{"id":21957048,"url":"https://github.com/trussworks/truss-aws-tools","last_synced_at":"2025-06-10T14:06:45.925Z","repository":{"id":28246984,"uuid":"105203117","full_name":"trussworks/truss-aws-tools","owner":"trussworks","description":"Assortment of AWS Lambda functions and CLI based tools for working with AWS.","archived":false,"fork":false,"pushed_at":"2025-04-23T04:49:08.000Z","size":1457,"stargazers_count":19,"open_issues_count":6,"forks_count":14,"subscribers_count":11,"default_branch":"main","last_synced_at":"2025-04-23T05:29:20.409Z","etag":null,"topics":["aws","aws-lambda","lambda-functions"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trussworks.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2017-09-28T21:58:13.000Z","updated_at":"2024-08-06T18:23:51.000Z","dependencies_parsed_at":"2023-09-26T00:47:45.395Z","dependency_job_id":"9484cfd8-6632-4ab2-86a2-7f17374205c6","html_url":"https://github.com/trussworks/truss-aws-tools","commit_stats":null,"previous_names":[],"tags_count":12,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trussworks%2Ftruss-aws-tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trussworks%2Ftruss-aws-tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trussworks%2Ftruss-aws-tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trussworks%2Ftruss-aws-tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trussworks","download_url":"https://codeload.github.com/trussworks/truss-aws-tools/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250465234,"owners_count":21435159,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-lambda","lambda-functions"],"created_at":"2024-11-29T08:48:56.842Z","updated_at":"2025-04-23T15:49:16.243Z","avatar_url":"https://github.com/trussworks.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# truss-aws-tools\n\nAWS tools that come in handy.\n\n| Tool                    | Description                                                                                              | AWS Lambda Support  |\n|-------------------------|----------------------------------------------------------------------------------------------------------|---------------------|\n| aws-remove-user         | Remove an AWS User's access keys and MFA devices.                                                        | N/A                 |\n| ebs-delete              | snapshots an EBS volume before deleting, and won't delete volumes that belong to CloudFormation stacks.  | No                  |\n| iam-keys-check          | checks users for old access keys and sends notification to a Slack webhook url                           | Yes                 |\n| rds-snapshot-cleaner    | removes manual snapshot for a RDS instance that are older than X days or over a maximum snapshot count.  | Yes                 |\n| s3-bucket-size          | figures out how many bytes are in a given bucket as of the last CloudWatch metric update. Must faster and cheaper than iterating over all of the objects and usually \"good enough\". | No |\n| trusted-advisor-refresh | triggers a refresh of Trusted Advisor because AWS doesn't do this for you.                               | Yes                 |\n| aws-health-notifier     | Sends notifcations to a Slack webhook when AWS Health Events (read AWS outage) are triggered             | Yes                 |\n| ami-cleaner             | Deregisters AMIs and deletes associated snapshots based on name/tag/age                                  | Yes                 |\n| packer-janitor          | Removes abandoned Packer instances and their associated keypairs and security groups.                    | Yes                 |\n\n## Installation\n\n``` shell\ngo get -u github.com/trussworks/truss-aws-tools/...\n```\n\n## Developer Setup\n\n### Install dependencies (macOS)\n\n``` shell\nbrew install pre-commit direnv\nbrew install golangci/tap/golangci-lint\n```\n\nThen run `./bin/prereqs` and follow any instructions that appear.\n\n### Install dependencies (Debian Linux)\n\n``` shell\nsudo apt-get install direnv\npip install pre-commit\ngo get -u github.com/golangci/golangci-lint/cmd/golangci-lint\n```\n\nThen run `./bin/prereqs` and follow any instructions that appear.\n\n### Build Local Binaries\n\n``` shell\nmake all # Automatically setup pre-commit and Go dependencies before tests and build.\n```\n\n### Create Lambda\n\nTo build a zip for AWS Lambda to execute, run the following\n\n``` shell\nmake S3_BUCKET=your-s3-bucket lambda_release\n```\n\nIf using aws-vault:\n\n```shell\naws-vault exec \u003caws_profile\u003e -- make S3_BUCKET=your-s3-bucket lambda_release\n```\n\n## Tools wanted\n\n* s3 deletion tool that purges a key AND all versions of that key.\n* ebs volume snapshot deleter (all snaps older than x days, support keep tags)\n* redshift snapshot cleaner\n* automatic filesystem resizer (use case: you can make EBS volumes larger, but if you do, you still have to go in and run resize2fs (or whatever). Why not just do this at boot always?\n* AWS id lookup (ie, figure out from the id which describe API to call, and do it).\n* ebs snapshot creator (for all EBS volumes, trigger a snapshot).\n* Something that will pull AWS Bucket Inventory data (AWS ships it as an Athena or Hive compatible format, so you need to read a manifest.json and then pull a set of CSV or ORC files).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrussworks%2Ftruss-aws-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrussworks%2Ftruss-aws-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrussworks%2Ftruss-aws-tools/lists"}