diff --git a/docs/_Sidebar.md b/docs/_Sidebar.md
index a58673b3..baa010a8 100644
--- a/docs/_Sidebar.md
+++ b/docs/_Sidebar.md
@@ -32,6 +32,7 @@
        - [MySQL backups](/roles/database_backup/database_backup-mysql)
      - [Deploy](/roles/deploy_code)
      - [Deploy container](/roles/deploy_container)
+     - [Exit](/roles/_exit)
      - [Init](/roles/_init)
      - [LHCI run](/roles/lhci_run)
      - [Maintenance Mode](/roles/maintenance_mode)
diff --git a/docs/roles/_exit.md b/docs/roles/_exit.md
new file mode 100644
index 00000000..6aa676a6
--- /dev/null
+++ b/docs/roles/_exit.md
@@ -0,0 +1,2 @@
+# Exit
+Mandatory role that must run after any other `ce-deploy` roles when executing a playbook.
diff --git a/docs/roles/_init.md b/docs/roles/_init.md
index 98179138..f31e8064 100644
--- a/docs/roles/_init.md
+++ b/docs/roles/_init.md
@@ -1,5 +1,15 @@
 # Init
-These variables **must** be set in the `deploy/common.yml` file, at least.
+Mandatory role that must run before any other `ce-edploy` roles when executing a playbook.
+
+These variables **must** be set in a common variables file if you do not wish to use defaults.
+
+In order to manipulate an AWS Autoscaling Group (ASG) your `deploy` user must have an AWS CLI profile for a user with the following IAM permissions:
+* `autoscaling:ResumeProcesses`
+* `autoscaling:SuspendProcesses`
+* `autoscaling:DescribeScalingProcessTypes`
+* `autoscaling:DescribeAutoScalingGroups`
+
+Set the `aws_asg.name` to the machine name of your ASG in order to automatically suspend and resume autoscaling on build.
 
 <!--TOC-->
 <!--ENDTOC-->
@@ -8,16 +18,24 @@ These variables **must** be set in the `deploy/common.yml` file, at least.
 ## Default variables
 ```yaml
 ---
-# Common defaults. Given the "_init" role is mandatory,
-# this will ensure defaults to other roles too.
-# If you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable
-deploy_user: "deploy"
-# for MySQL CE you might want to add '--set-gtid-purged=OFF --skip-definer' here
+# Common defaults - the "_init" role is mandatory so this will ensure defaults to other roles too.
+deploy_user: deploy # if you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable
+# For MySQL CE you might want to add '--set-gtid-purged=OFF --skip-definer' here:
 _mysqldump_params: "--max-allowed-packet=128M --single-transaction --skip-opt -e --quick --skip-disable-keys --skip-add-locks -C -a --add-drop-table"
+# @TODO only used by Drupal 7, can be removed with Drupal 7 deployments
+bin_directory: "/home/{{ deploy_user }}/.bin"
+# Number of dumps/db to look up for cleanup.
+cleanup_history_depth: 50
+install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app
+# AWS ASG variables to allow for the suspension of autoscaling during a code deployment.
+aws_asg:
+  name: "" # if the deploy is on an ASG put the name here
+  region: "eu-west-1"
+  suspend_processes: "Launch Terminate" # space separated string, see https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html
+# Application specific variables.
 drupal:
   drush_verbose_output: false
-  # when set to true - truncate database table cache_container, a workaround to resolve the 'Cannot redeclare ...' error.
-  truncate_cache_table: false
+  truncate_cache_table: false # when set to true - truncate database table cache_container, a workaround to resolve the 'Cannot redeclare ...' error
   sites:
     - folder: "default"
       public_files: "sites/default/files"
@@ -37,7 +55,7 @@ drupal:
         - minute: "*/{{ 10 | random(start=1) }}"
           job: cron
       feature_branch: false # whether or not this build is a feature branch that should sync assets from another environment
-      # For syncing database and files on a feature branch initial build - include all variables if used
+      # For syncing database and files on a feature branch initial build - include all variables if used:
       mysql_sync: {} # see sync/database_sync for docs
       #  mysqldump_params: "{{ _mysqldump_params }}"
       #  cleanup: true
@@ -50,11 +68,6 @@ drupal:
 mautic:
   image_path: "media/images"
   force_install: false
-# Used for custom build time tools like cachetool
-bin_directory: "/home/{{ deploy_user }}/.bin"
-# Number of dumps/db to look up for cleanup.
-cleanup_history_depth: 50
-install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app
 
 ```
 
diff --git a/docs/roles/sync/database_sync.md b/docs/roles/sync/database_sync.md
index 850b88ba..d4e8899a 100644
--- a/docs/roles/sync/database_sync.md
+++ b/docs/roles/sync/database_sync.md
@@ -1,5 +1,6 @@
 # Database sync
 Roles that sync databases between environments.
+
 <!--ROLEVARS-->
 ## Default variables
 ```yaml
diff --git a/docs/roles/sync/database_sync/database_sync-mysql.md b/docs/roles/sync/database_sync/database_sync-mysql.md
index c0c2954b..ab07346d 100644
--- a/docs/roles/sync/database_sync/database_sync-mysql.md
+++ b/docs/roles/sync/database_sync/database_sync-mysql.md
@@ -1,5 +1,12 @@
 # Database sync - MySQL
 Sync MySQL databases between environments.
+
+In order to manipulate an AWS Autoscaling Group (ASG) your `deploy` user must have an AWS CLI profile for a user with the following IAM permissions:
+* `autoscaling:ResumeProcesses`
+* `autoscaling:SuspendProcesses`
+* `autoscaling:DescribeScalingProcessTypes`
+* `autoscaling:DescribeAutoScalingGroups`
+
 <!--ROLEVARS-->
 ## Default variables
 ```yaml
diff --git a/roles/_exit/README.md b/roles/_exit/README.md
new file mode 100644
index 00000000..6aa676a6
--- /dev/null
+++ b/roles/_exit/README.md
@@ -0,0 +1,2 @@
+# Exit
+Mandatory role that must run after any other `ce-deploy` roles when executing a playbook.
diff --git a/roles/_exit/tasks/main.yml b/roles/_exit/tasks/main.yml
index 1a62b9af..0ba2da27 100644
--- a/roles/_exit/tasks/main.yml
+++ b/roles/_exit/tasks/main.yml
@@ -1,3 +1,9 @@
 ---
-
-# We do nothing there, just a placeholder for now.
\ No newline at end of file
+# If we are operating on an AWS ASG then resume autoscaling.
+- name: Enable all autoscale processes on ASG.
+  ansible.builtin.command: >
+    aws autoscaling resume-processes --auto-scaling-group-name {{ aws_asg.name }} --region {{ aws_asg.region }}
+  delegate_to: localhost
+  when:
+    - aws_asg.name is defined
+    - aws_asg.name | length > 0
diff --git a/roles/_init/README.md b/roles/_init/README.md
index 98179138..f31e8064 100644
--- a/roles/_init/README.md
+++ b/roles/_init/README.md
@@ -1,5 +1,15 @@
 # Init
-These variables **must** be set in the `deploy/common.yml` file, at least.
+Mandatory role that must run before any other `ce-edploy` roles when executing a playbook.
+
+These variables **must** be set in a common variables file if you do not wish to use defaults.
+
+In order to manipulate an AWS Autoscaling Group (ASG) your `deploy` user must have an AWS CLI profile for a user with the following IAM permissions:
+* `autoscaling:ResumeProcesses`
+* `autoscaling:SuspendProcesses`
+* `autoscaling:DescribeScalingProcessTypes`
+* `autoscaling:DescribeAutoScalingGroups`
+
+Set the `aws_asg.name` to the machine name of your ASG in order to automatically suspend and resume autoscaling on build.
 
 <!--TOC-->
 <!--ENDTOC-->
@@ -8,16 +18,24 @@ These variables **must** be set in the `deploy/common.yml` file, at least.
 ## Default variables
 ```yaml
 ---
-# Common defaults. Given the "_init" role is mandatory,
-# this will ensure defaults to other roles too.
-# If you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable
-deploy_user: "deploy"
-# for MySQL CE you might want to add '--set-gtid-purged=OFF --skip-definer' here
+# Common defaults - the "_init" role is mandatory so this will ensure defaults to other roles too.
+deploy_user: deploy # if you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable
+# For MySQL CE you might want to add '--set-gtid-purged=OFF --skip-definer' here:
 _mysqldump_params: "--max-allowed-packet=128M --single-transaction --skip-opt -e --quick --skip-disable-keys --skip-add-locks -C -a --add-drop-table"
+# @TODO only used by Drupal 7, can be removed with Drupal 7 deployments
+bin_directory: "/home/{{ deploy_user }}/.bin"
+# Number of dumps/db to look up for cleanup.
+cleanup_history_depth: 50
+install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app
+# AWS ASG variables to allow for the suspension of autoscaling during a code deployment.
+aws_asg:
+  name: "" # if the deploy is on an ASG put the name here
+  region: "eu-west-1"
+  suspend_processes: "Launch Terminate" # space separated string, see https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html
+# Application specific variables.
 drupal:
   drush_verbose_output: false
-  # when set to true - truncate database table cache_container, a workaround to resolve the 'Cannot redeclare ...' error.
-  truncate_cache_table: false
+  truncate_cache_table: false # when set to true - truncate database table cache_container, a workaround to resolve the 'Cannot redeclare ...' error
   sites:
     - folder: "default"
       public_files: "sites/default/files"
@@ -37,7 +55,7 @@ drupal:
         - minute: "*/{{ 10 | random(start=1) }}"
           job: cron
       feature_branch: false # whether or not this build is a feature branch that should sync assets from another environment
-      # For syncing database and files on a feature branch initial build - include all variables if used
+      # For syncing database and files on a feature branch initial build - include all variables if used:
       mysql_sync: {} # see sync/database_sync for docs
       #  mysqldump_params: "{{ _mysqldump_params }}"
       #  cleanup: true
@@ -50,11 +68,6 @@ drupal:
 mautic:
   image_path: "media/images"
   force_install: false
-# Used for custom build time tools like cachetool
-bin_directory: "/home/{{ deploy_user }}/.bin"
-# Number of dumps/db to look up for cleanup.
-cleanup_history_depth: 50
-install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app
 
 ```
 
diff --git a/roles/_init/defaults/main.yml b/roles/_init/defaults/main.yml
index 2e4eb0a8..7f06f695 100644
--- a/roles/_init/defaults/main.yml
+++ b/roles/_init/defaults/main.yml
@@ -1,14 +1,22 @@
 ---
-# Common defaults. Given the "_init" role is mandatory,
-# this will ensure defaults to other roles too.
-# If you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable
-deploy_user: "deploy"
-# for MySQL CE you might want to add '--set-gtid-purged=OFF --skip-definer' here
+# Common defaults - the "_init" role is mandatory so this will ensure defaults to other roles too.
+deploy_user: deploy # if you are using ce-provision to deploy infrastructure this must match the `user_deploy.username` variable
+# For MySQL CE you might want to add '--set-gtid-purged=OFF --skip-definer' here:
 _mysqldump_params: "--max-allowed-packet=128M --single-transaction --skip-opt -e --quick --skip-disable-keys --skip-add-locks -C -a --add-drop-table"
+# @TODO only used by Drupal 7, can be removed with Drupal 7 deployments
+bin_directory: "/home/{{ deploy_user }}/.bin"
+# Number of dumps/db to look up for cleanup.
+cleanup_history_depth: 50
+install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app
+# AWS ASG variables to allow for the suspension of autoscaling during a code deployment.
+aws_asg:
+  name: "" # if the deploy is on an ASG put the name here
+  region: "eu-west-1"
+  suspend_processes: "Launch Terminate" # space separated string, see https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html
+# Application specific variables.
 drupal:
   drush_verbose_output: false
-  # when set to true - truncate database table cache_container, a workaround to resolve the 'Cannot redeclare ...' error.
-  truncate_cache_table: false
+  truncate_cache_table: false # when set to true - truncate database table cache_container, a workaround to resolve the 'Cannot redeclare ...' error
   sites:
     - folder: "default"
       public_files: "sites/default/files"
@@ -28,7 +36,7 @@ drupal:
         - minute: "*/{{ 10 | random(start=1) }}"
           job: cron
       feature_branch: false # whether or not this build is a feature branch that should sync assets from another environment
-      # For syncing database and files on a feature branch initial build - include all variables if used
+      # For syncing database and files on a feature branch initial build - include all variables if used:
       mysql_sync: {} # see sync/database_sync for docs
       #  mysqldump_params: "{{ _mysqldump_params }}"
       #  cleanup: true
@@ -41,8 +49,3 @@ drupal:
 mautic:
   image_path: "media/images"
   force_install: false
-# Used for custom build time tools like cachetool
-bin_directory: "/home/{{ deploy_user }}/.bin"
-# Number of dumps/db to look up for cleanup.
-cleanup_history_depth: 50
-install_php_cachetool: true # set to false if you don't need cachetool, e.g. for a nodejs app
diff --git a/roles/_init/tasks/main.yml b/roles/_init/tasks/main.yml
index 75523e18..680ba19f 100644
--- a/roles/_init/tasks/main.yml
+++ b/roles/_init/tasks/main.yml
@@ -122,3 +122,13 @@
   ansible.builtin.include_tasks: "{{ project_type }}.yml"
   when:
     - _project_type_task_result.stat.exists
+
+# If we are operating on an AWS ASG then pause autoscaling.
+# @TODO - the autoscaling_group module can do this - https://docs.ansible.com/ansible/latest/collections/amazon/aws/autoscaling_group_module.html
+- name: Disable autoscale processes on ASG.
+  ansible.builtin.command: >
+    aws autoscaling suspend-processes --auto-scaling-group-name {{ aws_asg.name }} --scaling-processes {{ aws_asg.suspend_processes }} --region {{ aws_asg.region }}
+  delegate_to: localhost
+  when:
+    - aws_asg.name is defined
+    - aws_asg.name | length > 0
diff --git a/roles/sync/database_sync/README.md b/roles/sync/database_sync/README.md
index 850b88ba..d4e8899a 100644
--- a/roles/sync/database_sync/README.md
+++ b/roles/sync/database_sync/README.md
@@ -1,5 +1,6 @@
 # Database sync
 Roles that sync databases between environments.
+
 <!--ROLEVARS-->
 ## Default variables
 ```yaml
diff --git a/roles/sync/database_sync/database_sync-mysql/README.md b/roles/sync/database_sync/database_sync-mysql/README.md
index c0c2954b..ab07346d 100644
--- a/roles/sync/database_sync/database_sync-mysql/README.md
+++ b/roles/sync/database_sync/database_sync-mysql/README.md
@@ -1,5 +1,12 @@
 # Database sync - MySQL
 Sync MySQL databases between environments.
+
+In order to manipulate an AWS Autoscaling Group (ASG) your `deploy` user must have an AWS CLI profile for a user with the following IAM permissions:
+* `autoscaling:ResumeProcesses`
+* `autoscaling:SuspendProcesses`
+* `autoscaling:DescribeScalingProcessTypes`
+* `autoscaling:DescribeAutoScalingGroups`
+
 <!--ROLEVARS-->
 ## Default variables
 ```yaml
diff --git a/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml b/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml
index 3f94e47d..41266982 100644
--- a/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml
+++ b/roles/sync/database_sync/database_sync-mysql/tasks/sync.yml
@@ -17,6 +17,7 @@
     - database.target.asg is defined
     - database.target.asg | length > 0
 
+# @TODO - the autoscaling_group module can do this - https://docs.ansible.com/ansible/latest/collections/amazon/aws/autoscaling_group_module.html
 - name: Disable ReplaceUnhealthy autoscale process on source ASG.
   ansible.builtin.command: >
     aws autoscaling suspend-processes --auto-scaling-group-name {{ database.source.asg }} --scaling-processes ReplaceUnhealthy --region {{ mysql_sync_source_database_host_info.ansible_facts.ansible_ec2_instance_identity_document_region }}