GARAGENUM
/
DevOps-Bash-tools
mirror of https://github.com/HariSekhon/DevOps-Bash-tools
13
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:HariSekhon/DevOps-Bash-tools

Browse Source
pull/2/head
Hari Sekhon 3 years ago
parent ffc5afce6f e8462f793f
commit 24d7dcb3d4
4 changed files with 313 additions and 0 deletions
Show Stats Download Patch File Download Diff File

4
README.md
Unescape Escape View File

@ -360,6 +360,10 @@ etc.
- `aws_kms_key_rotation_enabled.sh` - lists [AWS KMS](https://aws.amazon.com/kms/) keys and whether they have key rotation enabled
- `aws_kube_creds.sh` - auto-loads all [AWS EKS](https://aws.amazon.com/eks/) clusters credentials in the current --profile and --region so your kubectl is ready to rock on AWS
- `aws_kubectl.sh` - runs kubectl commands safely fixed to a given [AWS EKS](https://aws.amazon.com/eks/) cluster using config isolation to avoid concurrency race conditions
- `aws_logs_*.sh` - some useful log queries in last N hours (24 by default):
- `aws_logs_batch_jobs.sh` - lists AWS Batch job submission requests and their callers
- `aws_logs_ec2_spot.sh` - lists AWS EC2 Spot fleet creation requests, their caller and first tag value for origin hint
- `aws_logs_ecs_tasks.sh` - lists AWS ECS task run requests, their callers and job definitions
- `aws_meta.sh` - [AWS EC2 Metadata API](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) query shortcut. See also the official [ec2-metadata](https://aws.amazon.com/code/ec2-instance-metadata-query-tool/) shell script with more features
- `aws_nat_gateways_public_ips.sh` - lists the public IPs of all NAT gateways. Useful to give to clients to permit through firewalls for webhooks or similar calls
- `aws_sso_env_creds.sh` - retrieves AWS SSO session credentials in the format of environment export commands for copying to other systems like Terraform Cloud

102
aws_logs_batch_jobs.sh
Unescape Escape View File

@ -0,0 +1,102 @@
#!/usr/bin/env bash
# vim:ts=4:sts=4:sw=4:et
#
# Author: Hari Sekhon
# Date: 2021-12-23 12:14:19 +0000 (Thu, 23 Dec 2021)
#
# https://github.com/HariSekhon/bash-tools
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/HariSekhon
#
set -euo pipefail
[ -n "${DEBUG:-}" ] && set -x
srcdir="$(dirname "${BASH_SOURCE[0]}")"
# shellcheck disable=SC1090
. "$srcdir/lib/aws.sh"
# shellcheck disable=SC2034,SC2154
usage_description="
Searches CloudWatch Logs for AWS Batch job submit requests in the last N hours to find who is running large expensive jobs
Defaults to finding logs in the last 24 hours but can optionally take an hours argument to search the last N hours
Example:
${0##*/}
${0##*/} 48 # 48 hours ago to present
${0##*/} 24 12 # 24 hours ago to 12 hours ago
Output Format:
<timestamp> <job_id> <user> <job_name>
$usage_aws_cli_required
"
# used by usage() in lib/utils.sh
# shellcheck disable=SC2034
usage_args="[<hours> <aws_cli_options>]"
help_usage "$@"
#min_args 1 "$@"
hours_ago_start=24
hours_ago_end=0
if [ -n "${1:-}" ] &&
! [[ "${1:-}" =~ ^- ]]; then
hours_ago_start="$1"
shift || :
fi
if [ -n "${1:-}" ] &&
! [[ "${1:-}" =~ ^- ]]; then
hours_ago_end="$1"
shift || :
fi
if ! [[ "$hours_ago_start" =~ ^[[:digit:]]+$ ]]; then
usage "invalid value given for hours ago start argument, must be an integer"
fi
if ! [[ "$hours_ago_end" =~ ^[[:digit:]]+$ ]]; then
usage "invalid value given for hours ago end argument, must be an integer"
fi
aws logs filter-log-events --log-group-name aws-controltower/CloudTrailLogs \
--start-time "$(date '+%s' --date="$hours_ago_start hours ago")000" \
--end-time "$(date '+%s' --date="$hours_ago_end hours ago")000" \
--filter-pattern '{ ($.eventSource = "batch.amazonaws.com") && ($.eventName = "SubmitJob") }' \
"$@" |
#--max-items 1 \
# --region eu-west-2 # set AWS_DEFAULT_REGION or pass --region via $@
#--end-time "$(date '+%s')000" \
jq -r '.events[].message' |
if [ -n "${DEBUG:-}" ]; then
data="$(cat)"
jq -r -s . <<< "$data" >&2
cat <<< "$data"
else
cat
fi |
jq -r -s '.[] |
[
.eventTime,
.responseElements.jobId,
( .userIdentity.arn | sub("arn:aws:sts::\\d+:assumed-role/"; "") | sub("AWSReservedSSO_\\w+/"; "") ),
.responseElements.jobName
] |
@tsv'

103
aws_logs_ec2_spot.sh
Unescape Escape View File

@ -0,0 +1,103 @@
#!/usr/bin/env bash
# vim:ts=4:sts=4:sw=4:et
#
# Author: Hari Sekhon
# Date: 2021-12-23 12:14:19 +0000 (Thu, 23 Dec 2021)
#
# https://github.com/HariSekhon/bash-tools
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/HariSekhon
#
set -euo pipefail
[ -n "${DEBUG:-}" ] && set -x
srcdir="$(dirname "${BASH_SOURCE[0]}")"
# shellcheck disable=SC1090
. "$srcdir/lib/aws.sh"
# shellcheck disable=SC2034,SC2154
usage_description="
Searches CloudWatch Logs for AWS EC2 Spot fleet creation requests in the last 24 hours to trace through to services incurring high EC2 charges such as large AWS Batch jobs
Defaults to finding logs in the last 24 hours but can optionally take an hours argument to search the last N hours
Example:
${0##*/}
${0##*/} 48 # 48 hours ago to present
${0##*/} 24 12 # 24 hours ago to 12 hours ago
Output Format:
<timestamp> <user> <first_tag_value>
eg.
2021-12-22T22:37:28Z AutoScaling AWSBatch-<name>-asg-12a3b4c5-67d8-9efa-b012-34cde56789f0
$usage_aws_cli_required
"
# used by usage() in lib/utils.sh
# shellcheck disable=SC2034
usage_args="[<hours_ago_start> <hours_ago_end> <aws_cli_options>]"
help_usage "$@"
#min_args 1 "$@"
hours_ago_start=24
hours_ago_end=0
if [ -n "${1:-}" ] &&
! [[ "${1:-}" =~ ^- ]]; then
hours_ago_start="$1"
shift || :
fi
if [ -n "${1:-}" ] &&
! [[ "${1:-}" =~ ^- ]]; then
hours_ago_end="$1"
shift || :
fi
if ! [[ "$hours_ago_start" =~ ^[[:digit:]]+$ ]]; then
usage "invalid value given for hours ago start argument, must be an integer"
fi
if ! [[ "$hours_ago_end" =~ ^[[:digit:]]+$ ]]; then
usage "invalid value given for hours ago end argument, must be an integer"
fi
aws logs filter-log-events --log-group-name aws-controltower/CloudTrailLogs \
--start-time "$(date '+%s' --date="$hours_ago_start hours ago")000" \
--end-time "$(date '+%s' --date="$hours_ago_end hours ago")000" \
--filter-pattern '{ ($.eventSource = "ec2.amazonaws.com") && ($.eventName = "CreateFleet") }' \
"$@" |
#--max-items 1 \
# --region eu-west-2 # set AWS_DEFAULT_REGION or pass --region via $@
jq -r '.events[].message' |
if [ -n "${DEBUG:-}" ]; then
data="$(cat)"
jq -r -s . <<< "$data" >&2
cat <<< "$data"
else
cat
fi |
jq -r -s '.[] |
[
.eventTime,
( .userIdentity.principalId | sub("^\\w+:"; "") ),
.requestParameters.CreateFleetRequest.TagSpecification.Tag[0].Value
] |
@tsv'

104
aws_logs_ecs_tasks.sh
Unescape Escape View File

@ -0,0 +1,104 @@
#!/usr/bin/env bash
# vim:ts=4:sts=4:sw=4:et
#
# Author: Hari Sekhon
# Date: 2021-12-23 12:14:19 +0000 (Thu, 23 Dec 2021)
#
# https://github.com/HariSekhon/bash-tools
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/HariSekhon
#
set -euo pipefail
[ -n "${DEBUG:-}" ] && set -x
srcdir="$(dirname "${BASH_SOURCE[0]}")"
# shellcheck disable=SC1090
. "$srcdir/lib/aws.sh"
# shellcheck disable=SC2034,SC2154
usage_description="
Searches CloudWatch Logs for AWS ECS task run requests in the last 24 hours to trace through to services incurring high EC2 charges such as large AWS Batch jobs
Defaults to finding logs in the last 24 hours but can optionally take an hours argument to search the last N hours, and can optionally take other AWS CLI options
Example:
${0##*/}
${0##*/} 48 # 48 hours ago to present
${0##*/} 24 12 # 24 hours ago to 12 hours ago
Output Format:
<timestamp> <user> <task_definition:version>
eg.
2021-12-23T02:05:34Z aws-batch MyJob:11
$usage_aws_cli_required
"
# used by usage() in lib/utils.sh
# shellcheck disable=SC2034
usage_args="[<hours_ago_start> <hours_ago_end> <aws_cli_options>]"
help_usage "$@"
#min_args 1 "$@"
hours_ago_start=24
hours_ago_end=0
if [ -n "${1:-}" ] &&
! [[ "${1:-}" =~ ^- ]]; then
hours_ago_start="$1"
shift || :
fi
if [ -n "${1:-}" ] &&
! [[ "${1:-}" =~ ^- ]]; then
hours_ago_end="$1"
shift || :
fi
if ! [[ "$hours_ago_start" =~ ^[[:digit:]]+$ ]]; then
usage "invalid value given for hours ago start argument, must be an integer"
fi
if ! [[ "$hours_ago_end" =~ ^[[:digit:]]+$ ]]; then
usage "invalid value given for hours ago end argument, must be an integer"
fi
aws logs filter-log-events --log-group-name aws-controltower/CloudTrailLogs \
--start-time "$(date '+%s' --date="$hours_ago_start hours ago")000" \
--end-time "$(date '+%s' --date="$hours_ago_end hours ago")000" \
--filter-pattern '{ ($.eventSource = "ecs.amazonaws.com") && ($.eventName = "RunTask") }' \
"$@" |
#--max-items 1 \
# --region eu-west-2 # set AWS_DEFAULT_REGION or pass --region via $@
jq -r '.events[].message' |
if [ -n "${DEBUG:-}" ]; then
data="$(cat)"
jq -r -s . <<< "$data" >&2
cat <<< "$data"
else
cat
fi |
# 2021-12-23T02:05:34Z aws-batch arn:aws:ecs:eu-west-2:123456789012:task-definition/MyJob:11
jq -r -s '.[] |
[
.eventTime,
( .userIdentity.principalId | sub("^\\w+:"; "") ),
( .requestParameters.taskDefinition | sub("arn:aws:ecs:[\\w-]+:\\d+:task-definition/"; "") )
] |
@tsv'
Write Preview
Loading…
Cancel
Save