check_ec2

aws.cfg

#/etc/nagios-plugins/config/check_aws
#
#
# 'check_aws' command definition
define command{
	command_name	check_ec2
	command_line	/usr/lib/nagios/plugins/check_aws
	}

check_aws

#/usr/lib/nagios/plugins/check_aws
#
#

#!/usr/bin/env ruby
require 'cgi'
require 'base64'
require 'net/https'
require 'openssl'
require 'rexml/document' 

Net::HTTP.version_1_2

class EC2Client
  API_VERSION = '2011-12-15'
  SIGNATURE_VERSION = 2

  def initialize(accessKeyId, secretAccessKey, endpoint, algorithm = :SHA256)
    @accessKeyId = accessKeyId
    @secretAccessKey = secretAccessKey
    @endpoint = endpoint
    @algorithm = algorithm
  end

  def query(action, params = {})
    params = {
      :Action           => action,
      :Version          => API_VERSION,
      :Timestamp        => Time.now.getutc.strftime('%Y-%m-%dT%H:%M:%SZ'),
      :SignatureVersion => SIGNATURE_VERSION,
      :SignatureMethod  => "Hmac#{@algorithm}",
      :AWSAccessKeyId   => @accessKeyId,
    }.merge(params)

    signature = aws_sign(params)
    params[:Signature] = signature

    https = Net::HTTP.new(@endpoint, 443)
    https.use_ssl = true
    https.verify_mode = OpenSSL::SSL::VERIFY_NONE

    https.start do |w|
      req = Net::HTTP::Post.new('/',
        'Host' => @endpoint,
        'Content-Type' => 'application/x-www-form-urlencoded'
      )

      req.set_form_data(params)
      res = w.request(req)

      res.body
    end
  end

  private
  def aws_sign(params)
    params = params.sort_by {|a, b| a.to_s }.map {|k, v| "#{CGI.escape(k.to_s)}=#{CGI.escape(v.to_s)}" }.join('&')
    string_to_sign = "POST\n#{@endpoint}\n/\n#{params}"
    digest = OpenSSL::HMAC.digest(OpenSSL::Digest.const_get(@algorithm).new, @secretAccessKey, string_to_sign)
    Base64.encode64(digest).gsub("\n", '')
  end
end # EC2Client

ACCESS_KEY_ID = '<access_key_id>'
SECRET_ACCESS_KEY = '<secret_access_key>'
#ENDPOINT = 'ec2.ap-northeast-1.amazonaws.com'

ENDPOINTS_AVAILABLED = 
[
'ec2.us-east-1.amazonaws.com',
'ec2.us-west-2.amazonaws.com',
'ec2.us-west-1.amazonaws.com',
'ec2.eu-west-1.amazonaws.com',
'ec2.ap-southeast-1.amazonaws.com',
'ec2.ap-northeast-1.amazonaws.com',
'ec2.sa-east-1.amazonaws.com'
]

ENDPOINTS_ENABLED = 
[
'ec2.us-east-1.amazonaws.com',
#'ec2.us-west-2.amazonaws.com',
'ec2.us-west-1.amazonaws.com',
#'ec2.eu-west-1.amazonaws.com',
#'ec2.ap-southeast-1.amazonaws.com',
'ec2.ap-northeast-1.amazonaws.com',
#'ec2.sa-east-1.amazonaws.com'
]

errors = []

ENDPOINTS_ENABLED.each do |end_point|

	ec2cli = EC2Client.new(ACCESS_KEY_ID, SECRET_ACCESS_KEY, end_point)
	source = ec2cli.query('DescribeInstanceStatus')

	doc = REXML::Document.new(source)
	#errors = []

	doc.each_element('/DescribeInstanceStatusResponse/instanceStatusSet/item') do |item|
	  eventsSet = item.elements['eventsSet']
	  next unless eventsSet

	  instance_id = item.text('instanceId')
	  az = item.text('availabilityZone')

	  eventsSet.each_element('item') do |i|
	    code = i.text('code')
	    description = i.text('description')
	    not_after = i.text('notAfter')
	    not_before = i.text('notBefore')

	    errors << "#{instance_id}:#{code}"
	    # 間違い
	    #errors << "#{instance_id}:#{code}" unless description =~ /Completed/
	  end
	end
end

unless errors.empty?
  puts errors.join(', ')
  exit 2
end

puts 'OK'

gistfile1.txt

original post: 
http://d.hatena.ne.jp/winebarrel/20120110/p1

region_data:
http://docs.amazonwebservices.com/general/latest/gr/rande.html#ec2_region

localhost_nagios2.cfg

#/etc/nagios3/conf.d/localhost_nagios2.cfg
#
#
define service{
        use                             generic-service         ; Name of service template to use
        host_name                       localhost
        service_description             AWS EC2 Scheduled maintenance
        check_command                   check_ec2
        }