println("Hello, Go!")
}

Variables

name := "AWS Cleaner"
count := 5

Error Handling

if err != nil {
    fmt.Println("Error:", err)
}

🛠️ Step-by-Step Setup

1️⃣ Install Go

Check:

go version

If not installed:
👉 https://go.dev/dl/

2️⃣ Create Project

mkdir orphan-cleaner
cd orphan-cleaner

3️⃣ Initialize Module

go mod init orphan-cleaner

4️⃣ Add Code

Create file:

nano main.go

Paste the Orphan Cleaner code.

5️⃣ Install Dependencies

go mod tidy

6️⃣ Configure AWS Credentials

aws configure

export AWS_ACCESS_KEY_ID=xxx
export AWS_SECRET_ACCESS_KEY=xxx
export AWS_REGION=ap-south-1

7️⃣ Run the Program

go run main.go

🖼️ Example Output

🔍 Discovering regions...

🌍 Scanning region: ap-south-1
🌐 [ap-south-1] Orphan Elastic IP: 13.xxx.xxx.xxx

🌍 Scanning region: us-east-1
🌐 [us-east-1] Orphan Elastic IP: 100.23.233.31

📊 Summary Report
-------------------------
🪫 Total Orphan EBS Volumes: 2
🌐 Total Orphan Elastic IPs: 3

⚠️ Safety First

🔒 Always Start with Dry Run

const autoDelete = false

🏷️ Use Tags to Protect Resources

Keep=true
Critical=yes

⏳ Add Grace Period

Only delete resources older than 7 days.

🔔 Add Alerts (Optional)

Use Amazon SNS to:

Send email alerts
Notify before deletion
Integrate with Slack

🔥 Real-World Impact

This simple tool can:

Save real money 💰
Improve AWS hygiene
Reduce attack surface

🤔 Why Not Python?

Feature	Go	Python
Deployment	Single binary	Runtime needed
Performance	Fast	Slower
Concurrency	Native	Limited
Lambda cold start	Low	Higher

🎯 Conclusion

You’ve built a production-relevant AWS automation tool using Go.

This isn’t just a demo — it’s something:

DevOps teams use daily
FinOps teams rely on
Companies build internally

🚀 Next Steps

Want to take it further?

🔔 Add SNS alerts
⚡ Add parallel scanning
🌍 Multi-account support
☁️ Deploy as Lambda

💡 Final Thought

“Unused cloud resources are silent money leaks — automation is the only scalable fix.”

DEV Community