{"id":15022705,"url":"https://github.com/puppetlabs/relay-workflows","last_synced_at":"2025-10-19T17:31:16.314Z","repository":{"id":41811611,"uuid":"256321235","full_name":"puppetlabs/relay-workflows","owner":"puppetlabs","description":"Relay Workflows","archived":false,"fork":false,"pushed_at":"2022-08-24T01:33:40.000Z","size":81134,"stargazers_count":12,"open_issues_count":0,"forks_count":16,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-01-30T00:23:59.775Z","etag":null,"topics":["aws","azure","devops","gcp","relay"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/puppetlabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null}},"created_at":"2020-04-16T20:21:36.000Z","updated_at":"2022-08-17T18:59:38.000Z","dependencies_parsed_at":"2022-08-11T18:10:56.995Z","dependency_job_id":null,"html_url":"https://github.com/puppetlabs/relay-workflows","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/puppetlabs%2Frelay-workflows","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/puppetlabs%2Frelay-workflows/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/puppetlabs%2Frelay-workflows/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/puppetlabs%2Frelay-workflows/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/puppetlabs","download_url":"https://codeload.github.com/puppetlabs/relay-workflows/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":237181519,"owners_count":19268051,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","azure","devops","gcp","relay"],"created_at":"2024-09-24T19:58:17.465Z","updated_at":"2025-10-19T17:31:15.804Z","avatar_url":"https://github.com/puppetlabs.png","language":"Python","readme":"# Relay Workflows\n\n| Category | Workflow      | Description  |\n| ---------| --------------| ------------ |\n| Cost Optimization | [Terminate EC2 instances without valid lifetime tag](./ec2-reaper) | Terminates EC2 instances not in compliance with a tagging policy: specifying a `lifetime` or `termination_date` tag. |\n| Cost Optimization | [Delete unattached EBS volumes](./ebs-reaper) | Deletes EBS volumes that are unattached |\n| Cost Optimization | [Delete empty ELBv2 load balancers](./elbv2-delete-empty-loadbalancers) | Deletes empty ELBv2 load balancers |\n| Cost Optimization | [DynamoDB capacity monitor](./dynamodb-capacity-monitor) | Monitors DynamoDB provisioned capacity |\n| Cost Optimization | [Delete unattached Azure Disks](./azure-disk-reaper) | Deletes Azure Disks that are unattached |\n| Cost Optimization | [Delete untagged Azure Virtual Machines](./azure-vm-reaper) | Deletes Azure Virtual Machines that don't have any tags |\n| Cost Optimization | [Delete empty Azure Load Balancers](./azure-delete-empty-loadbalancers) | Deletes empty Azure Load Balancers |\n| Cost Optimization | [Delete unused Azure Network Interfaces](./azure-delete-unused-nics) | Deletes unused Azure Network Interfaces |\n| Cost Optimization | [Delete GCP instances without valid lifetime tag](./gcp-instance-reaper) | Deletes GCP instances not in compliance with a tagging policy: specifying a `lifetime` or `termination_date` tag. |\n| Cost Optimization | [Delete unattached GCP disks](./gcp-disk-reaper) | Deletes GCP disks that are unattached |\n| Incident Response | [When a Datadog event is received, send a message to Slack](./datadog-to-slack) | Sends a message to Slack when a Datadog event is received|\n| Incident Response | [When a Datadog event is received, create a Jira issue](./datadog-to-jira) | Creates a Jira Server issue when a Datadog event is received |\n| Incident Response | [Roll back a bad Kubernetes deployment and update a Datadog Incident](./datadog-k8s-rollback) | Rolls back a specified Kubernetes deployment and updates a Datadog Incident Management timeline |\n| Incident Response | [Roll back a bad Kubernetes deployment and update a FireHydrant Incident](./firehydrant-rollback) | Rolls back a specified Kubernetes deployment and updates a FireHydrant Incident Management timeline |\n| Incident Response | [When a PagerDuty incident is triggered, send a message to Slack](./pagerduty-to-slack) | Sends a message to Slack when a PagerDuty incident is triggered based on incident severity|\n| Incident Response | [When a PagerDuty incident is triggered, create a Jira ticket](./pagerduty-to-jira) | Creates a Jira Server issue when a PagerDuty incident is triggered |\n| Incident Response | [When a PagerDuty incident is triggered, send an SMS via Twilio](./pagerduty-to-twilio) | Deliver a custom notification via SMS when a PagerDuty incident is triggered |\n| Incident Response | [When a Splunk On-Call incident is created, coordinate tickets and Slack response](./splunkoncall-incident-response) | Create a Jira ticket, Slack room, and update Splunk On-Call incident timeline |\n| Security | [Stop untagged EC2 instances](./ec2-stop-untagged-instances) | Stops untagged EC2 instances |\n| Security | [Assume role and stop untagged EC2 instances](./sts-stop-untagged-instances) | Stops untagged EC2 instances by first assuming an IAM role with EC2 permissions |\n| Security | [Restrict public WRITE S3 buckets](./s3-restrict-public-write-buckets) | Finds all buckets with public 'WRITE' permissions and marks them `private` |\n| Security | [Restrict public READ S3 buckets](./s3-restrict-public-read-buckets) | Finds all buckets with public 'READ' permissions and marks them `private` |\n| Security | [Restrict public WRITE_ACP S3 buckets](./s3-restrict-public-write_acp-buckets) | Finds all buckets with public 'WRITE_ACP' permissions and marks them `private` |\n| Security | [Restrict public READ_ACP S3 buckets](./s3-restrict-public-read_acp-buckets) | Finds all buckets with public 'READ_ACP' permissions and marks them `private` |\n| Security | [Restrict S3 buckets with READ access to all Authenticated Users](./s3-restrict-authenticated_user-read-buckets) | Finds all buckets with 'READ' permissions to all Authenticated Users and marks them `private` |\n| Security | [Restrict S3 buckets with WRITE access to all Authenticated Users](./s3-restrict-authenticated_user-write-buckets) | Finds all buckets with 'WRITE' permissions to all Authenticated Users and marks them `private` |\n| Security | [Restrict S3 buckets with READ_ACP access to all Authenticated Users](./s3-restrict-authenticated_user-read_acp-buckets) | Finds all buckets with 'READ_ACP' permissions to all Authenticated Users and marks them `private` |\n| Security | [Restrict S3 buckets with WRITE_ACP access to all Authenticated Users](./s3-restrict-authenticated_user-write_acp-buckets) | Finds all buckets with 'WRITE_ACP' permissions to all Authenticated Users and marks them `private` |\n| Security | [Remediate unencrypted S3 buckets](./s3-remediate-unencrypted-buckets) | Finds all unencrypted S3 buckets and encrypts them with default encryption |\n| Security | [Remove unused EC2 key pairs](./ec2-remove-unused-key-pairs) | Finds all unused EC2 key pairs and deletes them |\n| Operations | [Assume role and describe EC2 objects](./sts-describe-ec2-objects) | Assumes IAM role and describes the EC2 instances, images, key pairs, and volumes in the account |\n| Operations | [Update other workflows on PR commit](./update-workflow-on-merge) | Enables GitOps for Relay by updating workflows stored on the service when a pull request gets merged |\n| Continuous Delivery | [Run Terraform when Pull Request merged in GitHub](./terraform-continuous-deployment) | Apply a Terraform configuration when a Pull Request is merged to a repository in GitHub. |\n| Continuous Delivery | [Update Kubernetes deployment image tag on Docker Hub push](./kubectl-apply-on-dockerhub-push) | Updates a deployment image using a Docker Hub webhook to inform relay when a new Docker image is available |\n| Continuous Delivery | [Provision an EC2 instance and configure with a Bolt plan](./ec2-provision-and-configure-with-bolt) | Uses terraform to create and provision a new EC2 instance, then uses a remote Bolt plan to configure it |\n| Operations | [Restart EC2 instance on http health check](./http-health-check) | Restarts an EC2 instance your choosing when a HTTP health check does not return 200 status |\n| Configuration | [Stop EC2 instance when sudoers file is changed with Puppet](./puppet-shutdown-ec2) | Listens for a sudoers file change on a Puppet run and shuts down the EC2 instance in response |\n| Configuration | [Emit Puppet run data](./puppet-run-emit-data) | Demonstrates data emitted by Puppet run |\n| Configuration | [Selectively enforce Puppet run](./puppet-selective-enforcement) | Selectively enforce Puppet run when corrective changes happen |\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpuppetlabs%2Frelay-workflows","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpuppetlabs%2Frelay-workflows","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpuppetlabs%2Frelay-workflows/lists"}