diff --git a/docs/SUMMARY.md b/docs/SUMMARY.md index 36cd2003..0f5eb776 100644 --- a/docs/SUMMARY.md +++ b/docs/SUMMARY.md @@ -7,12 +7,14 @@ ## Rules​ -* [under\_utilized\_instance\_cpu\_rule](rules/under_utilized_instance_cpu_rule.md) +* [under\_utilized\_instance\_rule](rules/under_utilized_instance_rule.md) +* [auto\_scaling\_group\_optimization\_rule](rules/auto_scaling_group_optimization_rule.md) * [under\_utilized\_database\_rule](rules/under_utilized_database_rule.md) -* [older\_generation\_instance\_rule](rules/older_ec2_generation_rule.md) +* [instance\_upgrade\_rule](rules/instance_upgrade_rule.md) * [delete\_orphan\_instance\_storage\_rule](rules/delete_orphan_instance_storage_rule.md) * [too\_many\_instance\_images\_rule](rules/too_many_instance_images_rule.md) * [dev\_resources\_rule](rules/dev_resources_rule.md) * [database\_upgrade\_rule](rules/database_upgrade_rule.md) +* [cache\_upgrade\_rule](rules/cache_upgrade_rule.md) * [migration\_to\_docker\_rule](rules/migration_to_docker_rule.md) diff --git a/docs/config-params.md b/docs/config-params.md index 141699a6..f4cfc8d7 100644 --- a/docs/config-params.md +++ b/docs/config-params.md @@ -20,14 +20,14 @@ Config parameters are represent by JSON on home page when you launch [localhost: "description": "Threshold AMI count above which too_many_instance_images_rule rule will raise a concern" }, { - "key": "under_utilized_cpu_percentage", + "key": "under_utilized_cpu_percentage_instance", "value": "30.0", - "description": "Average CPU utilization threshold for under-utilized machine" + "description": "Average CPU utilization threshold for under-utilized ec2 machine" }, { - "key": "under_utilized_swap_space_percentage", - "value": "5.0", - "description": "NOT USED YET : Average swap memory percentage threshold for under-utilized database" + "key": "under_utilized_cpu_percentage_database", + "value": "10.0", + "description": "Average CPU utilization threshold for under-utilized RDS instances" }, { "key": "cloudwatch_config_duration", diff --git a/docs/rules/auto_scaling_group_optimization_rule.md b/docs/rules/auto_scaling_group_optimization_rule.md new file mode 100644 index 00000000..fb150f96 --- /dev/null +++ b/docs/rules/auto_scaling_group_optimization_rule.md @@ -0,0 +1,18 @@ +# auto\_scaling\_group\_optimization\_rule + +1. Check if MixedInstancePolicy is used or not +2. Check if LB attached to ALB is needed or not +3. Suggest migration to SpotFleet + +## Permissions + +* [ec2:DescribeRegions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) +* [autoscaling:DescribeAutoScalingGroups](https://docs.aws.amazon.com/cli/latest/reference/autoscaling/describe-auto-scaling-groups.html) + +## Config Parameters used + +* included\_tag +* excluded\_tag + + + diff --git a/docs/rules/cache_upgrade_rule.md b/docs/rules/cache_upgrade_rule.md new file mode 100644 index 00000000..0f9f4e08 --- /dev/null +++ b/docs/rules/cache_upgrade_rule.md @@ -0,0 +1,16 @@ +# cache\_upgrade\_rule + +Check if ElastiCache instances are using latest generation of instances. + +## Permissions + +* [ec2:DescribeRegions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) +* [elasticache:DescribeCacheClusters](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-clusters.html) + +## Config Parameters used + +* included\_tag +* excluded\_tag + + + diff --git a/docs/rules/database_upgrade_rule.md b/docs/rules/database_upgrade_rule.md index fcf5a426..df97b978 100644 --- a/docs/rules/database_upgrade_rule.md +++ b/docs/rules/database_upgrade_rule.md @@ -1,12 +1,18 @@ # database\_upgrade\_rule -Check if RDS instances can be optimized. +1. Check if RDS instances are using latest generation of instances +2. Suggest migration of MySQL, Postgres and Mariadb to Amazon Aurora as it offers better price to performance ration ## Permissions * [ec2:DescribeRegions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) * [rds:DescribeDBInstances](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-instances.html) +## Config Parameters used + +* included\_tag +* excluded\_tag + diff --git a/docs/rules/delete_orphan_instance_storage_rule.md b/docs/rules/delete_orphan_instance_storage_rule.md index 00b332c4..5e743b5c 100644 --- a/docs/rules/delete_orphan_instance_storage_rule.md +++ b/docs/rules/delete_orphan_instance_storage_rule.md @@ -9,3 +9,8 @@ This rule check if there are orphan EBS drives \(EBS drives which is not attache * [ec2:DescribeRegions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) * [ec2:DescribeVolumes](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeVolumes.html) +## Config Parameters used + +* included\_tag +* excluded\_tag + diff --git a/docs/rules/dev_resources_rule.md b/docs/rules/dev_resources_rule.md index e7feb1e8..b566387f 100644 --- a/docs/rules/dev_resources_rule.md +++ b/docs/rules/dev_resources_rule.md @@ -9,3 +9,8 @@ This rule analyze tags on resources to find development, QA, staging resources. * [ec2:DescribeRegions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) * [ec2:DescribeInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) +## Config Parameters used + +* included\_tag +* excluded\_tag + diff --git a/docs/rules/older_ec2_generation_rule.md b/docs/rules/instance_upgrade_rule.md similarity index 87% rename from docs/rules/older_ec2_generation_rule.md rename to docs/rules/instance_upgrade_rule.md index 6234069c..c3354ee4 100644 --- a/docs/rules/older_ec2_generation_rule.md +++ b/docs/rules/instance_upgrade_rule.md @@ -1,4 +1,4 @@ -# older\_generation\_instance\_rule +# instance\_upgrade\_rule Newer generation of EC2 are cheaper and offers better price to performance ration, e.g **t3a** instances are around 15% cheaper than **t2** instances @@ -11,6 +11,11 @@ Newer generation of EC2 are cheaper and offers better price to performance ratio * [ec2:DescribeRegions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) * [ec2:DescribeInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) +## Config Parameters used + +* included\_tag +* excluded\_tag + diff --git a/docs/rules/migration_to_docker_rule.md b/docs/rules/migration_to_docker_rule.md index a9dab695..00565b87 100644 --- a/docs/rules/migration_to_docker_rule.md +++ b/docs/rules/migration_to_docker_rule.md @@ -7,6 +7,13 @@ Check if Elastic Beanstalk is used or not, if yes then suggest migration to Dock * [ec2:DescribeRegions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) * [ec2:DescribeInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) +## Config Parameters used + +* included\_tag +* excluded\_tag + + + diff --git a/docs/rules/too_many_instance_images_rule.md b/docs/rules/too_many_instance_images_rule.md index db164d76..931472be 100644 --- a/docs/rules/too_many_instance_images_rule.md +++ b/docs/rules/too_many_instance_images_rule.md @@ -9,3 +9,9 @@ This rule checks if there are too many AMI present. * [ec2:DescribeRegions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeRegions.html) * [ec2:DescribeImages](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html) +## Config Parameters used + +* included\_tag +* excluded\_tag +* too\_many\_ami\_threshold + diff --git a/docs/rules/under_utilized_database_rule.md b/docs/rules/under_utilized_database_rule.md index 3e4926b2..1b6a0ca1 100644 --- a/docs/rules/under_utilized_database_rule.md +++ b/docs/rules/under_utilized_database_rule.md @@ -1,6 +1,6 @@ # under\_utilized\_database\_rule -This rule checks if average CPU utilization of RDS is below 10%, analysis window is controlled by **cloudwatch\_config\_duration** config param \(default is 1 week\) +This rule checks if average CPU utilization of RDS is below 10% ## Permissions @@ -8,5 +8,12 @@ This rule checks if average CPU utilization of RDS is below 10%, analysis window * [rds:DescribeDBInstances](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-instances.html) * [cloudwatch:GetMetricStatistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStatistics.html) +## Config Parameters used + +* included\_tag +* excluded\_tag +* under\_utilized\_cpu\_percentage\_database +* cloudwatch\_config\_duration + diff --git a/docs/rules/under_utilized_instance_cpu_rule.md b/docs/rules/under_utilized_instance_rule.md similarity index 71% rename from docs/rules/under_utilized_instance_cpu_rule.md rename to docs/rules/under_utilized_instance_rule.md index fdce0bd3..7bd1d041 100644 --- a/docs/rules/under_utilized_instance_cpu_rule.md +++ b/docs/rules/under_utilized_instance_rule.md @@ -1,6 +1,6 @@ -# under\_utilized\_instance\_cpu\_rule +# under\_utilized\_instance\_rule -This rule checks if average CPU utilization is below threshold level \(default is 30% , refer **under\_utilized\_cpu\_percentage** config param\) , analysis window is controlled by **cloudwatch\_config\_duration** config param \(default is 1 week\) +This rule checks if average CPU utilization is below threshold level Only \[a1, t3, t3a, t2, m6g, m5d, m5, m5a, m5ad, m5n, m5dn, m4, m1, t1, m3, c5, c5d, c5n, c4, c3, c1\] instance families are analyzed. @@ -10,5 +10,12 @@ Only \[a1, t3, t3a, t2, m6g, m5d, m5, m5a, m5ad, m5n, m5dn, m4, m1, t1, m3, c5, * [ec2:DescribeInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) * [cloudwatch:GetMetricStatistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStatistics.html) +## Config Parameters used + +* included\_tag +* excluded\_tag +* under\_utilized\_cpu\_percentage\_instance +* cloudwatch\_config\_duration + diff --git a/docs/setup.md b/docs/setup.md index 52245223..df333262 100644 --- a/docs/setup.md +++ b/docs/setup.md @@ -17,6 +17,8 @@ Below are the aggregated permissions IAM user need for execution all rules. * [ec2:DescribeImages](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html) * [cloudwatch:GetMetricStatistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStatistics.html) * [rds:DescribeDBInstances](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-instances.html) +* [elasticache:DescribeCacheClusters](https://docs.aws.amazon.com/cli/latest/reference/elasticache/describe-cache-clusters.html) +* [autoscaling:DescribeAutoScalingGroups](https://docs.aws.amazon.com/cli/latest/reference/autoscaling/describe-auto-scaling-groups.html) ## Screenshot