Skip to content

omerh/awsctl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

90 Commits
cmd/awsctl/cmd
cmd/awsctl/cmd
 
 
pkg
pkg
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
CLAUDE.md
CLAUDE.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

awsctl

This is a small maintanence tool for managing aws infrastructure easily with a single binary on a region or all regions at a single command

Tool is built using cobra, for getting started just run awsctl and see the example commands available.

To use the tool with dry run just run the command, the really execute add --yes

Optional output as json using -o json

WIP: Optionl slack message using --slack and setting environment variable AWSCTL_SLACK_URL

build

# Use go modules add the following env var GO111MODULE=on
go build -ldflags "-s -w"

Example commands

Get all EC2 events from all regions

awsctl get ec2 events -r all

List regions

awsctl list regions

List availablity zones in a region

awsctl list azs --region us-east-1

Delete all unused EBS in all regions

awsctl delete ebs --region all --yes

Set cloudwatch logs with no expirey to 14 days expiry

awsctl set cloudwatch --region all --retention 14 --yes

Manage RDS insatnces or clusters

awsctl get rds --region all  --type instance #or cluster
awsctl get rdssnapshots --region all  --type instance --name db01
awsctl delete rdssnapshots --name db01 --type instance --region all --older 14 --yes

ECR Opertaion for setting lifecycle policy to untagged repositories

awsctl set ecrregistrypolicy -r eu-west-2 --retention 7

ECR Repository configuration to scanOnPush repository for vulnerabilities

awsctl set ecrscanonpush --region eu-west-1 --scan true  --yes
awsctl set ecrscanonpush --region all --scan true  --yes

ACM Certificates

awsctl get certificates --region ue-east-1    # Get all expiring and expired certificates in region or all regions, for all expiring certificates it analyses why aren't the certificates being renewed automatically
awsctl delete certificates --region all --yes # Delete all unused certificates from the account

Cloudwatch Alarms

Currently tested on Errors metric for lambda

# Single lambda
awsctl set cloudwatchalarm --resource lambda --metric errors --region eu-west-2 --arn arn:aws:lambda:eu-west-2:000000000000:function:test --threshold 3 --action arn:aws:sns:eu-west-2:000000000000:SNSToSlack --yes

# All lambdas
awsctl set cloudwatchalarm --resource lambda --metric errors --region eu-west-2 --threshold 3 --action arn:aws:sns:eu-west-2:000000000000:SNSToSlack --yes

# All lambdas in all regions
awsctl set cloudwatchalarm --resource lambda --metric errors --region all --threshold 3 --action arn:aws:sns:eu-west-2:000000000000:SNSToSlack --yes

Delete network interfaces

awsctl delete ni --region eu-west-2 --filter available --yes

Delete old ECR images in a region or in all regions

awsctl delete ecr -r eu-west-2 --keep 20 --yes # This will keep 20 newest images for all repositories in the region

Get simple reservation status on all of your regions

awsctl get ri -r all

For any missing action please open an issue for a feature request.

Contributing

Fork, implement, add tests, pull request, get my everlasting thanks and a respectable place here :).

Copyright

Copyright (c) 2019 Omer Haim, @omerhaim. See LICENSE for further details.

About

Control AWS infrastructure easily from a single command line written in Go

Topics

go golang aws ec2 aws-sdk cloudwatch ebs aws-sdk-go rds eip

Resources

Readme

License

MIT license
Activity

Stars

99 stars

Watchers

5 watching

Forks

9 forks
Report repository

Releases 15

v0.0.16 Latest
Sep 7, 2025
+ 14 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages