# AWS Clean Up Script

This script will clean up all the resources on an individual/organization's AWS account. This script is still in development and a lot of work is still pending. Although the notebook is self explanatory, a little study on core AWS SDK features will be of use.

### Things to Improve on:

1. Use sets wherever possible to reduce to the number of filter operations
2. Exception handling still needs to be done
3. Alert generation through SNS, MailGun and Twilio needs to be implemented

## Libraries

In [1]:
import boto3, json
from pprint import pprint

## Credentials

In [2]:
def getAWSCreds():
    credentials = json.load(open('../esrcd.json'))
    awsCreds = credentials['aws']
    return(awsCreds)

## Sessions and Resources

In [3]:
def createSession():
    session = boto3.session.Session(aws_access_key_id=getAWSCreds()['accessKey'], 
                                    aws_secret_access_key=getAWSCreds()['secretKey'])
    return(session)

def createResourceObj(resourceName, regionName):
    resource = boto3.resource(resourceName, region_name=regionName, 
                              aws_access_key_id=getAWSCreds()['accessKey'], 
                              aws_secret_access_key=getAWSCreds()['secretKey'])
    return(resource)

def createClient(resourceName,regionName):
    client = boto3.client(resourceName, region_name=regionName,
                          aws_access_key_id=getAWSCreds()['accessKey'], 
                          aws_secret_access_key=getAWSCreds()['secretKey'])
    return(client)

## Regions and Services

In [4]:
def getAllRegions(session):
    return(session.get_available_regions('ec2', partition_name='aws'))

def getAllServices(session):
    return(session.get_available_services())

In [5]:
def getAllServicesAndRegions(session):
    allServices = getAllServices(session)
    serviceDict = {}
    for service in allServices:
        availableRegions = session.get_available_regions(service, partition_name='aws')
        serviceDict[service] = availableRegions
    return(serviceDict)

In [6]:
def getIncludedRegions(excludedRegions, session):
    allRegions = getAllRegions(session)
    return([region for region in allRegions if region not in excludedRegions])

def getIncludedServices(excludedServices, session):
    allServices = getAllServices(session)
    return([service for service in allServices if service not in excludedServices])

def getShortlistedRegions(includedRegions, validRegions):
    return([region for region in includedRegions if region in validRegions])

def getAllRegionsForService(serviceName, session):
    return(session.get_available_regions(serviceName, partition_name='aws'))

# Autoscaling

### AutoScaling Groups

In [88]:
def getAutoscalingGroupNames(autoScaling):
    asGroups = autoScaling.describe_auto_scaling_groups()['AutoScalingGroups']
    asGroupNames = []
    for group in asGroups:
        groupName = group['AutoScalingGroupName']
        asGroupNames.append(groupName)
    return(asGroupNames)

In [89]:
def deleteAutoscalingGroups(includedRegions):
    for region in includedRegions:
        autoScaling = createClient('autoscaling', region)
        asGroupNames = getAutoscalingGroupNames(autoScaling)
        for groupName in asGroupNames:
            try:
                res = autoScaling.delete_auto_scaling_group(AutoScalingGroupName=groupName,
                                                            ForceDelete=True)
                if(res['ResponseMetadata']['HTTPStatusCode'] != 200):
                    print("Something went wrong!")
                    # Add twilio section here
                    pprint(res)
            except Exception as e:
                exp = e
                print(e.response['Error']['Code'])
                twilioMsg = 'GroupName: {0}; Operation: {1}; Code: {2}; Cause: {3}'.format(groupName,
                                                                                           e.operation_name,
                                                                                           e.response['Error']['Code'],
                                                                                           e.response['Error']['Message'])
                print(twilioMsg)
                return(False)
                # Add twilio section here
    print("Autoscaling: All done!")
    return(True)

### Launch Configurations

In [132]:
def listLaunchConfigurations(autoScale):
    return(autoScale.describe_launch_configurations()['LaunchConfigurations'])

In [139]:
def deleteLaunchConfigurations(includedRegions):
    for region in includedRegions:
        autoScale = createClient('autoscaling', region)
        configList = listLaunchConfigurations(autoScale)
        for config in configList:
            launchConfigName = config['LaunchConfigurationName']
            print("Launch config name: " + launchConfigName)
            try:
                res = ec2.delete_launch_configuration(LaunchConfigurationName=launchConfigName)
                pprint(res)
            except Exception as e:
                pprint(e.response)
                twilioMsg = 'Launch Config Name: {3}; Error Code: {0}; Operation Name: {1}; Date: {2}'.format(e.response['Error']['Code'],
                                                                                    e.operation_name,
                                                                                    e.response['ResponseMetadata']['HTTPHeaders']['date'],
                                                                                                             launchConfigName)
                print(twilioMsg)
                #Add twilio code here
        print("Launch Configurations: All done!")

## EC2

### Volumes

In [90]:
def getVolumeIds(ec2):
    volumesIds = []
    for vol in ec2.volumes.filter(Filters=[
        {
            'Name': 'attachment.status',
            'Values': [
                'detached'
            ]
        },
    ]):
        volumesIds.append(vol.id)
    return(volumesIds)

In [91]:
def deleteVolumes(includedRegions):
    for region in includedRegions:
        ec2 = createResourceObj('ec2',region)
        volumeIds = getVolumeIds(ec2)
        for volumeId in volumeIds:
            volume = ec2.Volume(volumeId).delete(DryRun=False)
    print("Deleted all detached volumes!")

### Elastic IP

In [92]:
def getIds(ec2):
    elasticIps = []
    for address in ec2.describe_addresses()['Addresses']:
        elasticIps.append({
            "AssociationId" : address['AssociationId'],
            "AllocationId"  : address['AllocationId']
        })
    return(elasticIps)

In [93]:
def disassociateIPs(ec2, elasticIps):
    for ip in elasticIps:
        disassociateRes = ec2.disassociate_address(AssociationId=ip['AssociationId'])
        if(disassociateRes['ResponseMetadata']['HTTPStatusCode'] != 200):
            print("Disassociation failed!")
            pprint(disassociateRes)
        else:
            print("Disassociation response:")
            pprint(disassociateRes)
    print("Disassociate IPs: All done!")    

In [94]:
def releaseIPs(ec2, elasticIps):
    for ip in elasticIps:
        releaseResponse = ec2.release_address(AllocationId=ip['AllocationId'])
        if(releaseResponse['ResponseMetadata']['HTTPStatusCode'] != 200):
            print("Release failed!")
            pprint(releaseResponse)
        else:
            print("Release response:")
            pprint(releaseResponse)
    print("Release IPs: All done!")

In [95]:
def deleteElasticIPs(includedRegions):
    print("Deleting IPs")
    elasticIps = []
    for region in includedRegions:
        print("Region: {}".format(region))
        ec2 = createClient('ec2', region)
        elasticIps = getIds(ec2)
        disassociateIPs(ec2, elasticIps)
        releaseIPs(ec2, elasticIps)
    print("Elastic IPs: All done!")

### EC2 Instances

In [96]:
def deleteEC2Instances(includedRegions):
    instanceIds = listEC2InstanceIds(includedRegions)
    for region in instanceIds.keys():
        ec2 = createResourceObj('ec2', region)
        for instanceId in instanceIds[region]:
            instance = ec2.Instance(id=instanceId).terminate(DryRun=False)
            print("Deleted!")
    print("EC2: Instances: All done!")

def listEC2InstanceIds(includedRegions):
    instanceIds = {}
    for region in includedRegions:
        ec2 = createResourceObj('ec2', region)
        instances = ec2.instances.filter(
        Filters=[{'Name': 'instance-state-name', 'Values': ['running','stopped']}])
        for instance in instances:
            if(region not in instanceIds.keys()):
                instanceIds.setdefault(region,[]).append(instance.id)
            else:
                instanceIds[region].append(instance.id)
    pprint(instanceIds)
    return(instanceIds)

## SNS

In [97]:
def getExcludedTopics():
    topicList = ''
    return(topicList.split())

def getTopics(includedRegions, session, excludedTopics):
    snsRegions = getShortlistedRegions(includedRegions, getAllRegionsForService('sns', session))
    topics = []
    for region in snsRegions:
            print("Region: {}".format(region))
            sns = createResourceObj('sns', region)
            for topic in sns.topics.all():
                if(topic.arn not in excludedTopics):
                    topics.append(topic)
    return(topics)

In [98]:
def deleteTopics(includedRegions, session):
    topics = getTopics(includedRegions, session, getExcludedTopics())
    for topic in topics:
        response = topic.delete()
        if(response['ResponseMetadata']['HTTPStatusCode'] != 200):
            print("Something went wrong")
            #Add Twilio code here
            pprint(response)
        else:
            print("Deleted:")
            print("++++++++++")
            pprint(response)
    print("SNS: Topics: All done!")

## S3 Buckets

In [99]:
def getExcludedBucketNames():
    return('chiragbilling chiragwebsite'.split())

def listValidBuckets(s3):
    validBuckets = []
    for bucket in s3.buckets.all():
        print(bucket.name)
        if(bucket.name not in getExcludedBucketNames()):
            print("Added bucket")
            validBuckets.append(bucket)
    return(validBuckets)

def deleteObjects(s3, validBuckets):
    Delete = {'Objects':[]}
    for bucket in validBuckets:
        for page in bucket.objects.pages():
            for obj in page:
                print(obj.key)
                Delete['Objects'].append({
                    'Key' : obj.key
                })
            bucket.delete_objects(Delete=Delete)
            print("Page complete. Deleted objects")
        print("All pages complete.")

def deleteS3Buckets():
    s3 = createResourceObj('s3', 'ap-south-1')
    validBuckets = listValidBuckets(s3)
    deleteObjects(s3, validBuckets)
    for bucket in validBuckets:
        bucket.delete()
        print("Bucket deleted!")
    print("S3: All done!")

## DynamoDB

In [100]:
def getTableList(dynamo):
    tableList = []
    for table in dynamo.tables.all():
        tableList.append(table)
    return(tableList)

def deleteTableList(tableList):
    for table in tableList:
            response = table.delete()
            if(response['ResponseMetadata']['HTTPStatusCode']!=200):
                print("Something went wrong!")
                #Add twilio code here
            else:
                print("Success!")
                pprint(response)

def deleteDynamoTables(includedRegions, session):
    validRegions = getShortlistedRegions(includedRegions, getAllRegionsForService('dynamodb', session))
    for region in validRegions:
        print("Region: {}".format(region))
        dynamo = createResourceObj('dynamodb', region)
        tableList = getTableList(dynamo)
        deleteTableList(tableList)
    print("DynamoDB: All done!")

## SQS

In [101]:
def getAllQueues(sqs):
    return(sqs.queues.all())

def deleteQueue(queue):
    response = queue.delete()
    if(response['ResponseMetadata']['HTTPStatusCode']!=200):
        print("Something went wrong!")
        pprint(response)
        #Add twilio code here
    else:
        print("Success!")
        pprint(response)

def deleteSQS(includedRegions):
    validRegions = getShortlistedRegions(includedRegions, getAllRegionsForService('sqs', session))
    for region in validRegions:
        sqs = createResourceObj('sqs', region)
        for q in getAllQueues(sqs):
            deleteQueue(q)
    print("SQS: All done!")

# Not Tested:

************************************************************************************************************

## Testing Section

In [20]:
excludedRegions = ['us-east-1']
excludedServices = ['cloudwatch', 'budgets']

In [21]:
session = createSession()
# allRegions = getAllRegions(session)
# allServicesRegions = getAllServicesAndRegions(session)
# allServices = getAllServices(session)
includedRegions = getIncludedRegions(excludedRegions, session)
includedServices = getIncludedServices(excludedServices, session)
# ec2Regions = getAllRegionsForService('ec2', session)
# ec2 = createResourceObj('ec2', 'ap-south-1')
# ec22 = createResourceObj('ec2', 'sa-east-1')

In [72]:
resourceObjCompatibleServices = "cloudformation cloudwatch dynamodb ec2 glacier iam opsworks s3 sns sqs".split()
resourceObjCompatibleServices

['cloudformation',
 'cloudwatch',
 'dynamodb',
 'ec2',
 'glacier',
 'iam',
 'opsworks',
 's3',
 'sns',
 'sqs']

## Changes:

1. use Sets

In [140]:
beanstalk = createClient('elasticbeanstalk', 'ap-south-1')

In [146]:
a = beanstalk.describe_environments()

In [148]:
beanstalk.describe_applications()

{'Applications': [{'ApplicationName': 'My First Elastic Beanstalk Application',
   'ConfigurationTemplates': [],
   'DateCreated': datetime.datetime(2017, 12, 8, 17, 37, 35, 754000, tzinfo=tzutc()),
   'DateUpdated': datetime.datetime(2017, 12, 8, 17, 37, 35, 754000, tzinfo=tzutc()),
   'ResourceLifecycleConfig': {'VersionLifecycleConfig': {'MaxAgeRule': {'DeleteSourceFromS3': False,
      'Enabled': False,
      'MaxAgeInDays': 180},
     'MaxCountRule': {'DeleteSourceFromS3': False,
      'Enabled': False,
      'MaxCount': 200}}},
   'Versions': ['Sample Application']}],
 'ResponseMetadata': {'HTTPHeaders': {'connection': 'keep-alive',
   'content-length': '1219',
   'content-type': 'text/xml',
   'date': 'Fri, 08 Dec 2017 18:12:17 GMT',
   'x-amzn-requestid': '53086ce1-dc43-11e7-80a7-35c715ace882'},
  'HTTPStatusCode': 200,
  'RequestId': '53086ce1-dc43-11e7-80a7-35c715ace882',
  'RetryAttempts': 0}}

In [149]:
beanstalk.describe_environments()

{'Environments': [{'AbortableOperationInProgress': False,
   'ApplicationName': 'My First Elastic Beanstalk Application',
   'CNAME': 'Default-Environment.fekn9qgusj.ap-south-1.elasticbeanstalk.com',
   'DateCreated': datetime.datetime(2017, 12, 8, 17, 37, 37, 627000, tzinfo=tzutc()),
   'DateUpdated': datetime.datetime(2017, 12, 8, 17, 40, 45, 205000, tzinfo=tzutc()),
   'EndpointURL': 'awseb-e-5-AWSEBLoa-1EDQZLQFTHU6Y-1884972070.ap-south-1.elb.amazonaws.com',
   'EnvironmentArn': 'arn:aws:elasticbeanstalk:ap-south-1:522550275729:environment/My First Elastic Beanstalk Application/Default-Environment',
   'EnvironmentId': 'e-5xgfuspbav',
   'EnvironmentLinks': [],
   'EnvironmentName': 'Default-Environment',
   'Health': 'Green',
   'HealthStatus': 'Ok',
   'PlatformArn': 'arn:aws:elasticbeanstalk:ap-south-1::platform/Node.js running on 64bit Amazon Linux/4.4.0',
   'SolutionStackName': '64bit Amazon Linux 2017.09 v4.4.0 running Node.js',
   'Status': 'Ready',
   'Tier': {'Name': 'WebS

In [150]:
envs = beanstalk.describe_environments()['Environments']

In [151]:
envs
beanstalk.dele

[{'AbortableOperationInProgress': False,
  'ApplicationName': 'My First Elastic Beanstalk Application',
  'CNAME': 'Default-Environment.fekn9qgusj.ap-south-1.elasticbeanstalk.com',
  'DateCreated': datetime.datetime(2017, 12, 8, 17, 37, 37, 627000, tzinfo=tzutc()),
  'DateUpdated': datetime.datetime(2017, 12, 8, 17, 40, 45, 205000, tzinfo=tzutc()),
  'EndpointURL': 'awseb-e-5-AWSEBLoa-1EDQZLQFTHU6Y-1884972070.ap-south-1.elb.amazonaws.com',
  'EnvironmentArn': 'arn:aws:elasticbeanstalk:ap-south-1:522550275729:environment/My First Elastic Beanstalk Application/Default-Environment',
  'EnvironmentId': 'e-5xgfuspbav',
  'EnvironmentLinks': [],
  'EnvironmentName': 'Default-Environment',
  'Health': 'Green',
  'HealthStatus': 'Ok',
  'PlatformArn': 'arn:aws:elasticbeanstalk:ap-south-1::platform/Node.js running on 64bit Amazon Linux/4.4.0',
  'SolutionStackName': '64bit Amazon Linux 2017.09 v4.4.0 running Node.js',
  'Status': 'Ready',
  'Tier': {'Name': 'WebServer', 'Type': 'Standard', 'Ver

In [154]:
envNames = []
for env in envs:
    envNames.append(env['EnvironmentId'])

In [155]:
envNames

['e-5xgfuspbav']

In [156]:
res = ''
for envName in envNames:
    res = beanstalk.terminate_environment(EnvironmentId=envName, ForceTerminate=True)

In [163]:
if(res['Status'] == 'Terminating' or res['Status'] == 'Terminated'):
    print('Done')

Done
