- Correct DynamoDB table with stale data
- Correct EBS snapshots exceeding max age
- Correct EBS volumes attached to stopped instances
- Correct EBS volumes exceeding max size
- Correct EBS volumes if unattached
- Correct EBS volumes using gp2
- Correct EBS volumes using io1
- Correct EBS volumes with low IOPS
- Correct EBS volumes with low usage
- Correct EC2 application load balancers if unused
- Correct EC2 classic load balancers if unused
- Correct EC2 gateway load balancers if unused
- Correct EC2 instances exceeding max age
- Correct EC2 instances large
- Correct EC2 instances of older generation
- Correct EC2 instances without graviton
- Correct EC2 network load balancers if unused
- Correct EKS node groups without graviton
- Correct Elasticache clusters exceeding max age
- Correct EMR Clusters idle 30 mins
- Correct Lambda functions without graviton
- Correct one DynamoDB table with stale data
- Correct one EBS snapshot exceeding max age
- Correct one EBS volume attached to stopped instance
- Correct one EBS volume exceeding max size
- Correct one EBS volume if unattached
- Correct one EBS volume using gp2
- Correct one EBS volume using io1
- Correct one EBS volume with low IOPS
- Correct one EBS volume with low usage
- Correct one EC2 application load balancer if unused
- Correct one EC2 classic load balancer if unused
- Correct one EC2 gateway load balancer if unused
- Correct one EC2 instance exceeding max age
- Correct one EC2 instance large
- Correct one EC2 instance of older generation
- Correct one EC2 instance without graviton
- Correct one EC2 network load balancer if unused
- Correct one EKS node group without graviton
- Correct one Elasticache cluster exceeding max age
- Correct one EMR Cluster idle 30 mins
- Correct one Lambda function without graviton
- Correct one RDS DB instance exceeding max age
- Correct one RDS DB instance of older generation
- Correct one RDS DB instance with low connection count
- Correct one RDS DB instance without graviton processor
- Correct one Route53 health check if unused
- Correct one Route53 record with lower TTL
- Correct one S3 bucket without lifecycle policy
- Correct one SecretsManager secret if unused
- Correct one VPC EIP if unattached
- Correct one VPC NAT gateway if unused
- Correct RDS DB instances exceeding max age
- Correct RDS DB instances of older generation
- Correct RDS DB instances with low connection count
- Correct RDS DB instances without graviton processor
- Correct Route53 health checks if unused
- Correct Route53 records with lower TTL
- Correct S3 buckets without lifecycle policy
- Correct SecretsManager secrets if unused
- Correct VPC EIPs if unattached
- Correct VPC NAT gateways if unused
- Detect & correct DynamoDB tables with stale data
- Detect & correct EBS snapshots exceeding max age
- Detect & correct EBS volumes attached to stopped instances
- Detect & correct EBS volumes exceeding max size
- Detect & correct EBS volumes if unattached
- Detect & correct EBS volumes using gp2
- Detect & correct EBS volumes using io1
- Detect & correct EBS volumes with low IOPS
- Detect & correct EBS volumes with low usage
- Detect & correct EC2 application load balancers if unused
- Detect & correct EC2 classic load balancers if unused
- Detect & correct EC2 gateway load balancers if unused
- Detect & correct EC2 instances exceeding max age
- Detect & correct EC2 instances large
- Detect & correct EC2 instances of older generation
- Detect & correct EC2 instances without graviton
- Detect & correct EC2 network load balancers if unused
- Detect & correct EKS node groups without graviton
- Detect & correct Elasticache clusters exceeding max age
- Detect & correct EMR Clusters idle 30 mins
- Detect & correct Lambda functions without graviton
- Detect & correct RDS DB instances exceeding max age
- Detect & correct RDS DB instances of older generation
- Detect & correct RDS DB instances with low connection count
- Detect & correct RDS DB instances without graviton processor
- Detect & correct Route53 health checks if unused
- Detect & correct Route53 records with lower TTL
- Detect & correct S3 buckets without lifecycle policy
- Detect & correct SecretsManager secrets if unused
- Detect & correct VPC EIPs if unattached
- Detect & correct VPC NAT gateways if unused
- Snapshot & Delete EBS Volume
Detect & correct DynamoDB tables with stale data
Overview
DynamoDB tables can be quite costly to retain, it is also likely that after a certain point in time they're no longer required and should be cleaned up to prevent further costs.
This pipeline detects unused health checks and then either sends a notification or attempts to perform a predefined corrective action.
Getting Started
This control will work out-of-the-box with some sensible defaults (configurable via variables).
You should be able to simply run the following command in your terminal:
flowpipe pipeline run detect_and_correct_dynamodb_tables_with_stale_data
By default, Flowpipe runs in wizard mode and prompts directly in the terminal for a decision on the action(s) to take for each detected resource.
However, you can run Flowpipe in server mode with external integrations, allowing it to prompt for input via http
, slack
, teams
, etc.
Alternatively, you can choose to configure and run in other modes:
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run aws_thrifty.pipeline.detect_and_correct_dynamodb_tables_with_stale_data
Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = aws_thrifty.pipeline.detect_and_correct_dynamodb_tables_with_stale_data }
Params
Name | Type | Required | Description | Default |
---|---|---|---|---|
database | string | Yes | Database connection string. | postgres://steampipe@localhost:9193/steampipe |
notifier | string | Yes | The name of the notifier to use for sending notification messages. | default |
notification_level | string | Yes | The verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'. | info |
approvers | list(string) | Yes | List of notifiers to be used for obtaining action/approval decisions. |
|
default_action | string | Yes | The default action to use for the detected item, used if no input is provided. | notify |
enabled_actions | list(string) | Yes | The list of enabled actions to provide to approvers for selection. |
|
Outputs
This pipeline has no outputs.