go_aws_ami_cleaner

command module

v0.0.0-...-cd01979 Latest Latest Go to latest Published: Jul 30, 2020 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ckeivin/go_aws_ami_cleaner

Links

Open Source Insights

README ¶

go_aws_ami_cleaner

Lambda Environment Variables

Multiple Tags AMI Filtering

use the "AmiTag_<name>" as tag key name
e.g. if the tagging filter requirements are "Name":"Web" and "Solution":"IIS" and "Solution":"Logging", then it should be set as the following:

"AmiTag_Name" : "web",
"AmiTag_Solution" : "IIS;Logging"

key	default value	Description
AMI_AGE	14	Number of days since the creation of the AMI
DRY_RUN	none	Whether to run the script in test mode. `True` - will procceed with test mode `False` - will DELETE AMIs and Snapshots !

challenges

lambda

pick up AWS session from lambda
pick up environment variables from lambda console into Go

code logic

check for tags and set default values
filter AMI images based on "self" tag
filter AMI images based on tag key name and values
check age of AMI based on DAYS_OLD variable
compare and exclude AMIs used in launch configurations
compare and exclude AMIs used in launch templates
based on final list of AMIs, get respective snapshot IDs

additional features

multiple tag keys and values filtering via "envSlice := os.Environ()"

Useful links

https://docs.aws.amazon.com/lambda/latest/dg/golang-envvars.html https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime https://docs.aws.amazon.com/lambda/latest/dg/golang-handler.html

Remember to build your handler executable for Linux!

GOOS=linux GOARCH=amd64 go build -o main main.go zip main.zip main

time format

AWS uses ISO-8601 format

Lambda IAM Role Policies Required

AWSLambdaBasicExecutionRole
CustomAMIRole with the following policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "ec2:CreateTags",
            "Resource": "arn:aws:ec2:*::image/*"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeImages",
                "ec2:DeregisterImage",
                "ec2:DeleteSnapshot",
                "ec2:DescribeSnapshotAttribute",
                "autoscaling:DescribeLaunchConfigurations",
                "ec2:DescribeImageAttribute",
                "ec2:DescribeSnapshots"
            ],
            "Resource": "*"
        }
    ]
}

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
local

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL