AWS support
This release run *policies* against AWS account and upload result into ElasticSearch and visualize the result in dedicated Grafana dashboards.\
Cloud-Governance 1.1.0 supports Python 3.9 and higher.
Major Feature List
1. Policies
1. [ec2_idle](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/ec2_idle.py): Stop the running ec2 instances when CPU < 5%, NetWork < 5Kb, send action alert to user before stopping.
2. [ec2_stop](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/ec2_stop.py): Delete stopped ec2 instances more than 30 days and create AMI from it and send alert notification to the user.
3. [ebs_unattached](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/ebs_unattached.yml): Delete unattached ebs volumes.
4. [tag_resources](https://github.com/redhat-performance/cloud-governance/tree/main/cloud_governance/aws/tag_cluster): Auto tagging AWS resources by an IAM User tags ; EC2, EBS, Snapshot, AMI and *Cluster Resources.
5. [cost_explorer](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/cost_explorer.py): Fetch cost explorer reports based on daily User tag usage and uploaded to ElasticSearch and visualize in Grafana dashboards.
6. [cost_over_usage](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/cost_over_usage.py): This rule trigger notification to user when over usage.
7. [zombie_cluster_resource](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/zombie_cluster_resource.py): Scan and delete zombie(unused) *Cluster resources.
8. [empty_buckets](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/empty_buckets.py): delete empty buckets in the s3
9. [empty_roles](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/empty_roles.py): Delete the empty roles without policies
10. [zombie_snapshots](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/zombie_snapshots.py): Delete the snapshots unused by AMI.
11. [zombie_elastic_ips](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/zombie_elastic_ips.py): Delete elastic_ips which are not associated
12. [zombie_nat_gateways](https://github.com/redhat-performance/cloud-governance/blob/main/cloud_governance/policy/aws/zombie_nat_gateways.py): Delete the NatGateways which are not used.
Note:
* Cluster Resources
1. Volumes
2. Snapshots
3. AMI
4. Elastic Load Balancer/ v2
5. VPC
6. Subnets
7. RouteTable
8. NatGateways
9. ElasticIps
10. Security Groups
11. Network Interfaces
12. DHCP Options
13. Roles
14. User
15. S3 Bucket
16. Network ACL
17. VPC Endpoint
18. InternetGateway
How to run this polices
commandline
podman run --rm --name cloud-governance -e policy='ec2_idle' -e AWS_ACCESS_KEY_ID='$AWS_ACCESS_KEY_ID' -e AWS_SECRET_ACCESS_KEY='$AWS_SECRET_ACCESS_KEY' -e AWS_DEFAULT_REGION='us-east-2' -e dry_run='yes' -e policy_output='s3://bucket/logs' -e log_level='INFO' quay.io/ebattat/cloud-governance
Please report any issues with the release on the [issues](https://github.com/redhat-performance/cloud-governance/issues)**