Top runbooks

This runbook involves identifying buckets that have not been accessed or modified within a set period, such as 90 or 180 days. Once identified, these buckets can be reviewed for important data, then archived, transferred to cost-effective storage, or deleted. This process helps reduce costs, optimize resource usage, and enhance security by minimizing poten...

This task involves retrieving and displaying a comprehensive list of all Amazon S3 buckets within an AWS account. This step is crucial as it provides a clear overview of all the storage resources available, serving as a starting point for various management and security tasks, such as enforcing encryption or implementing access policies.

This task involves modifying access controls and permissions of a S3 bucket to manage and secure data access, ensuring compliance with security standards and organizational requirements. This is essential for controlling and safeguarding sensitive information stored in S3. In this case the policy update is regarding write permissions for CloudTrail trail to write to S3 bucket.

This task involves establishing a CloudTrail trail to monitor and record AWS account activities, and directing the log files to a specified S3 bucket for secure and centralized storage. This setup enables efficient auditing and analysis of AWS service usage and user activities.

This task involves retrieving and displaying a comprehensive list of all Amazon S3 buckets within an AWS account. This step is crucial as it provides a clear overview of all the storage resources available, serving as a starting point for various management and security tasks, such as enforcing encryption or implementing access policies. By generating a list of all S3 buckets, users can easily...

This task involves setting up a unique data storage bucket in Amazon S3 for storing, managing, and retrieving data, with options for access control, versioning, and lifecycle management. S3 buckets provide a scalable and secure cloud storage solution.

Identify and manage unused Amazon Machine Images (AMIs) in AWS to optimize storage and reduce unnecessary costs.

This task identifies and corrects security groups in AWS EC2, which allow unrestricted SSH access.

Amazon Elastic Compute Cloud (EC2) is a service offered by Amazon Web Services (AWS) that provides resizable compute capacity in the cloud. Through Boto3's EC2 client, the describe_instances() method provides detailed information about each instance, including its ID, type, launch time, and current state. This capability assists users in effectively monitoring and managing their cloud resource...

This task involves identifying AWS EC2 instances that are not currently associated with any Auto Scaling Groups (ASGs).

Note: region_name = None, fetches the results from all regions.

This task involves fetching all stopped AWS EC2 instances, facilitating management and analysis of inactive resources for operational optimization.

Note: region_name = None, fetches the results from all regions.

This runbook focuses on the end-to-end management of AWS costs, starting from the initial setup of CUR reports in S3 buckets to detailed tracking and analysis of these reports for effective cost control and insights.

Amazon Elastic Compute Cloud (EC2) is a service offered by Amazon Web Services (AWS) that provides resizable compute capacity in the cloud. Through Boto3's EC2 client, the describe_instances() method provides detailed information about each instance, including its ID, type, launch time, and current state. This capability assists users in effectively monitoring and managing their cloud resource...

This runbook involves enabling automatic file compression in AWS CloudFront to enhance content delivery speeds. This process reduces file sizes, leading to faster transfers, reduced data costs, and an improved user experience. It's particularly beneficial for content types that aren't already compressed.

This runbook evaluates AWS EC2 instances' utilization patterns, identifying underutilized periods. Based on these patterns, it recommends optimal start-stop schedules and estimates potential cost savings, allowing organizations to optimize cloud expenses and improve resource efficiency.

Enforcing HTTPS redirection on AWS ALB ensures all HTTP traffic is redirected to HTTPS, enhancing data security. This is achieved by modifying the ALB's listener rules, ensuring encrypted and secure data transit.

This runbook is essential to prevent unauthorized access and data breaches. This entails configuring RDS instances to be private, thereby making them accessible only within the specified Virtual Private Cloud (VPC). Initially, all RDS instances are scanned to identify those marked as publicly accessible. This status is then altered to private, or within the AWS network, enhancing the security ...