AWS Actions

: AWS Attach New Policy to User

: AWS Attach Tags to Resources

: AWS Change ACL Permission public S3 Bucket

: AWS Check if RDS instances are not M5 or T3

: Create a new Access Key for the User

: Given an AWS policy (as a string), and the name for the policy, this will create an IAM policy.

: Create a snapshot for EBS volume of the EC2 Instance for backing up the data stored in EBS

: Delete an Access Key for a User

: Delete Classic Elastic Load Balancers

: Delete EBS Snapshot for an EC2 instance

: Delete AWS ECS Cluster

: AWS Delete Load Balancer

: AWS Delete Log Stream

: AWS Delete NAT Gateway

: Delete AWS RDS Instance

: Delete AWS Redshift Cluster

: AWS Delete Route 53 HealthCheck

: AWS Delete Secret

: Given an AWS Region, this Action returns a Dict with all of the Cloudtrail logs being recorded

: Use This Action to AWS Detach Instances From AutoScaling Group

: Describe AWS ECS Task Definition.

: AWS ECS Instances without AutoScaling policy.

: AWS ECS Services without AutoScaling policy.

: Use This Action to AWS Filter All Manual Database Snapshots

: This action retrieves a list of all Lambda functions and searches for log events for each function for given runtime(duration).

: This Action to filter all instances whose instanceType contains Large or xLarge, and that DO NOT have the largetag key/value.

: This action list a all snapshots details that are older than the threshold

: This action lists all log streams that are unused for all the log groups by the given threshold.

: This action list of EMR clusters of old generation instances.

: Find Idle EC2 instances

: This action list a all instances that are older than the threshold

: This action will find RDS DB instances with a number of connections below the specified minimum in the specified region.

: This lego finds RDS instances are not utilizing their CPU resources to their full potential.

: Use This Action to AWS find redshift cluster for which paused resume are not Enabled

: Find underutilized Redshift clusters in terms of CPU utilization.

: S3 lifecycle policies enable you to automatically transition objects to different storage classes or delete them when they are no longer needed. This action finds all S3 buckets without lifecycle policies.

: This action to get all of the Nat gateways that have zero traffic over those

: Some AWS functions require the AWS Account number. This programmatically retrieves it.

: AWS Get All Load Balancers

: Get a list of all service names in a region

: Get Costs for all AWS services in a given time period.

: Get daily cost for Data Transfer in AWS

: AWS get daily total spend from Cost Explorer

: This action list low use volumes from AWS which used <10% capacity from the given threshold days.

: AWS Get EC2 Instances About To Retired

: Given a Region and the ID of a policy generation job, this Action will return the policy (once it has been completed).

: This Lego collects the access keys that have never been used or the access keys that have been used but are older than the threshold.

: This action list of EMR clusters that have been idle for more than the specified time.

: AWS Get Internet Gateway by VPC ID

: This action gets information about long running ElastiCache clusters and their status, and checks if they have any reserved nodes associated with them.

: This action gets information about long running instances and their status, and checks if they have any reserved nodes associated with them.

: This action gets information about running clusters and their status, and checks if they have any reserved nodes associated with them.

: This action is used to get the details about nat gateways configured for VPC.

: Use this action to get AWS Network Load Balancer (NLB) without Targets

: AWS Get Older Generation RDS Instances action retrieves information about RDS instances using older generation instance types.

: This action is used to get private address from NAT gateways.

: AWS Get Publicly Accessible DB Snapshots in RDS

: AWS Get Publicly Accessible RDS Instances

: Given inputs of the AWS Region, and the Service_Code for a service, this Action will output all of the Service Quotas and limits.

: Given an QueryId, this Action will give you the status of the Query, along with other data like the number of lines/

: Given a QueryId, Get the Query Result, and format into a List

: Gets a list of all AWS resources that are missing the tag in the input parameters.

: AWS Get all Resources with an expiration tag

: For a given tag and region, get every AWS resource with that tag.

: Get string (of JSON) containing Secret details

: Given a Secret Name - this Action returns the Secret ARN

: Given an AWS Region, Service Code and Quota Code, this Action will output the quota information for the specified service.

: Get TTL for Route53 records for a hosted zone.

: AWS Get Tags of All Resources

: AWS Get Untagged Resources

: List all Access Keys for the User

: List all AWS IAM Users

: List all available AWS Regions

: AWS List Application LoadBalancers ARNs

: AWS List Attached User Policies

: This action searches for clusters that have low CPU utilization.

: List Expiring IAM User Access Keys

: List all AWS Hosted zones

: This Lego filter gets all the IAM users' login profiles, and if the login profile is available, checks for the last password change if the password is greater than the given threshold, and lists those users.

: List AWS Instances behind a Load Balancer

: List AWS Instance in a ELBv2 Target Group

: This action lists Elastic IP address and check if it is associated with an instance or network interface.

: List AWS Unhealthy Instance in a ELBv2 Target Group

: List Unhealthy Instances in a target group

: This action lists all the unused secrets from AWS by comparing the last used date with the given threshold.

: AWS Modify ALB Listeners HTTP Redirection

: AWS recently introduced the General Purpose SSD (gp3) volume type, which is designed to provide higher IOPS performance at a lower cost than the gp2 volume type.

: AWS Modify Publicly Accessible RDS Snapshots

: This action purchases a reserved cache node offering.

: This action purchases a reserved DB instance offering.

: This action purchases reserved nodes. Amazon Redshift offers a predefined set of reserved node offerings. You can purchase one or more of the offerings.

: Make a SQL Query to the given AWS Redshift database

: Register/Unregister AWS Instance from a Target Group

: AWS Release Elastic IP for both VPC and Standard

: AWS Revoke Policy from IAM User

: AWS Schedule Redshift Cluster Pause Resume Enabled

: This Action sends an Email with AWS Simple Email Service. Input the sender and recipient addresses, a subject and the body of the message (and the AWS region for SES), and your message will be sent.

: Input a List of Service Quotas, and get back which of your instances are above the warning percentage of the quota

: Given a region, a CloudTrail ARN (where the logs are being recorded), a reference IAM ARN (whose usage we will parse), and a Service role, this will begin the generation of a IAM policy. The output is a String of the generation Id.

: Update status of the Access Key

: Update TTL for an existing record in a hosted zone.

: This Action queries all VPC Storage quotas, and returns all usage over warning_percentage.

: AWS get Unused Route53 Health Checks

: Get a list of all IAM users that do not have any user-managed or AWS-managed policies attached to them

: AWS: Check for short Route 53 TTL

: Given an AWS Region, Service Code, quota code and a new value for the quota, this Action sends a request to AWS for a new value. Your Connector must have servicequotas:RequestServiceQuotaIncrease enabled for this to work.

: Given an AWS Region and a warning percentage, this Action queries all VPC quota limits, and returns any of Quotas that are over the alert value.

: Creates a new lifecycle configuration for the bucket or replaces an existing lifecycle configuration.

: Apply AWS Default Encryption for S3 Bucket

: Apply a New AWS Policy for S3 Bucket

: Apply CORS Policy for S3 Bucket

: Attach a webhook endpoint to one of the SNS attached to the AWS Cloudwatch alarm.

: Attach an EBS volume to an AWS EC2 Instance

: Check ACM SSL Certificate expiry date

: Copy given EKS pod logs to given S3 Bucket.

: Create a new AWS S3 Bucket

: Create Login profile for IAM User

: Create New IAM User

: Delete an AWS S3 Bucket

: Delete AWS Default Encryption for S3 Bucket

: Delete AWS Volume by Volume ID

: Delete a EKS POD in a given Namespace

: Deregisters AWS Instances from a Load Balancer

: Detach as AWS Instance with a Elastic Block Store.

: Change public accessibility of RDS Instances to False.

: Modify/Resize volume for Elastic Block Storage (EBS).

: List of stopped tasks, associated with a deployment, along with their stopped reason

: Get a list of running pods from given namespace and EKS cluster name

: Get a Status of given POD in a given Namespace and EKS cluster name

: IOPS (Input/Output Operations Per Second) is a metric used to measure the amount of input/output operations that an EBS volume can perform per second.

: Filter AWS EC2 Instance

: Filter AWS EC2 Instances Without Lifetime Tag

: Filter AWS EC2 Instances Without Termination and Lifetime Tag and Check of they are valid

: Use this Action to Filter AWS EC2 Instance by VPC Ids

: Filter AWS Target groups which have the provided tag attached to it. It also returns the value of that tag for each target group

: Filter AWS Unattached EBS Volume

: Filter AWS Unencrypted S3 Buckets

: Filter AWS Untagged EC2 Instances

: Filter AWS Unused Keypairs

: Filter All AWS EC2 Instance

: Find AWS ELBs with no targets or instances attached to them.

: Find all AWS Lambda functions that are not using the Arm-based AWS Graviton2 processor for their runtime architecture

: This action will find a redundant cloud trail if the attribute IncludeGlobalServiceEvents is true, and then we need to find multiple duplications.

: Get AWS ALB Listeners Without HTTP Redirection

: Use This Action to Get AWS AutoScaling Group Instances

: Get an AWS Bucket Size

: Get AWS CloudWatch Alarms List

: Get AWS CloudWatch Metrics for AWS/ApplicationELB

: Get AWS CloudWatch Metrics for AWS EC2 AutoScaling groups

: Get AWS CloudWatch Metrics for AWS DynamoDB

: Get AWS CloudWatch Metrics for Classic Loadbalancer

: Get AWS CloudWatch Metrics for AWS/GatewayELB

: Get AWS CloudWatch Metrics for AWS/Lambda

: Get AWS CloudWatch Metrics for Network Loadbalancer

: Get AWS CloudWatch Metrics for AWS/RDS

: Get AWS CloudWatch Metrics for AWS/Redshift

: Get AWS CloudWatch Metrics for AWS/SQS

: Get AWS CloudWatch Statistics

: Get AWS CloudWatch Statistics for EBS volumes

: AWS recently introduced the General Purpose SSD (gp3) volume type, which is designed to provide higher IOPS performance at a lower cost than the gp2 volume type.

: Get AWS CloudWatch Statistics for cpu utilization for EC2 instances

: Use This Action to Get All AWS EC2 Instances

: lists all EC2 instances with a public IP

: Get AWS CloudWatch Metrics for EC2 instances. These could be CPU, Network, Disk based measurements

: This action finds EC2 instances with smaller CPU size than threshold. (vCPU count)

: Get the Status of an AWS ECS Service

: Get a list of EC2 Instances for an EMR cluster. Filtered by node type (MASTER|CORE|TASK)

: Use this action to get details of an AWS EC2 Instance that matches a Private DNS Name

: Get AWS Instances Details

: Get AWS Lambda Functions that exceed a given threshold error rate.

: Get AWS Postgresql Max Configured Connections

: This Action gets the snapshots above a certain retention period.

: Get AWS S3 Buckets

: Get details about a security group, given its ID.

: Get AWS boto3 handle

: Get AWS public S3 Buckets using ACL

: Get Age of all EC2 Instances in Days

: Get CPU and memory utilization of given node.

: Get EBS Volumes By Type

: Get EC2 CPU Consumption For All Instances

: Get EC2 Data Traffic In and Out For All Instances

: Get EKS Nodes

: Get STS Caller Identity

: Get Schedule To Retire AWS EC2 Instance

: This action helps to list the volumes that are attached to stopped instances.

: Get AWS Lambda functions that have exceeded the maximum amount of time in seconds that a Lambda function can run.

: Get UnHealthy EC2 Instances for Classic ELB

: Get Unhealthy instances from Auto Scaling Group

: Get Unhealthy instances from Elastic Load Balancer

: Use this action to get all targets for Network Load Balancer (NLB)

: Get all pod CPU and Memory usage from given namespace

: Get secrets from AWS secretsmanager

: Use this instance to Launch an AWS EC2 instance from an AMI

: Get a list of all AWS EC2 Instances from given ELB

: List All Expiring ACM Certificates

: Get list of all Namespaces in a given EKS cluster

: Get list of all dead pods in a given EKS cluster

: Get list of EKS deployment names for given Namespace

: Get list of all pods in a given EKS cluster

: Get list of all pods in a given EKS cluster that are not running.

: Make an AWS Bucket Public!

: Plot AWS PostgreSQL Action Connections

: Read an AWS S3 Object

: Register AWS Instances with a Load Balancer

: Renew Expiring ACM Certificates

: Restart AWS EC2 Instances

: Restart an AWS ECS Service

: Execute command using AWS CLI

: Execute command on EC2 instance(s) using SSM

: This action runs a kubectl command on an AWS EKS Cluster

: Start an AWS EC2 Instances

: Stop an AWS Instance

: Tag AWS Instances

: This Action will Terminate AWS EC2 Instances

: Update AWS ECS Service

: Upload a local file to S3