RightScale provides a wide variety of policies that you can apply on Day 1 without much investment. All our policies are open source and can be found in our public git repo.

Interested in policies not listed here? Contact your Account Manager or our sales team.

Cost Policies

Increase cost visibility and management in your multi-cloud world and take appropriate actions to run an efficient infrastructure.

Policy Template Severity Description Input Parameters Actions Additional Roles Required

Downsize Instances

Medium Downsize instances for better utilization Configure metrics (CPU, Memory), tags to check, Email recipients Email, Downsize observer

Reserved Instance Utilization

High Notify users about underutilized RIs Utilization threshold %, Email recipients Email ca_user

Reserved Instance Expiration

Medium Notify users about expiring RIs Expiration window to check, Email recipients Email ca_user

Old Snapshots

Medium Find and delete old snapshots to save cost Duration to keep snapshots, Tag, Email recipients Email, Delete observer

Unattached Volumes

High Find and delete unattached volumes to reduce waste Number of days volume has been unattached, Email recipients Email, Delete volume actor

Reserved Instance Coverage

Low Identify instance coverage by RIs Email recipients Email credential_viewer

Schedule instances

Medium Apply start/stop schedule on instances for better efficiency Email recipients Email, stop/start instances on instance defined schedule actor

Security Policies

Gain visibility and control across all your public and/or private cloud environments with our security policies. Improve security across your applications, data, and associated infrastructure by finding security vulnerabilities before your customers do.

Policy Template Severity Description Input Parameters Actions Additional Roles Required

AWS Open bucket

High Find and secure AWS public storage bucket Slack Channel Name, Slack webhook credential, Email recipients Email, Slack Notification credential_viewer

Google Open bucket

High Checks for publicly accessible Google Cloud Storage buckets Email recipients, Google Cloud Project Email credential_viewer

Security Groups without description

High Notify users if any security group rules do not have descriptions Email recipients Email observer

ICMP enabled Security Groups

High Notify users if any security group have ICMP types 0,3,8 enabled Email recipients Email observer

Security Group High Open Ports

High Notify if a security group has an open port higher than beginning port field Beginning port, Email recipients Email observer

Operational Policies

Save valuable human time and investment by automating everyday IT operations. Running an automated and efficient cloud infrastructure frees up expensive resources on high ROI projects like scaling, growth, and deliver value faster than anyone else.

Policy Template Severity Description Input Parameters Actions Additional Roles Required

AWS Connection Key Rotation

Medium Automatically update the AWS IAM keys used to connect the RightScale account to the applicable AWS account Rotation Period, Email recipients Update AWS IAM key credential_viewer, actor

No Recent Snapshots

Low Ensure that you have snapshots on all of your important volumes Snapshot period, Include root device?, Exclude Tags, Email recipients Email, Snapshot actor

AWS RDS Backup Settings

Medium Ensure that your AWS RDS DB Instances have approve backup rentention periods and preferred backup windows Backup Retention Period, Backup Window, Email recipients Email credential_viewer

Compliance Policies

Enterprises typically have multiple compliance requirements but struggle to automate them which leads to downtime as well as resource waste. By having a strong compliance strategy but also ability to quickly automate it provides peace of mind and avoids business interruption.

Policy Template Severity Description Input Parameters Actions Additional Roles Required

Untagged Resources

Medium Ensure appropriate tagging Email recipients, Tag keys that must exist, Valid tag values for each key, Default values for each key (if any) Email , Add/update tag observer


Unattached Volumes


Reserved Instance Utilization


Reserved Instance Expiration


Reserved Instance Coverage


AWS Open Bucket