Sign upLogin

sensu-plugins/sensu-plugins-aws

View on GitHub
Star
bin/check-trustedadvisor-service-limits.rb

Summary

Maintainability
A
1 hr
Test Coverage
#! /usr/bin/env ruby
#
# check-trustedadvisor-service-limits
#
#
# DESCRIPTION:
#   This plugin uses Trusted Advisor API to perform check for
#   service limits. Trigger 'critical' on sensu for services
#   that are not 'Green'.
#
#   IAM requires AWSSupportAccess policy enabled.
#
#   https://aws.amazon.com/premiumsupport/ta-faqs/
#
#
# OUTPUT:
#   plain-text
#
# PLATFORMS:
#   Linux
#
# DEPENDENCIES:
#   gem: aws-sdk-v1
#   gem: sensu-plugin
#
# USAGE:
#  ./check-trustedadvisor-service-limits.rb -l {en|ja}
#
# NOTES:
#
# LICENSE:
#   Seandy Wibowo <swibowo@sugarcrm.com>
#   Released under the same terms as Sensu (the MIT license); see LICENSE
#   for details.

require 'sensu-plugin/check/cli'
require 'sensu-plugins-aws'
require 'aws-sdk'

class CheckTrustedAdvisorServiceLimits < Sensu::Plugin::Check::CLI
  include Common
  option :aws_language,
         short: '-l AWS_LANGUAGE',
         long: '--aws-language AWS_LANGUAGE',
         description: "ISO 639-1 language code to be used when querying Trusted Advisor API. Only 'en' and 'ja' supported for now",
         default: 'en'

  def aws_support
    # The Support endpoint seems to only available in us-east-1 region
    # http://docs.aws.amazon.com/sdkforruby/api/Aws/Support.html
    @aws_support ||= Aws::Support::Client.new(region: 'us-east-1')
  end

  def run
    service_limit_msg = []

    begin
      # Get all check IDs with category "service_limits"
      check_ids = []
      aws_support.describe_trusted_advisor_checks(language: config[:aws_language])[:checks].each { |c| check_ids << c.id if c.category == 'service_limits' }

      # Get all checks that are not "ok"
      checks_not_ok = []
      aws_support.describe_trusted_advisor_check_summaries(check_ids: check_ids)[:summaries].each { |c| checks_not_ok << c.check_id if c.status != 'ok' }

      checks_not_ok.each do |cno|
        aws_support.describe_trusted_advisor_check_result(language: config[:aws_language], check_id: cno)[:result][:flagged_resources].each do |slr|
          # Data structure will be as follow
          # ["<region>", "<service>", "<description>", "<limit>", "<usage>", "<status>"]
          sl_region, sl_service, sl_description, sl_limit, sl_usage, sl_status = slr[:metadata]

          next if slr.status == 'ok' || sl_status == 'Green'

          sl_usage = 0 if sl_usage.nil?

          sl_msg = "#{sl_service} (#{sl_region}) #{sl_description} #{sl_usage} out of #{sl_limit}"
          service_limit_msg.push(sl_msg)
        end
      end
    rescue StandardError => e
      unknown "An error occurred processing AWS TrustedAdvisor API: #{e.message}"
    end

    if service_limit_msg.empty?
      ok
    else
      critical("Services hitting usage limit: #{service_limit_msg.join(', ')}")
    end
  end
end