AWS EC2 and S3 Bucket clean tool

最新推荐文章于 2023-09-12 11:09:38 发布
最新推荐文章于 2023-09-12 11:09:38 发布
阅读量264 收藏
点赞数
分类专栏: AWS 文章标签: AWS
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/funnyrand/article/details/102700393
版权

This paper describe a tool which can be used to clean AWS EC2 instance/EBS and S3 bucket which are not int white list, the purpose is to save money.

Requirement

Install AWS CLI, https://aws.amazon.com/cli/, and then configure credential.

aws configure

Clean Up EC2 and EBS

#!/usr/bin/env ruby

require "open3"
require "json"
require "logger"

# This tool is used to cleanup AWS unknown resources.
class AWSTools
  WHITELIST_FILE = "./ec2-whitelist.data"
  LOG_FOLDER_NAME = "logs"
  LOG_FILE = "./" + LOG_FOLDER_NAME + "/main.log"
  REGIONS = {"us-east-1"=>"N.Virginia",
    "us-east-2"=>"Ohio",
    "us-west-1"=>"N.California",
    "us-west-2"=>"Oregon",
    "ap-south-1"=>"Mumbai",
    "ap-northeast-2"=>"Seoul",
    "ap-southeast-1"=>"Singapore",
    "ap-northeast-1"=>"Tokyo",
    "ap-southeast-2"=>"Sydney",
    "ca-central-1"=>"Central",
    "eu-central-1"=>"Frankfurt",
    "eu-west-1"=>"Ireland",
    "eu-west-2"=>"London",
    "eu-west-3"=>"Paris",
    "sa-east-1"=>"SaoPaulo"
  }

  def initialize
    Dir.mkdir LOG_FOLDER_NAME unless File.exists? LOG_FOLDER_NAME
    @logger = Logger.new(LOG_FILE)
    @whitelist = get_whitelist
  end

  def start
    @logger.info("Start to cleanup unknown resources.")
    begin
      REGIONS.each_key do |region|
        set_region(region)
        cleanup_instances
        cleanup_volumes
      end
    rescue => ex
      @logger.error(ex.message)
    end
    @logger.info("End to cleanup unknown resources.\n\n")
  end

  def set_region(region)
    @logger.info("Changing region: #{region}, #{REGIONS[region]}")
    ret_code, std_out, std_err = run_command("aws configure set default.region #{region}")
    if ret_code == 0
      @logger.info("Succeed to change region.")
    else
      raise "Failed to change region."
    end
  end

  def cleanup_instances
    unknown_instances = find_unknown_instances
    delete_instances(unknown_instances)
  end

  def find_unknown_instances
    unknown_instances = Array.new
    ret_code, std_out, std_err = run_command("aws ec2 describe-instances")
    if ret_code == 0
      std_out_json = JSON.parse(std_out)
      std_out_json["Reservations"].each do |reservation|
        reservation["Instances"].each do |instance|
          result = is_valid_instance(instance)
          unknown_instances.push(instance) unless result
        end
      end
      return unknown_instances
    else
      raise "Failed to get all unknown instances."
    end
  end

  def is_valid_instance(instance)
    name = find_instance_name(instance)
    return false if name.nil?
    @whitelist.each_key do |key|
      return true if name.index(key) == 0
    end
    return false
  end

  def delete_instances(instances)
    @logger.info("No unknown instances to be deleted.") if instances.size == 0
    instances.each do |instance|
      instanceId = instance['InstanceId']
      instanceName = find_instance_name(instance)
      @logger.info("Deleting instance, id: #{instanceId}, name: #{instanceName}")
      status = find_instance_status(instance)
      if status == "terminated"
        @logger.info("Instance status is already terminated.")
        next
      end
      change_instance_termination_protection(instanceId)
      terminate_instance(instanceId)
    end
  end

  def change_instance_termination_protection(instanceId)
    ret_code, std_out, std_err = run_command("aws ec2 modify-instance-attribute --instance-id #{instanceId} --disable-api-termination \"{\\\"Value\\\": false}\"")
    if ret_code == 0
      @logger.info("Succeed to change termination protection, id: #{instanceId}")
    else
      @logger.error("Failed to change termination protection, id: #{instanceId}")
    end
  end

  def terminate_instance(instanceId)
    ret_code, std_out, std_err = run_command("aws ec2 terminate-instances --instance-ids #{instanceId}")
    if ret_code == 0
      @logger.info("Succeed to delete instance, id: #{instanceId}")
    else
      @logger.error("Failed to delete instance, id: #{instanceId}")
    end
  end

  def find_instance_name(instance)
    return nil if instance["Tags"].nil?
    instance["Tags"].each do |tag|
      next if tag["Key"] != "Name"
      return tag["Value"]
    end
    return nil
  end

  def find_instance_status(instance)
    return nil if instance["State"].nil?
    return instance["State"]["Name"]
  end

  def cleanup_volumes
    unknow_volumes = find_unknown_volumes
    delete_volumes(unknow_volumes)
  end

  def find_unknown_volumes
    ret_code, std_out, std_err = run_command('aws ec2 describe-volumes --filters "Name=status,Values=available"')
    if ret_code == 0
      std_out_json = JSON.parse(std_out)
      return std_out_json["Volumes"]
    else
      raise "Failed to get all unknown volumes."
    end
  end

  def delete_volumes(volumes)
    @logger.info("No unknown volumes to be deleted.") if volumes.size == 0
    volumes.each do |volume|
      volumeId = volume['VolumeId']
      volumeName = find_volume_name(volume)
      @logger.info("Deleting volume, id: #{volumeId}, name: #{volumeName}")
      ret_code, std_out, std_err = run_command("aws ec2 delete-volume --volume-id #{volumeId}")
      if ret_code == 0
        @logger.info("Succeed to delete volume, id: #{volumeId}")
      else
        @logger.error("Failed to delete volume, id: #{volumeId}")
      end
    end
  end

  def find_volume_name(volume)
    return nil if volume["Tags"].nil?
    volume["Tags"].each do |tag|
      next if tag["Key"] != "Name"
      return tag["Value"]
    end
    return nil
  end

  def get_whitelist
    result = Hash.new
    File.open(WHITELIST_FILE, "r") do |f|
      f.each_line do |line|
        line.chomp!
        data = line.split(":")
        result[data[0]] = data[1]
      end
    end
    return result
  end

  def run_command(cmd)
    std_in, std_out, std_err, t = Open3.popen3(cmd)
    std_out_str = ""
    std_error_str = ""
    std_out.each_line do |line|
      std_out_str = std_out_str + line
    end
    std_out.close
    std_err.each_line do |line|
      std_error_str = std_error_str + line
    end
    if !std_error_str.empty?
      @logger.warn(cmd)
      @logger.warn(std_error_str)
    end
    std_err.close
    return t.value.exitstatus, std_out_str, std_error_str
  end
end

AWSTools.new.start

ec2-whitelist.data

ec2-prefix:wxhyzh2005@163.com

Clean Up S3 Buckets

#!/usr/bin/env ruby

require "open3"
require "json"
require "logger"

# This tool is used to cleanup AWS unknown resources.
class AWSTools
  WHITELIST_FILE = "./bucket-whitelist.data"
  LOG_FOLDER_NAME = "logs"
  LOG_FILE = "./" + LOG_FOLDER_NAME + "/bucket.log"
  def initialize
    Dir.mkdir LOG_FOLDER_NAME unless File.exists? LOG_FOLDER_NAME
    @logger = Logger.new(LOG_FILE)
    @whitelist = get_whitelist
  end

  def start
    @logger.info("Start to cleanup buckets.")
    begin
      cleanup_buckets
    rescue => ex
      @logger.error(ex.message)
    end
    @logger.info("End to cleanup buckets.\n\n")
  end

  def cleanup_buckets
    unknown_buckets = find_unknown_buckets
    list_buckets(unknown_buckets)
    # delete_buckets(unknown_buckets)
  end

  def list_buckets(buckets)
    buckets.each do |bucket|
      name = bucket["Name"]
      puts "#{name}"
    end
  end

  def find_unknown_buckets
    unknown_buckets = Array.new
    ret_code, std_out, std_err = run_command("aws s3api list-buckets")
    if ret_code == 0
      std_out_json = JSON.parse(std_out)
      std_out_json["Buckets"].each do |bucket|
        result = is_valid_bucket(bucket)
        unknown_buckets.push(bucket) unless result
      end
      return unknown_buckets
    else
      raise "Failed to get all buckets."
    end
  end

  def is_valid_bucket(bucket)
    name = bucket["Name"]
    return false if name.nil?
    @whitelist.each_key do |key|
      return true if name == key
    end
    return false
  end

  def delete_buckets(buckets)
    @logger.info("No unknown buckets to be deleted.") if buckets.size == 0
    buckets.each do |bucket|
      name = bucket["Name"]
      creation_date = bucket["CreationDate"]
      ret_code, std_out, std_err = run_command("aws s3 rb s3://#{name} --force")
      if ret_code == 0
        @logger.info("Succeed to delete bucket, name: #{name}, creation date: #{creation_date}")
      else
        @logger.error("Failed to delete bucket, name: #{name}, creation date: #{creation_date}")
      end
    end
  end

  def get_whitelist
    result = Hash.new
    File.open(WHITELIST_FILE, "r") do |f|
      f.each_line do |line|
        line.chomp!
        data = line.split(":")
        result[data[0]] = data[1]
      end
    end
    return result
  end

  def run_command(cmd)
    std_in, std_out, std_err, t = Open3.popen3(cmd)
    std_out_str = ""
    std_error_str = ""
    std_out.each_line do |line|
      std_out_str = std_out_str + line
    end
    std_out.close
    std_err.each_line do |line|
      std_error_str = std_error_str + line
    end
    if !std_error_str.empty?
      @logger.warn(cmd)
      @logger.warn(std_error_str)
    end
    std_err.close
    return t.value.exitstatus, std_out_str, std_error_str
  end
end

AWSTools.new.start

bucket-whitelist.data

s3-bucket-name:wxhyzh2005@163.com

 

尘世中迷途小码农
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
cdk-s3bucket:完全用于删除桶的AWS CDK构造库
02-26
cdk-s3bucket-ng cdk-s3bucket-ng是一个AWS CDK构造函数库,它提供了Bucket构造的直接替换,并具有删除非空S3存储桶的功能。为什么有时我们只是做一些实验,创建一个S3存储桶。 要在实验室完成后销毁资源。 但是我们...
ec2details:提供AWS EC2实例类型数据的API
05-01
ec2details 该服务提供各种格式的有关AWS EC2实例类型的详细信息。 数据是从发布的EC2服务生成的,该服务是一个巨大的(> 535M)json文件AWS,只要ec2服务发生变化(新实例,降价,其他区域等),AWS就会随时更新。 ...
Apache Kafka 基于 S3 的数据导出、导入、备份、还原、迁移方案
最新发布
Laurence 的技术博客
09-12 1533
在系统升级或迁移时,用户常常需要将一个 Kafka 集群中的数据导出(备份),然后在新集群或另一个集群中再将数据导入(还原)。通常,Kafka集群间的数据复制和同步多采用 Kafka MirrorMaker,但是,在某些场景中,受环境限制,两个于 Kafka 集群之间的网络可能无法连通,亦或是需要将 Kafka 的数据沉淀为文件存储以备他用。此时,基于 Kafka Connect S3 Source / Sink Connector 的方案会是一种较为合适的选择,本文就将介绍一下这一方案的具体实现。
Jenkins AWS CodeDeploy不停机部署
cnsre运维博客
04-23 318
此项目的特点是把Jenkins与CodeDeploy相结合做的CICD做的蓝绿发布,CI与CD 是分开的,CI构建完以后以BuildNumber的形式把war包存至AWSS3桶中。同时在java项目上把java代码与配置文件分离,这样的话我们就可以war包+ 配置文件的形式把项目发布至测试、预生产、生产等环境。在CD发布的过程中CodeDeploy中用到的是 CodeDeployDefault.OneAtATime 如果有一台发布以后健康检查失败,则停止发布另外一台,并吧该台设备从ALB 中剔除。 jen
jenkins AWS CodeDeploy不停机部署
cnsre运维博客
05-19 430
此项目的特点是把Jenkins与CodeDeploy相结合做的CICD做的蓝绿发布,CI与CD 是分开的,CI构建完以后以BuildNumber的形式把war包存至AWSS3桶中。同时在java项目上把java代码与配置文件分离,这样的话我们就可以war包+ 配置文件的形式把项目发布至测试、预生产、生产等环境。在CD发布的过程中CodeDeploy中用到的是 CodeDeployDefault.OneAtATime 如果有一台发布以后健康检查失败,则停止发布另外一台,并吧该台设备从ALB 中剔除。 jen
aws root账户_所以您继承了一个AWS账户
weixin_26722031的博客
08-01 712
aws创建账户Many engineers have found themselves in the unenviable position of being handed the keys to an AWS environment with absolutely no explanation of its contents, documentation, or training. Whethe...
AWS EMR上运行Map Reduce的Java示例程序 及 操作小计
weixin_30919235的博客
10-16 246
下面的代码中AffairClient类中包含了三个内之类,分别对应于Hadoop Mapreduce程序运行所需的Mapper类,Reducer类,和主类。AffairClient类中其余方法用于配置和运行EMR程序。可以修改相关参数来对程序做适当调整。比如:修改map和reduce函数,添加combiner类,或者设置集群大小。这个样例是一个去重的mapreduce程序,具体见map函数和red...
Go 语言学习资源合集(推荐)
静静是我女朋友
02-22 4457
Awesome Go    A curated list of awesome Go frameworks, libraries and software. Inspired by awesome-python. Contributing Please take a quick gander at the contribution guidelines first. Thanks t
Awesome Go精选的Go框架,库和软件的精选清单.A curated list of awesome Go frameworks, libraries and software...
浩秦的博客
10-22 2104
Awesome Go financial support to Awesome Go A curated list of awesome Go frameworks, libraries and software. Inspired byawesome-python. Contributing Please take a quick gander at th...
radosrgw admin 命令
HzauTriste的博客
03-22 1004
commands: user create create a new user user modify modify user user info get user info user rename rename user user rm remove user user suspend susp
amazon 使用密码登录_我们通过使用Amazon SageMaker大规模提供机器学习模型学到了什么...
cumi6497的博客
08-01 291
amazon 使用密码登录by Daitan 通过大潭 我们通过使用Amazon SageMaker大规模提供机器学习模型学到了什么 (What We Learned by Serving Machine Learning Models at Scale Using Amazon SageMaker) By Bruno Schionato, Diego Domingos, Fernando M...
ec2-tags-env:将AWS EC2标记导入为环境变量
02-05
ec2-tags-env:将AWS EC2标记导入为环境变量
sshaws:只需使用一个命令即可连接到支持“ EC2实例连接”的AWS EC2服务器
05-07
只需使用一个命令,即可连接到具有“ EC2实例连接”功能的AWS EC2服务器。 如果您按照所述使用“ EC2实例连接”,您已经注意到,连接到实例可能会很麻烦,尤其是当您频繁连接到其他实例时。 sshaws命令允许您收集...
Java启动、暂停AWS EC2实例或修改实例类型的demo
06-17
代码主要是启动、暂停AWS EC2实例或修改实例类型的demo。 注:执行main()之前先修改aws.accessKeyId和aws.secretAccessKey以及instance_id。
AWS ElastiCache
尘世中迷途小码农的专栏
04-22 4196
AWS ElastiCache 支持两种类型的缓存引擎,Memcached和Redis,和RDS一样,可以在EC2上安装Memcached和Redis软件,也可以依靠AWS ElastiCache来创建Memcached和Redis服务 默认推荐使用AWS ElastiCache来创建Memcached和Redis服务,因为这样AWS可以帮助我们创建和管理实例,软件升级,patch等 缓...
AWS DNS and Route 53
尘世中迷途小码农的专栏
04-21 3357
DNS (Domain Name System) DNS 概念 域名系统,直观上看,可以将域名转变成IP地址,使得我们在访问网络的时候不用输入IP地址,而是输入友好的域名。 Top-Level Domains 顶级域名,如.com, .net, .org, .gov, .cn 等,顶级域名是由Internet Corporation for Assigned Name and Numb...
AWS SQS, SWF and SNS
尘世中迷途小码农的专栏
04-20 2888
SQS (Simple Queue Service) 概念 简单消息服务,类似于Rabbit MQ,主要作用是作为消息中间件,解耦应用程序的各个组件 SQS不保证消息FIFO,但能保证消息的高可靠 消息的生命周期 生产者将消息发送到消息队列,此时消息的状态变为in-flight 消费者从消息队列中获取消息,此时消息的状态变为processed,在visibility timeo...
AWS S3 and Glacier
尘世中迷途小码农的专栏
04-03 2572
S3 (Simple Storage Service) Bucket Bucket全局唯一,一个account默认可创建100个bucket,一般用DNS名字命名 AWS region 创建Bucket的时候需要选择region,region在物理和逻辑上完全独立,除非用户手动从一个region复制数据到另一个region 可以选择离端点用户地理位置近的region创建bucket...
aws s3 bucket
06-02
您想了解关于 AWS S3 Bucket 的信息吗?AWS S3 Bucket 是 Amazon Web Services (AWS) 提供的一种对象存储服务,可以用于存储和检索任意类型的数据,包括文本、图像、视频和音频等。它非常灵活和可扩展,可以适应不同...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值