Last active
June 1, 2021 15:30
-
-
Save mgangl/3678e4e153b532777134ed0deee304e7 to your computer and use it in GitHub Desktop.
NGAP AMI Compliance Check
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
for var in "$@" | |
do | |
echo "Checking NGAP compliance for $var" | |
export AWS_ACCOUNT=`aws sts get-caller-identity --profile $var | jq -r .Account` | |
export LATEST_AMI=`aws ssm get-parameter --name image_id_amz2 --profile $var | jq -r .Parameter.Value` | |
export LATEST_ECS_AMI=`aws ssm get-parameter --name image_id_ecs_amz2 --profile $var | jq -r .Parameter.Value` | |
echo "Latest AMI: $LATEST_AMI" | |
echo "Latest ECS AMI: $LATEST_ECS_AMI" | |
echo "Account: $AWS_ACCOUNT" | |
echo "Non Compliant instance-Ids" | |
aws ec2 describe-instances --filter Name=instance-state-name,Values=running --profile $var | jq ".Reservations[] | select((.Instances[0].ImageId!=\"$LATEST_AMI\") and (.Instances[0].ImageId!=\"$LATEST_ECS_AMI\"))" | jq -r "(.Instances[0]| .InstanceId +\" \" + (.Tags | from_entries | .Name))" | sort | uniq | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Changed:
4/2/2020
Before Time...