LUAU is a plug-n-play suite of lambdas that aims to minimize the cost of operations of amazon account by acting upon Trusted Advisor(TA) recommendations.
You can read the documentation here
You can view the source code in this repository.
You can read the corresponding Medium blog here
LUAU utilizes amazon's tagging system to create a framework that can alert users about their unececessary expenditure and help act upon them.
- Make sure you can use the AWS CLI on your machine and that you can access the environment you want to deploy LUAU to.
- Register an email account with SES that will be used to send email reports
- Create an S3 Bucket that will be used to store the Lambda .ZIP source.
- Create the following parameters in SSM Parameter Store
- LAMBDA_CODE_BUCKET -- S3 Bucket Name
- SES_EMAIL -- Email Address registered to SES in Step 1.
- ADMIN_EMAIL -- Email Address that will receive the Admin Report.
- This requires AWS Trusted Advisor Business support to access the AWS Support APIs
- In resources/env.properties, set the AWS_REGION to your desired region (default is us-west-2)
- cd into the project root.
- install python 3.6 (and check that it works by running
which python3.6
) and create a virtual environment with it.virtualenv venv_dev --python=$(which python3.6)
. Don't use the venv virtual environment as that is used in the build script to create an artifact. ... Locally the build and deploy scripts worked with python 3.7 but the cloudformation script specifies that python 3.6 is required. - Run
python3 ./bin/create_templates.py
. This will create the SES Email templates used in the email reports - Run
./bin/build.sh
. This will generate the LUAU ZIP Artifact. You may need to edit the files permissions to run this - Run
./bin/deploy.sh
. This will deploy LUAU to your AWS Environment. You may need to edit the files permissions to run this
├── bin
│ ├── build.sh -- Builds deployment package
│ ├── create_templates.py -- Used to create email templates in SES
│ └── deploy.sh -- Deploys lambdas via CloudFormation
├── low_use -- Parses low-use instances and sends reports
│ ├── report_parser.py -- Parses low-use report
│ └── reporter.py -- Tags instance as LowUse, Whitelisted, or Scheduled For Deletion. Also sends SES Emails and stops instances
├── requirements.txt
├── resources
│ ├── env.properties -- Parameters for Lambdas (SES Email, etc.)
│ ├── sam.yaml -- SAM template for deployment
│ └── templates
│ ├── admin_report.json -- Email template for Admin Report
│ └── low_use_report.json -- Email template for creator-level report
├── tagger
│ ├── asg_tagger.py -- Tags Autoscaling groups and their instances
│ ├── ec2_tagger.py -- Tags EC2 resources (Instances, AMIs, EBS Volumes, SGs)
│ └── parser -- Parses AWS API Event JSON
│ ├── __init__.py
│ ├── asg_event.py
│ ├── base_event.py
│ └── ec2_event.py
└── util
├── aws.py -- Basic AWS Wrapper (SES, TrustedAdvisor, EC2, ASG)
└── dynamo.py -- Wrapper for Dynamo tables (CRUD Access)
- bin: Contains build/deploy scripts
- low_use: Will contain the Lambda function(s) responsible for processing Trusted Advisor data and emailing out the Low Use reports
- resources: This contains configuration files used in the build/deploy processes. Right now it only contains the SAM template for the tagger.
- tagger: This contains the Lambda functions responsible for auto-tagging AWS resources. Currently tags EC2, ASG, EBS, AMI, and Security Groups. This package also contains a parser subpackage used to parse the event data.
- test: Where the tests go. Each Python package will have it's own test package called
[package_name]_test
. This also contains a folder with example event data for the events we want to handle. - util: This is a Python package that will contain utility modules that can be shared by the other packages. This includes things like AWS calls.