10 Boto3 scripts to simplify your AWS journey
If you are using AWS, you will definitely understand the importance of Boto3. Boto3 is the Amazon Web Services (AWS) SDK for Python. It enables Python developers to create, configure, and manage AWS services, such as EC2 and S3. Boto3 provides an easy-to-use, object-oriented API, as well as low-level access to AWS services.
While automation is important in any environment, especially in the cloud when dealing with hundreds or thousands of servers, I have put together a youtube video with 10 important boto3 scripts that simplify my daily job. This might not be a concrete list, but it’s useful for any beginner to get started.
NOTE: As this is not the concrete list, please mention in the comment section if you are using any script in your environment which is not listed here.
If you are new to boto3, please check the below blogs or youtube videos
1. Stop and Start EC2 instance a regular basis
This is one of the common tasks we encounter in a development environment where we need to stop instances on a nightly basis to save cost. Please check the doc for more info.
GitHub link
NOTE: AWS now has a service called AWS Instance Scheduler to perform the same task
2. Rotate IAM Keys
To follow the security best practice we must need to rotate IAM keys on the regular basis. If these IAM keys will be leaked anyone can gain access to your AWS account.
GitHub Code
3. Cleanup AMI
Amazon Machine Image(AMI) has a huge impact on your AWS bill. You have a lot of AMI in your environment if you have some automated process that created AMI on the regular basis. In order to lower your bill, it’s a good practice to clean up AMI, not in use.
4. Cleanup unused EBS Volume
This script again helps you to lower down the cost. If you have an environment where you are bringing instances up and down on the regular basis then there is a possibility that you have a lot of unused EBS volume sitting there and increasing your AWS bill.
GitHub Code
5. Creating EBS Snapshot
Snapshots are a great way to protect your data. Snapshot acts as a backup and helps you in data recovery in case of disaster or when you want to perform a rollback at a certain point in time.
GitHub Code
6. Send email via SNS and SES
This is one of the common tasks we encounter where we need to send an email to notify users. For e.g. once the snapshot creation is finished trigger an email. This we can do with the help of Simple Notification Service(SNS) or Simple Email Service(SES).
GitHub Code
7. Script to check if VPC Flowlog is enabled
We all understand the importance of flow logs and it's used to capture IP traffic information and it’s useful to troubleshoot network issue. If you want to do some audit where you need to check if the flow log is enabled for all VPC’s and if it is not enabled.
GitHub Code:
8. To make AWS S3 objects private
There may be cases where your user accidentally makes the S3 object public which is a huge security risk. The below boto3 script will help you identify if any of your S3 objects are public and revert it back to the private object.
GitHub Code
9. Cleanup EBS Snapshot
Again to reduce your AWS bill, it's a good idea to clean up snapshots on the regular basis.
GitHub Code
10. CloudWatch to Slack Integration
Slack is now become a defacto standard to get notifications. AWS already provides the lambda function blueprint in order to configure integration between cloudwatch and slack. Please check the below video or doc for more info
Lastly, first of all, thanks to everyone who participated in 2019 for my 100 Days of DevOps journey http://100daysofdevops.com/day-100-100-days-of-devops/
Starting from July 1, 2021, I have restarted the program again, with a new name, 101DaysofDevOps, and this time, it will be bigger and better :-). However, the fundamental idea will be the same, spend at least one hour every day for the next 101 days in Sharing DevOps knowledge. This time the main focus is automation, and rather than writing long doc focus(but enough theoretical knowledge to get you started), it will be more on Videos.
Course Registration link: https://www.101daysofdevops.com/register/ Course Link: https://www.101daysofdevops.com/courses/101-days-of-devops/
I am looking forward to you guys joining the amazing journey.
