Fetch the S3 prefix list IDs for S3 in all AWS regions. These can then be used in route tables and security groups to allow access to S3:
#!/bin/bash
# Fetch the S3 prefix list IDs for S3 in all AWS regions.
# These can then be used in route tables and security groups to allow access to S3
aws ec2 describe-regions --query 'Regions[*].RegionName' | \
jq -r '.[]' | \
while read REGION
do
echo ==== $REGION ====
aws ec2 describe-prefix-lists \
--region $REGION \
--filters Name=prefix-list-name,Values=com.amazonaws.$REGION.s3 \
--query 'PrefixLists[0].PrefixListId'
doneThis script is designed to lookup and delete snapshots by tag key/value pair of a certain age.
Required arguments: -r [ AWS Region(s) ] ( Can specify multiple ) -a [ Account ID(s) to Query ] ( Can specify multiple ) -k [ AWS Tag:Key to lookup snapshots by ] -v [ AWS Tag:Value to lookup snapshots by ] -d [ Retention time in Days to delete snapshots ]
Optional Arguments: -p [ AWS Profile to use ]
Example Usage: The following will delete all snapshots created by the tag CreatedBy:AutomatedBackups older than 7 days in both us-west-2 and us-east-1
./snapshot-cleanup.sh -r "us-west-2 us-east-1" -k CreatedBy -v AutomatedBackups -a 201035249631 -d 7#!/bin/bash
#---------------------------------------------------#
# Author: Chris Stobie #
# Contact: [email protected] #
#---------------------------------------------------#
spacer() {
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
}
help_func() {
spacer
printf "%s\n" "$0 Usage"
spacer
printf "%s\n" "REQUIRED ARGUMENTS"
spacer
printf "%s\n" " -r [ AWS Region(s) ]"
printf "%s\n" " -k [ AWS Tag:Key to lookup snapshots by ]"
printf "%s\n" " -v [ AWS Tag:Value to lookup snapshots by ]"
printf "%s\n" " -d [ Retention time in Days to delete snapshots ]"
printf "%s\n" " -a [ Account ID(s) to Query ]"
spacer
printf "%s\n" "OPTIONAL ARGUMENTS"
spacer
printf "%s\n" " -p [ AWS Profile to use ]"
spacer
}
get_opts() {
while getopts "hr:k:v:d:a:p:" opt; do
case $opt in
h) help_func; exit 0;;
a) account_ids+=("$OPTARG") ;;
r) regions+=("$OPTARG") ;;
k) tag_key+=$OPTARG ;;
v) tag_value=$OPTARG ;;
d) retention_days=$OPTARG ;;
p) aws_profile=$OPTARG ;;
esac
done
}
validate_input() {
for var in regions tag_key tag_value account_ids retention_days; do
if [[ -z ${!var} ]]; then
spacer
printf "%s\n" "Missing $var"
help_func
exit 1
fi
done
}
delete_snap() {
printf "%s\n" "Deleting Snapshot [$id]"
aws_com ec2 delete-snapshot --region $region --snapshot-id $id
}
aws_com() {
if [[ -n $aws_profile ]]; then
aws "$@" --profile $aws_profile
else
aws "$@"
fi
}
cleanup_snapshots() {
# Calculate retention time in Epoch Seconds
for account in ${account_ids[@]}; do
printf "%s\n" "Cleaning up snapshots in $account"
for region in ${regions[@]}; do
printf "%s\n" "Cleanig up snapshots in $region"
retention_secs=$(date +%s --date "$retention_days days ago")
while read -r time id; do
time_secs=$(date "--date=$time" +%s)
if (( $time_secs <= $retention_secs )); then
cnt=0
# Run this in a loop in case we hit CLI Thresholds
until delete_snap; do
# Retry the deletion 5 times before failing
if (( cnt == 5 )); then
printf "%s\n" "Max retry reached"
break
fi
# Backup in case we hit the CLI thresholds
printf "%s\n" "CLI Threshold Hit, Retrying..."
sleep 5
((cnt++))
done
fi
done < <(aws_com ec2 describe-snapshots --owner-ids $account_id --region $region --output=text --filters "Name=tag:$tag_key,Values=$tag_value" --query 'Snapshots[*].[StartTime,SnapshotId]')
done
done
}
main() {
get_opts "$@"
validate_input
cleanup_snapshots
}
main "$@"This script will get instance ID's by key/value pair
REQUIRED | -v | tag-value | Value of the tag you want to query against REQUIRED | -k | tag-key | Key of the tag you want to query against
OPTIONAL | -r | region | AWS region to query against OPTIONAL | -o | output | yml|yaml|bash|shell OPTIONAL | -a | ansible hosts | yml|yaml|bash|shell
Output Options: Default | Line separated list of instance ID's Yaml | - instanceid Bash/Shell | instanceid instanceid instanceid
#!/bin/bash
#---------------------------------------------------------------------------#
# Author: Christopher Stobie #
# Contact: [email protected] #
#---------------------------------------------------------------------------#
spacer() {
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
}
_get-ids-help-func(){
printf "%s\n" "This script requires the following variables:"
spacer
printf "%s\n" "REQUIRED | -v | tag-value | Value of the tag you want to query against"
printf "%s\n" "REQUIRED | -k | tag-key | Key of the tag you want to query against"
spacer
printf "%s\n" "OPTIONAL | -r | region | AWS region to query against"
printf "%s\n" "OPTIONAL | -o | output | yml|yaml|bash|shell"
printf "%s\n" "OPTIONAL | -a | ansible hosts | yml|yaml|bash|shell"
spacer
printf "%s\n" "Output Options:"
printf "%s\n" " Default | Line separated list of instance ID's"
printf "%s\n" " Yaml | - instanceid"
printf "%s\n" " Bash/Shell | instanceid instanceid instanceid"
spacer
printf "%s\n" "Example Usage:"
printf "%s\n" " $0 -r us-west-2 -k envtype -v stg-db"
printf "%s\n" " $0 -v stg-db"
spacer
printf "%s\n" "Exiting..."
}
_get-ids-global-vars() {
region=""
key=""
value=""
output=""
}
_get-ids-opt-func() {
local OPTIND
while getopts "r:k:v:o:ah" opt; do
case $opt in
r) region=$OPTARG ;;
k) key=$OPTARG ;;
v) value=$OPTARG ;;
o) output=$OPTARG ;;
h) _get-ids-help-func; exit 0;;
esac
done
}
_get-ids-check-vars() {
if [[ -z $region ]]; then
region="us-west-2"
fi
if [[ -z $output ]]; then
output="txt"
fi
if [[ -z $value || -z $key ]]; then
_get-ids-help-func
exit 1
fi
}
_get-ids-format() {
if [[ $output =~ txt ]]; then
printf "%s\n" "$instances"
elif [[ $output =~ yml|yaml ]]; then
printf "%s\n" "$instances"|sed 's/^/- /g'
elif [[ $output =~ shell|bash ]]; then
printf "%s\n" "$instances" | paste -sd" "
fi
}
_get-ids-main() {
instances=$(aws ec2 describe-instances --region $region --filters "Name=tag:$key,Values=$value" --query "Reservations[*].Instances[*].InstanceId" --output text)
_get-ids-format
}
get-ids() {
_get-ids-global-vars
_get-ids-opt-func "$@"
_get-ids-check-vars
_get-ids-main
}
get-ids "$@"