Merge pull request #109 from cykhoo0108/ec2-mod-check

Ec2 mod check
aws-samples · May 23, 2024 · ebdbc10 · ebdbc10
2 parents a220dcd + 8b7bacd
commit ebdbc10
Show file tree

Hide file tree

Showing 3 changed files with 132 additions and 1 deletion.
diff --git a/constants.py b/constants.py
@@ -20,4 +20,33 @@
 
 CLI_TRUE_KEYWORD_ARRAY = ['yes', 'y', 'true', '1', 1]
 
-SESSUID_FILENAME = 'sess-uuid'
+SESSUID_FILENAME = 'sess-uuid'
+
+EC2_TAGS_KEYWORDS = [
+    "elk",
+    "elasticsearch",
+    "kibana",
+    "mysql",
+    "postgres",
+    "mariadb",
+    "database",
+    "sql",
+    "db",
+    "oracle",
+    "rabbit",
+    "rabbitmq",
+    "activemq",
+    "kafka",
+    "spark",
+    "hadoop",
+    "mongo",
+    "mongodb",
+    "memcached",
+    "redis",
+    "kubernetes",
+    "k8s",
+    "docker",
+    "cassandra"
+]
+
+EC2_TAG_VALUE_FALSE_KEYWORDS = ['false', '0', '-1', 'no', 'none', 'negative']
diff --git a/services/ec2/drivers/Ec2Instance.py b/services/ec2/drivers/Ec2Instance.py
@@ -8,6 +8,8 @@
 from utils.Tools import aws_parseInstanceFamily, _warn
 from services.Evaluator import Evaluator
 
+import constants as _C
+
 class Ec2Instance(Evaluator):
     def __init__(self, ec2InstanceData,ec2Client, cwClient):
         super().__init__()
@@ -108,6 +110,7 @@ def _checkSQLServerEdition(self):
             pos = image['Name'].find('SQL')
             if pos > 0:
                 sqlVers = image['Name'][pos+4:pos+8]
+                self.addII('SQLServer', sqlVers)
                 if EolVersion >= sqlVers:
                     self.results['SQLServerEOL'] = [-1, image['Name']]
 
@@ -363,3 +366,76 @@ def _checkEC2HasTag(self):
         if self.ec2InstanceData.get('Tags') is None:
             self.results['EC2HasTag'] = [-1, '']
         return
+
+    def checkInstanceTypeAvailable(self, instanceType):
+        resp = self.ec2Client.describe_instance_type_offerings(
+            LocationType='region',
+            Filters=[
+                {
+                    'Name': 'instance-type',
+                    'Values': [
+                        instanceType,
+                    ]
+                },
+                {
+                    'Name': 'location',
+                    'Values': [
+                        self.ec2Client.meta.region_name,
+                    ]
+                }
+            ]
+        )
+        if len(resp['InstanceTypeOfferings']) > 0:
+            return True
+
+    def _checkEC2AMD(self):
+        osType = self.getII('platform')
+        if osType['platform'] == 'linux':
+            return
+
+        instanceArr = aws_parseInstanceFamily(self.ec2InstanceData['InstanceType'], region=self.ec2Client.meta.region_name)
+        prefixDetail = instanceArr['prefixDetail']
+
+        if prefixDetail['attributes'] != 'a':
+            amdInstanceType = prefixDetail['family'] + prefixDetail['version'] + 'a.' + instanceArr['suffix']
+
+            if self.checkInstanceTypeAvailable(amdInstanceType):
+                self.results['EC2AMD'] = [-1, self.ec2InstanceData['InstanceType']]
+
+        return
+
+    def _checkEC2Graviton(self):
+        osType = self.getII('platform')
+        if osType['platform'] != 'linux':
+            return
+
+        instanceArr = aws_parseInstanceFamily(self.ec2InstanceData['InstanceType'], region=self.ec2Client.meta.region_name)
+        prefixDetail = instanceArr['prefixDetail']
+
+        if prefixDetail['attributes'] != 'g':
+            gInstanceType = prefixDetail['family'] + prefixDetail['version'] + 'g.' + instanceArr['suffix']
+
+            if self.checkInstanceTypeAvailable(gInstanceType):
+                self.results['EC2Graviton'] = [-1, self.ec2InstanceData['InstanceType']]
+
+        return
+
+
+    def _checkTags(self):
+        tags = self.ec2InstanceData['Tags']
+
+        keyTags = []
+        for tag in tags:
+            if tag['Key'].lower() in _C.EC2_TAGS_KEYWORDS and tag['Value'].lower() not in _C.EC2_TAG_VALUE_FALSE_KEYWORDS:
+                keyTags.append(tag['Key'].lower())
+                continue
+
+            if tag['Value'].lower() in _C.EC2_TAGS_KEYWORDS:
+                keyTags.append(tag['Value'].lower())
+                continue
+
+        if len(keyTags) > 0:
+            self.addII('keyTags', keyTags)
+
+        return
+
diff --git a/services/ec2/ec2.reporter.json b/services/ec2/ec2.reporter.json
@@ -181,6 +181,32 @@
             "[Tag your EC2 resources]<https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html>"
         ]
     },
+    "EC2AMD": {
+        "category": "CP",
+        "^description": "EC2 instance family with AMD chips: {$COUNT} of your instances can change to intance type powered by AMD chips",
+        "downtime": 1,
+        "slowness": 0,
+        "additionalCost": 0,
+        "criticality": "I",
+        "needFullTest": 0,
+        "shortDesc": "EC2 with AMD chips",
+        "ref": [
+            ""
+        ]
+    },
+    "EC2Graviton": {
+        "category": "CP",
+        "^description": "EC2 instance family with Graviton chips: {$COUNT} of your instances can change to instance type powered by Graviton chips.",
+        "downtime": 1,
+        "slowness": 0,
+        "additionalCost": 0,
+        "criticality": "I",
+        "needFullTest": 0,
+        "shortDesc": "EC2 with AMD chips",
+        "ref": [
+            ""
+        ]
+    },
     "EBSEncrypted": {
         "category": "S",
         "^description": "Storage Encyrption: {$COUNT} of EBS storage volumes are not encrypted. Enable encryption for EBS volumes to meet security and compliance requirements.",