xRunBooks for CloudOps

AWS Create IAM User with policy: Create new IAM user with a security Policy. Sends confirmation to Slack.

AWS Delete IAM profile: This runbook is the inverse of Create IAM user with profile - removes the profile, the login and then the IAM user itself..

AWS Delete Unattached AWS EBS Volumes: This runbook can be used to delete all unattached EBS Volumes within an AWS region. You can delete an Amazon EBS volume that you no longer need. After deletion, its data is gone and the volume can't be attached to any instance. So before deletion, you can store a snapshot of the volume, which you can use to re-create the volume later.

AWS AWS Detach EC2 Instance from ASG: This runbook can be used to detach an instance from Auto Scaling Group. You can remove (detach) an instance that is in the InService state from an Auto Scaling group. After the instance is detached, you can manage it independently from the rest of the Auto Scaling group. By detaching an instance, you can move an instance out of one Auto Scaling group and attach it to a different group. For more information, see Attach EC2 instances to your Auto Scaling group.

AWS AWS EC2 Disk Cleanup: This runbook locates large files in an EC2 instance and backs them up into a given S3 bucket. Afterwards, it deletes the files backed up and send a message on a specified Slack channel. It uses SSH and linux commands to perform the functions it needs.

AWS AWS Ensure Redshift Clusters have Paused Resume Enabled: This runbook finds redshift clusters that don't have pause resume enabled and schedules the pause resume for the cluster.

AWS AWS Get unhealthy EC2 instances from ELB: This runbook can be used to list unhealthy EC2 instance from an ELB. Sometimes it difficult to determine why Amazon EC2 Auto Scaling didn't terminate an unhealthy instance from Activity History alone. You can find further details about an unhealthy instance's state, and how to terminate that instance, by checking the a few extra things.

AWS AWS Redshift Get Daily Costs from AWS Products: This runbook can be used to create charts and alerts around Your AWS product usage. It requires a Cost and USage report to be live in RedShift.

AWS AWS Redshift Get Daily Costs from EC2 Usage: This runbook can be used to create charts and alerts around AWS EC2 usage. It requires a Cost and USage report to be live in RedShift.

AWS AWS Lowering CloudTrail Costs by Removing Redundant Trails: The AWS CloudTrail service allows developers to enable policies managing compliance, governance, and auditing of their AWS account. In addition, AWS CloudTrail offers logging, monitoring, and storage of any activity around actions related to your AWS structures. The service activates from the moment you set up your AWS account and while it provides real-time activity visibility, it also means higher AWS costs. Here Finding Redundant Trails in AWS

AWS List unused Amazon EC2 key pairs: This runbook finds all EC2 key pairs that are not used by an EC2 instance and notifies a slack channel about them. Optionally it can delete the key pairs based on user configuration.

AWS Publicly Accessible Amazon RDS Instances: This runbook can be used to find the publicly accessible RDS instances for the given AWS region.

AWS Purchase Reserved Nodes For Long Running AWS ElastiCache Clusters: Ensuring that long-running AWS ElastiCache clusters have Reserved Nodes purchased for them is an effective cost optimization strategy for AWS users. By committing to a specific capacity of ElastiCache nodes for a period of one or three years, users can take advantage of significant discounts compared to On-Demand pricing. This approach can help optimize AWS costs for ElastiCache clusters that are expected to run for an extended period and have predictable usage patterns. This runbook helps us optimize costs by ensuring that Reserved Nodes are purchased for these ElastiCache clusters.

AWS Purchase Reserved Instances For Long Running AWS RDS Instances: Ensuring that long-running AWS RDS instances have Reserved Instances purchased for them is an important cost optimization strategy for AWS users. By committing to a specific capacity of RDS instances for a period of one or three years, users can take advantage of significant discounts compared to On-Demand pricing. This approach can help optimize AWS costs for RDS instances that are expected to run for an extended period and have predictable usage patterns. This runbook helps us to optimize costs by ensuring that Reserved Instances are purchased for these RDS instances.

AWS Purchase Reserved Nodes For Long Running AWS Redshift Clusters: Ensuring that long-running AWS Redshift Clusters have Reserved Nodes purchased for them is a critical cost optimization strategy . By committing to a specific capacity of Redshift nodes for a period of one or three years, users can take advantage of significant discounts compared to On-Demand pricing. This approach can help optimize AWS costs for Redshift Clusters that are expected to run for an extended period and have predictable usage patterns. This runbook helps us to ensure that Reserved Nodes are purchased for these clusters so that users can effectively plan ahead, reduce their AWS bill, and optimize their costs over time.

AWS Remediate unencrypted S3 buckets: This runbook can be used to filter all the S3 buckets which are unencrypted and apply encryption on unencrypted S3 buckets.

AWS Renew AWS SSL Certificates that are close to expiration: This runbook can be used to list all AWS SSL (ACM) Certificates that need to be renewed within a given threshold number of days. Optionally it can renew the certificate using AWS ACM service.

AWS AWS Restart unhealthy services in a Target Group: This runbook restarts unhealthy services in a target group. The restart command is provided via a tag attached to the instance.

AWS Restrict S3 Buckets with READ/WRITE Permissions to all Authenticated Users: This runbook will list all the S3 buckets.Filter buckets which has ACL public READ/WRITE permissions and Change the ACL Public READ/WRITE permissions to private in the given region.

AWS Secure Publicly accessible Amazon RDS Snapshot: This lego can be used to list all the manual database snapshots in the given region. Get publicly accessible DB snapshots in RDS and Modify the publicly accessible DB snapshots in RDS to private.

AWS Stop Idle EC2 Instances: This runbook can be used to Stop all EC2 Instances that are idle using given cpu threshold and duration.

AWS Stop all Untagged AWS EC2 Instances: This runbook can be used to Stop all EC2 Instances that are Untagged

AWS Terminate EC2 Instances Without Valid Lifetime Tag: This runbook can be used to list all the EC2 instances which don't have a lifetime tag and then terminate them.

AWS AWS Update RDS Instances from Old to New Generation: This runbook can be used to find the old generation RDS instances for the given AWS region and modify then to the given instance class.

AWS AWS Redshift Update Database: This runbook can be used to update a redshift database from a SQL file stored in S3.

AWS Encrypt unencrypted S3 buckets: This runbook can be used to filter all the S3 buckets which are unencrypted and apply encryption on unencrypted S3 buckets.

AWS Configure URL endpoint on a AWS CloudWatch alarm: Configures the URL endpoint to the SNS associated with a CloudWatch alarm. This allows to external functions to be invoked within unSkript in response to an alert getting generated. Alarms can be attached to the handlers to perform data enrichment or remediation

AWS Copy AMI to All Given AWS Regions: This runbook can be used to copy AMI from one region to multiple AWS regions using unSkript legos with AWS CLI commands.We can get all the available regions by using AWS CLI Commands.

AWS Detach EC2 Instance from ASG: This runbook can be used to detach an instance from Auto Scaling Group. You can remove (detach) an instance that is in the Service state from an Auto Scaling group. After the instance is detached, you can manage it independently from the rest of the Auto Scaling group. By detaching an instance, you can move an instance out of one Auto Scaling group and attach it to a different group. For more information, see Attach EC2 instances to your Auto Scaling group.

AWS Detect ECS failed deployment: This runbook check if there is a failed deployment in progress for a service in an ECS cluster. If it finds one, it sends the list of stopped task associated with this deployment and their stopped reason to slack.

AWS Enforce Mandatory Tags Across All AWS Resources: This runbook can be used to Enforce Mandatory Tags Across All AWS Resources.We can get all the untag resources of the given region,discovers tag keys of the given region and attaches mandatory tags to all the untagged resource.

AWS Handle AWS EC2 Instance Scheduled to retire: To avoid unexpected interruptions, it's a good practice to check to see if there are any EC2 instances scheduled to retire. This runbook can be used to List the EC2 instances that are scheduled to retire. To handle the instance retirement, user can stop and restart it before the retirement date. That action moves the instance over to a more stable host.

AWS Create an IAM user using Principle of Least Privilege: Extract usage details from Cloudtrail of an existing user. Apply the usage to a new IAM Policy, and connect it to a new IAM profile.

AWS Monitor AWS DynamoDB provision capacity: This runbook can be used to collect the data from cloudwatch related to AWS DynamoDB for provision capacity.

AWS Resize EBS Volume: This run resizes the EBS volume to a specified amount. This runbook can be attached to Disk usage related Cloudwatch alarms to do the appropriate resizing. It also extends the filesystem to use the new volume size.

AWS Resize list of pvcs.: This runbook can be used to resize list of pvcs in a namespace. By default, it uses all pvcs to be resized.

AWS Resize PVC: This runbook resizes the PVC to input size.

AWS Restart AWS EC2 Instances: This runbook can be used to Restart AWS EC2 Instances

AWS Launch AWS EC2 from AMI: This lego can be used to launch an AWS EC2 instance from AMI in the given region.

AWS Troubleshooting Your EC2 Configuration in a Private Subnet: This runbook can be used to troubleshoot EC2 instance configuration in a private subnet by capturing the VPC ID for a given instance ID. Using VPC ID to get Internet Gateway details then try to SSH and connect to internet.

Jenkins Fetch Jenkins Build Logs: This runbook fetches the logs for a given Jenkins job and posts to a slack channel

Jira Jira Visualize Issue Time to Resolution: Using the Panel Library - visualize the time it takes for issues to close over a specifict timeframe

Kubernetes k8s: Delete Evicted Pods From All Namespaces: This runbook shows and deletes the evicted pods for given namespace. If the user provides the namespace input, then it only collects pods for the given namespace; otherwise, it will select all pods from all the namespaces.

Kubernetes k8s: Get kube system config map: This runbook fetches the kube system config map for a k8s cluster and publishes the information on a Slack channel.

Kubernetes k8s: Get candidate nodes for given configuration: This runbook get the matching nodes for a given configuration (storage, cpu, memory, pod_limit) from a k8s cluster

Kubernetes Kubernetes Log Healthcheck: This RunBook checks the logs of every pod in a namespace for warning messages.

Kubernetes k8s: Pod Stuck in CrashLoopBackoff State: This runbook checks if any Pod(s) in CrashLoopBackoff state in a given k8s namespace. If it finds, it tries to find out the reason why the Pod(s) is in that state.

Kubernetes k8s: Pod Stuck in ImagePullBackOff State: This runbook checks if any Pod(s) in ImagePullBackOff state in a given k8s namespace. If it finds, it tries to find out the reason why the Pod(s) is in that state.

Kubernetes k8s: Pod Stuck in Terminating State: This runbook checks any Pods are in terminating state in a given k8s namespace. If it finds, it tries to recover it by resetting finalizers of the pod.

Kubernetes k8s: Resize List of PVCs: This runbook resizes a list of Kubernetes PVCs.

Kubernetes k8s: Resize PVC: This runbook resizes a Kubernetes PVC.

Kubernetes Rollback Kubernetes Deployment: This runbook can be used to rollback Kubernetes Deployment

Postgresql Display long running queries in a PostgreSQL database: This runbook displays collects the long running queries from a database and sends a message to the specified slack channel. Poorly optimized queries and excessive connections can cause problems in PostgreSQL, impacting upstream services.