library
turbot/aws_thrifty
- Detect & correct DynamoDB table with stale data
- Detect & correct EBS snapshots exceeding max age
- Detect & correct EBS volumes attached to stopped instances
- Detect & correct EBS volumes exceeding max size
- Detect & correct EBS volumes if unattached
- Detect & correct EBS volumes using gp2
- Detect & correct EBS volumes using io1
- Detect & correct EBS volumes with low IOPS
- Detect & correct EBS volumes with low usage
- Detect & correct EC2 application load balancers if unused
- Detect & correct EC2 classic load balancers if unused
- Detect & correct EC2 gateway load balancers if unused
- Detect & correct EC2 instances exceeding max age
- Detect & correct EC2 instances large
- Detect & correct EC2 instances of older generation
- Detect & correct EC2 instances without graviton
- Detect & correct EC2 network load balancers if unused
- Detect & correct EKS node groups without graviton
- Detect & correct Elasticache clusters exceeding max age
- Detect & correct EMR Clusters idle 30 mins
- Detect & correct Lambda functions without graviton
- Detect & correct RDS DB instances exceeding max age
- Detect & correct RDS DB instances of older generation
- Detect & correct RDS DB instances with low connection count
- Detect & correct RDS DB instances without graviton processor
- Detect & correct Route53 health checks if unused
- Detect & correct Route53 records with lower TTL
- Detect & correct S3 buckets without lifecycle policy
- Detect & correct SecretsManager secrets if unused
- Detect & correct VPC EIPs if unattached
- Detect & correct VPC NAT gateways if unused
Get Involved
Version
Detect & correct EKS node groups without Graviton
Amazon EKS node groups that don't use Graviton processor may result in higher operational costs. This query trigger identifies non-Graviton node groups and either sends notifications or attempts predefined corrective actions.
Getting Started
By default, this trigger is disabled, but can be configured by setting the variables:
eks_node_groups_without_graviton_trigger_enabledshould be set totrue(default isfalse).eks_node_groups_without_graviton_trigger_scheduleshould be set according to your desired running schedule.eks_node_groups_without_graviton_default_actionshould be set to"notify"or any other desired action (e.g.,"notify"for notifications or"delete_node_group"to delete the node group).
Then starting the server:
flowpipe serveror if you've set the variables in a .fpvars file:
flowpipe server --var-file=/path/to/your.fpvarsQuery
with node_group_using_launch_template_image_id as ( select g.arn as node_group_arn, v.image_id as image_id from aws_eks_node_group as g left join aws_ec2_launch_template_version as v on v.launch_template_id = g.launch_template ->> 'Id' and v.version_number = (g.launch_template ->> 'Version') :: int where g.launch_template is not null),ami_architecture as ( select node_group_arn, architecture, case when s.platform_details = 'Linux/UNIX' then 'linux' else platform_details end as platform from node_group_using_launch_template_image_id as i left join aws_ec2_ami_shared as s on s.image_id = i.image_id where architecture is not null union select node_group_arn, architecture, case when a.platform_details = 'Linux/UNIX' then 'linux' else platform_details end as platform from node_group_using_launch_template_image_id as i left join aws_ec2_ami as a on a.image_id = i.image_id where architecture is not null)select concat( g.nodegroup_name, ' [', g.region, '/', g.account_id, ']' ) as title, g.cluster_name, g.nodegroup_name, g.region, g._ctx ->> 'connection_name' as credfrom aws_eks_node_group as g left join ami_architecture as a on a.node_group_arn = g.arnwhere ami_type = 'CUSTOM%' and a.architecture <> 'arm_64' and a.platform = 'linux';Schedule
15m