Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Collection of handy scripts for working with Amazon's Web Services

branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

README.md

Handy AWS tools from Jim Browne and 42Lines

  • tag-images-with-os - For each image in a region, create a tag (default "os") containing the name from the AMI used for the instance. Example output:
jbrowne@foo:~$ ~/awstools/tag-images-with-os --trace
Looking up AMI ami-xxxxxxxx for instance i-xxxxxxxx
Tagging i-xxxxxxxx with os=ubuntu-lucid-10.04-i386-server-20100827
Looking up AMI ami-xxxxxxxx for instance i-xxxxxxxx
Tagging i-xxxxxxxx with os=ubuntu-lucid-10.04-amd64-server-20101228
Looking up AMI ami-xxxxxxxx for instance i-xxxxxxxx
Tagging i-xxxxxxxx with os=ubuntu-maverick-10.10-i386-server-20101225
Looking up AMI ami-xxxxxxxx for instance i-xxxxxxxx
Tagging i-xxxxxxxx with os=ubuntu-maverick-10.10-amd64-server-20101225
Looking up AMI ami-xxxxxxxx for instance i-xxxxxxxx
Tagging i-xxxxxxxx with os=ubuntu-maverick-10.10-amd64-server-20101225
Looking up AMI ami-xxxxxxxx for instance i-xxxxxxxx
Tagging i-xxxxxxxx with os=ubuntu-precise-12.04-amd64-server-20121026.1
Looking up AMI ami-xxxxxxxx for instance i-xxxxxxxx
Tagging i-xxxxxxxx with os=ubuntu-precise-12.04-amd64-server-20121026.1
Looking up AMI ami-xxxxxxxx for instance i-xxxxxxxx
Tagging i-xxxxxxxx with os=Windows_Server-2008-R2_SP1-English-64Bit-Base-2012.10.10
  • server-certificate-check - Check server certificates in IAM for expiration and other issues. Example output:
Certificate subject is C=US, ST=California, L=San Francisco, O=Example Corporation, OU=IT, CN=page.example.com
+ 508 days left before expiration (2013-10-26 23:59:59+00:00)
Chain certificate subject is C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
+ Certificate issuer matches chain subject

Certificate subject is C=US, ST=California, L=San Francisco, O=Example Corporation, OU=IT, CN=bonham.example.com
- Key length less than 2048 bits!
- Certificate is expired! 2012-02-22 23:59:59+00:00
Chain certificate subject is O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign International Server CA - Class 3, OU=www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign
+ Certificate issuer matches chain subject

Certificate subject is C=US, ST=California, L=San Francisco, O=Example Corporation, OU=IT, CN=*.dev.example.com
+ 3 days left before expiration (2012-06-08 23:59:59+00:00)
Chain certificate subject is C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Secure Server CA - G3
+ Certificate issuer matches chain subject
  • reserved-instances-check - Examine all running instances and current reserved instance purchases. Suggest changes based on current data. Optionally print detail about running instances and reserved instances. Example output:
jbrowne@foo:~/awstools$ ./reserved-instances-check --quiet --itag=hostname --rdays=300

Advice based on current data:

1 candidate(s) for a reservation purchase in account main region us-east-1 zone us-east-1a
id i-deadbeef start 2011-12-16T02:58 (rockstar.dev.example.com)

1 unused reservation(s) in account main region us-east-1 zone us-east-1d
Use --rdetail to see reservation details

1 reservations(s) about to expire in account main region us-east-1 zone us-east-1d
id deadbeef-f000-baaa-dead-baaaaaaaaaaaa state active region RegionInfo:us-east-1 place us-east-1d type c1.xlarge count 1 start 2011-09-19T21:58 duration 365 elapsed 267 left 98

jbrowne@foo:~/awstools$ ./reserved-instances-check --itag=hostname
Account: main

Zone: us-east-1c
  Type m1.large Reservations 12 Instances 13 Delta 1

Zone: us-east-1a
  Type m1.large Reservations 93 Instances 100 Delta 7

Zone: us-east-1b
  Type c1.xlarge Reservations 21 Instances 20 Delta -1

[snipped advice section]

jbrowne@aauadmin02:~/awstools$ ~/boto-dev/bin/python ./reserved-instances-check --itag=hostname --rdetail
Account: main

Zone: us-east-1c
  Type m1.large Reservations 12 Instances 13 Delta 1
    Reservations:
      count 11 start 2011-09-19T22:15 duration 365 elapsed 266 left 99,
      count 1 start 2011-09-19T22:15 duration 1095 elapsed 266 left 829

Zone: us-east-1a
  Type m1.large Reservations 93 Instances 100 Delta 7
    Reservations:
      count 92 start 2011-09-19T22:11 duration 365 elapsed 267 left 98,
      count 1 start 2011-09-19T22:14 duration 1095 elapsed 266 left 829

Zone: us-east-1b
  Type c1.xlarge Reservations 21 Instances 20 Delta -1
    Reservations:
      count 21 start 2011-09-19T21:58 duration 365 elapsed 267 left 98

  • elastic-ip-check - Check for unused elastic IPs in all EC2 regions. Optionally report on in-use elastic IPs. Example output:
jbrowne@foo:~/awstools$ ./elastic-ip-check --used --itag=hostname
Account main Region us-east-1 in-use elastic IPs:
75.110.109.42 Instance i-deadbeef (bonham.example.com)
174.219.210.19 Instance i-f00dbaad (page.example.com)

jbrowne@foo:~/awstools$ ./elastic-ip-check
Account main Region us-east-1 unused elastic IPs:
107.20.114.174
107.20.109.42
  • availability-zones-check - NAGIOS plugin to WARN when availability zones are impaired

First install pynagios and boto:

easy_install pynagios
easy_install boto

Example output (boto < 2.2.2):

jbrowne@foo:~/awstools$ ./availability-zones-check
WARN: us-east-1:us-east-1d state impaired
jbrowne@foo:~/awstools$ echo $?
1

Example output (boto >= 2.2.2):

jbrowne@foo:~/awstools$ ./availability-zones-check
WARN: us-east-1:us-east-1d state impaired ("We are continuing to work to recover the remaining EC2 instances, EBS volumes and ELBs.")
jbrowne@foo:~/awstools$ echo $?
1
  • volume-status-check - NAGIOS plugin to WARN when volumes are impaired
jbrowne@foo:~/awstools$ ./volume-status-check
WARN: vol-deadbeef:potential-data-inconsistency IO Enabled nb 2012-06-30T05:09:46.000Z, vol-abcd1234:potential-data-inconsistency IO Enabled nb 2012-06-30T10:13:22.000Z
  • instance-events-check - NAGIOS plugin to WARN when instances have pending status events
jbrowne@foo:~/awstools$ ./instance-events-check
WARN: i-b74ebad3:instance-stop The instance is running on degraded hardware nb 2012-06-19T00:00:00.000Z
Something went wrong with that request. Please try again.