sensu-plugins-aws 18.3.0 → 18.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bb986d62da220b60b0f2e66794be82bbbf685320d42e7f126d1454e672ee7915
-  data.tar.gz: 1c3b455fb96f1d194af0a12693fc6ecd127114379eb14bd88352f6aad5bcbc8c
+  metadata.gz: '08a495ed02c8b0ce9e71fef7101443deaac2bb54dc8b7e8626019c16133a7a6a'
+  data.tar.gz: '012180e71e2b13044af8a0dca92f9ed857a10008c8f97cf7fdd8da5ed4d1f8f3'
 SHA512:
-  metadata.gz: b6ebc68a7983287cc91e5411cb70e589500880e9a5181259bcf4b1ee63520d666eb357b286eed8ce91b4953c8671b21cc8b0ecc934ac6575f85b968e51dde279
-  data.tar.gz: d45fe80f8643a31112732663e58048e0947d2a95883cf9f37d97f19009a9a66ea27a139c616825c87b4e8844ff5196f39f00beac13d8b76df9998addea08527b
+  metadata.gz: d55ba1c776ced6216e4d765613b4325420fe1db77fc0ebb33ff0331234848d975515065a83ce7722eb7beaa051ea27a237140415c360c9a5c1e2383efe9262f3
+  data.tar.gz: 37b1a9dd624e84b3798714296f6fb1182a91823de932530a586cd1f38a2cdeb36877f7316d4cfaf30188fe82a286cc1ad816f8c1d02ff70155edbcf926c627dc

data/CHANGELOG.md

@@ -5,6 +5,39 @@ This CHANGELOG follows the format listed [here](https://github.com/sensu-plugins
 
 ## [Unreleased]
 
+## 18.6.0
+### Added
+- `check-subnet-ip-consumption.rb` - Added `--warn-only` option (@ChrisCalavera)
+- new `metrics-reservation-utilization.rb`: retrieve metrics about reserved instances usage. (@boutetnico)
+- `check-ebs-burst-limit.rb`: add `--tag`/`-t` option to specify a volume tag to output in status message. (@boutetnico)
+- check-instance-events.rb: re-instate assume-role functionality (@pmiles)
+- new `check-expiring-reservations.rb`: check instance reservations and warn about upcoming expiration. (@boutetnico)
+- check-cloudwatch-alarm-multi.rb: Add check that will raise a critical if one of cloud watch alarms are in given state, and a critical for each alarm in given state. (@stevenayers)
+- `check-cloudwatch-alarms.rb`: `--name-prefix`/`-p` option added to filter alarm names by a prefix. (@boutetnico)
+
+### Fixed
+- `check-sqs-messages.rb`: properly surface false positives when pulling an unsupported metric (@majormoses)
+- - Prevent the retrieval of all db instances when the `db_cluster_id` option is specified and the `db_instance_id` option is not specified
+- updated `.bonsai.yml` to match with other plugins (CentOS6/8 support, etc.) (@nixwiz)
+
+## [18.5.0] - 2020-01-28
+### Changed
+- `check-trustedadvisor-service-limits.rb`: Trusted Advisor combined Service Limits check ID 'eW7HH0l7J9' scheduled to be disabled on Feb 15 2020. Updated the script to go through every Service Limits checks and look for not 'ok' status. Outcome is the same. (@swibowo)
+- bumped version of `bundler` when installing to match travis, before installing dep ensure we have a required version of bundler for development (@majormoses)
+
+## [18.4.2] - 2019-09-23
+### Fixed
+- Properly parse `--db-cluster-id` option in `check-rds.rb` (@rwha)
+
+
+## [18.4.1] - 2019-08-21
+### Security
+- force newer version of nokogiri to address CVE-2019-5477 (@majormoses)
+
+## [18.4.0] - 2019-05-08
+### Added
+- `check-ebs-burst-limit.rb`: `--filter` option added to filter which volume to check. (@boutetnico)
+
 ## [18.3.0] - 2019-05-07
 ### Added
 - Travis build automation to generate Sensu Asset tarballs that can be used in conjunction with Sensu provided ruby runtime assets and the Bonsai Asset Index
@@ -582,7 +615,12 @@ WARNING:  This release contains major breaking changes that will impact all user
 ### Added
 - initial release
 
-[Unreleased]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.3.0...HEAD
+[Unreleased]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.6.0...HEAD
+[18.6.0]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.5.0...18.6.0
+[18.5.0]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.4.2...18.5.0
+[18.4.2]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.4.1...18.4.2
+[18.4.1]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.4.0...18.4.1
+[18.4.0]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.3.0...18.4.0
 [18.3.0]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.2.0...18.3.0
 [18.2.0]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.1.0...18.2.0
 [18.1.0]: https://github.com/sensu-plugins/sensu-plugins-aws/compare/18.0.0...18.1.0

data/README.md

@@ -23,6 +23,8 @@ The Sensu assets packaged from this repository are built against the Sensu Ruby
 
 **check-cloudwatch-alarm**
 
+**check-cloudwatch-alarm-multi**
+
 **check-cloudwatch-alarms**
 
 **check-cloudwatch-composite-metric**
@@ -169,6 +171,8 @@ The Sensu assets packaged from this repository are built against the Sensu Ruby
 * /bin/check-configservice-rules.rb
 * /bin/check-cloudfront-tag.rb
 * /bin/check-cloudwatch-alarm.rb
+* /bin/check-cloudwatch-alarm-multi.rb
+* /bin/check-cloudwatch-alarms.rb
 * /bin/check-cloudwatch-metric.rb
 * /bin/check-cloudwatch-composite-metric.rb
 * /bin/check-dynamodb-capacity.rb
@@ -192,6 +196,7 @@ The Sensu assets packaged from this repository are built against the Sensu Ruby
 * /bin/check-emr-cluster.rb
 * /bin/check-emr-steps.rb
 * /bin/check-eni-status.rb
+* /bin/check-expiring-reservations.rb
 * /bin/check-instance-events.rb
 * /bin/check-rds-events.rb
 * /bin/check-rds-pending.rb
@@ -221,6 +226,7 @@ The Sensu assets packaged from this repository are built against the Sensu Ruby
 * /bin/metrics-elb.rb
 * /bin/metrics-emr-steps.rb
 * /bin/metrics-rds.rb
+* /bin/metrics-reservation-utilization.rb
 * /bin/metrics-s3.rb
 * /bin/metrics-ses.rb
 * /bin/metrics-sqs.rb

data/bin/check-cloudwatch-alarm-multi.rb

@@ -0,0 +1,91 @@
+#! /usr/bin/env ruby
+#
+# check-cloudwatch-alarm-multi
+#
+# DESCRIPTION:
+#   This plugin raise a critical if one of cloud watch alarms are in given state, and a critical for
+#   each alarm in given state.
+#
+# OUTPUT:
+#   plain-text
+#
+# PLATFORMS:
+#   Linux
+#
+# DEPENDENCIES:
+#   gem: aws-sdk
+#   gem: sensu-plugin
+#
+# USAGE:
+#   ./check-cloudwatch-alarm-multi --exclude-alarms "CPUAlarmLow"
+#   ./check-cloudwatch-alarm-multi --region eu-west-1 --exclude-alarms "CPUAlarmLow"
+#
+# NOTES:
+#
+# LICENSE:
+#   Copyright (c) 2017, Steven Ayers, sayers@equalexperts.com
+#   Released under the same terms as Sensu (the MIT license); see LICENSE
+#   for details.
+#
+
+require 'sensu-plugin/check/cli'
+require 'sensu-plugins-aws/common'
+require 'aws-sdk'
+
+class CloudWatchCheck < Sensu::Plugin::Check::CLI
+  include Common
+
+  option :aws_region,
+         short: '-r AWS_REGION',
+         long: '--aws-region REGION',
+         description: 'AWS Region (defaults to us-east-1).',
+         default: 'us-east-1'
+
+  option :state,
+         description: 'State of the alarm',
+         short: '-s STATE',
+         long: '--state STATE',
+         default: 'ALARM'
+
+  option :exclude_alarms,
+         description: 'Exclude alarms',
+         short: '-e EXCLUDE_ALARMS',
+         long: '--exclude-alarms',
+         proc: proc { |a| a.split(',') },
+         default: []
+
+  def run
+    client = Aws::CloudWatch::Client.new
+    options = { state_value: config[:state] }
+    alarms = client.describe_alarms(options).metric_alarms
+
+    if alarms.empty?
+      ok "No alarms in '#{config[:state]}' state"
+    end
+
+    config[:exclude_alarms].each do |x|
+      alarms.delete_if { |alarm| alarm.alarm_name.match(x) }
+    end
+
+    alarm_names = alarms.map(&:alarm_name)
+
+    alarm_names.each do |alarm|
+      send_critical("check_cloudwatch_alarm_#{alarm}", "#{alarm} in '#{config[:state]}' state")
+    end
+
+    critical "#{alarms.size} in '#{config[:state]}' state: #{alarm_names.join(',')}" unless alarms.empty?
+  rescue StandardError => e
+    puts "Error: exception: #{e}"
+    critical
+  end
+
+  def sensu_client_socket(msg)
+    u = UDPSocket.new
+    u.send(msg + "\n", 0, '127.0.0.1', 3030)
+  end
+
+  def send_critical(check_name, msg)
+    d = { 'name' => check_name, 'status' => 2, 'output' => msg, 'handlers' => config[:handlers] }
+    sensu_client_socket d.to_json
+  end
+end

data/bin/check-cloudwatch-alarms.rb

@@ -16,8 +16,9 @@
 #   gem: sensu-plugin
 #
 # USAGE:
+#   ./check-cloudwatch-alarms --name-prefix "staging"
 #   ./check-cloudwatch-alarms --exclude-alarms "CPUAlarmLow"
-#   ./check-cloudwatch-alarms --region eu-west-1 --exclude-alarms "CPUAlarmLow"
+#   ./check-cloudwatch-alarms --aws-region eu-west-1 --exclude-alarms "CPUAlarmLow"
 #
 # NOTES:
 #
@@ -46,6 +47,12 @@ class CloudWatchCheck < Sensu::Plugin::Check::CLI
          long: '--state STATE',
          default: 'ALARM'
 
+  option :name_prefix,
+         description: 'Alarm name prefix',
+         short: '-p NAME_PREFIX',
+         long: '--name-prefix NAME_PREFIX',
+         default: ''
+
   option :exclude_alarms,
          description: 'Exclude alarms',
          short: '-e EXCLUDE_ALARMS',
@@ -57,6 +64,11 @@ class CloudWatchCheck < Sensu::Plugin::Check::CLI
     client = Aws::CloudWatch::Client.new
 
     options = { state_value: config[:state] }
+
+    unless config[:name_prefix].empty?
+      options[:alarm_name_prefix] = config[:name_prefix]
+    end
+
     alarms = client.describe_alarms(options).metric_alarms
 
     if alarms.empty?

data/bin/check-ebs-burst-limit.rb

@@ -19,7 +19,10 @@
 # USAGE:
 #   ./check-ebs-burst-limit.rb -r ${you_region}
 #   ./check-ebs-burst-limit.rb -r ${you_region} -c 50
+#   ./check-ebs-burst-limit.rb -r ${you_region} -c 50 -t Name
 #   ./check-ebs-burst-limit.rb -r ${you_region} -w 50 -c 10
+#   ./check-ebs-burst-limit.rb -r ${you_region} -w 50 -c 10 -f "{name:tag-value,values:[infrastructure]}"
+#   ./check-ebs-burst-limit.rb -r ${you_region} -w 50 -c 10 -f "{name:tag-value,values:[infrastructure]}" -t Name
 #
 # LICENSE:
 #   Barry Martin <nyxcharon@gmail.com>
@@ -29,11 +32,13 @@
 
 require 'sensu-plugin/check/cli'
 require 'sensu-plugins-aws'
+require 'sensu-plugins-aws/filter'
 require 'aws-sdk'
 require 'net/http'
 
 class CheckEbsBurstLimit < Sensu::Plugin::Check::CLI
   include CloudwatchCommon
+  include Filter
 
   option :aws_region,
          short:       '-r R',
@@ -41,6 +46,11 @@ class CheckEbsBurstLimit < Sensu::Plugin::Check::CLI
          description: 'AWS region, will be overridden by the -s option',
          default: 'us-east-1'
 
+  option :tag,
+         description: 'Add volume TAG value to warn/critical message.',
+         short: '-t TAG',
+         long: '--tag TAG'
+
   option :critical,
          description: 'Trigger a critical when ebs burst limit is under VALUE',
          short: '-c VALUE',
@@ -61,29 +71,38 @@ class CheckEbsBurstLimit < Sensu::Plugin::Check::CLI
          boolean: true,
          default: false
 
+  option :filter,
+         short: '-f FILTER',
+         long: '--filter FILTER',
+         description: 'String representation of the filter to apply',
+         default: '{}'
+
+  def volume_tag(volume, tag_name)
+    tag = volume.tags.select { |t| t.key == tag_name }.first
+    tag.nil? ? '' : tag.value
+  end
+
   def run
     errors = []
 
+    volume_filters = Filter.parse(config[:filter])
+
     # Set the describe-volumes filter depending on whether -s was specified
     if config[:check_self] == true
       # Get the region from the availability zone, and override the -r option
       my_instance_az = Net::HTTP.get(URI.parse('http://169.254.169.254/latest/meta-data/placement/availability-zone'))
       Aws.config[:region] = my_instance_az.chop
       my_instance_id = Net::HTTP.get(URI.parse('http://169.254.169.254/latest/meta-data/instance-id'))
-      volume_filters = [
-        {
-          name: 'attachment.instance-id',
-          values: [my_instance_id]
-        }
-      ]
+      volume_filters.push(
+        name: 'attachment.instance-id',
+        values: [my_instance_id]
+      )
     else
       # The -s option was not specified, look at all volumes which are attached
-      volume_filters = [
-        {
-          name: 'attachment.status',
-          values: ['attached']
-        }
-      ]
+      volume_filters.push(
+        name: 'attachment.status',
+        values: ['attached']
+      )
     end
 
     ec2 = Aws::EC2::Client.new
@@ -100,13 +119,14 @@ class CheckEbsBurstLimit < Sensu::Plugin::Check::CLI
     volumes[:volumes].each do |volume|
       config[:dimensions] = []
       config[:dimensions] << { name: 'VolumeId', value: volume[:volume_id] }
+      volume_tag = config[:tag] ? " (#{volume_tag(volume, config[:tag])})" : ''
       resp = client.get_metric_statistics(metrics_request(config))
       unless resp.datapoints.first.nil?
         if resp.datapoints.first[:average] < config[:critical]
-          errors << "#{volume[:volume_id]} #{resp.datapoints.first[:average]}"
+          errors << "#{volume[:volume_id]}#{volume_tag} #{resp.datapoints.first[:average]}"
           crit = true
         elsif config[:warning] && resp.datapoints.first[:average] < config[:warning]
-          errors << "#{volume[:volume_id]} #{resp.datapoints.first[:average]}"
+          errors << "#{volume[:volume_id]}#{volume_tag} #{resp.datapoints.first[:average]}"
           should_warn = true
         end
       end

data/bin/check-expiring-reservations.rb

@@ -0,0 +1,117 @@
+#! /usr/bin/env ruby
+#
+# expiring-reservations
+#
+# DESCRIPTION:
+#   Alert on expiring reservations of an AWS account.
+#
+# OUTPUT:
+#   plain-text
+#
+# PLATFORMS:
+#   Linux
+#
+# DEPENDENCIES:
+#   gem: aws-sdk
+#   gem: sensu-plugin
+#   gem: sensu-plugins-aws
+#
+# USAGE:
+#   check-expiring-reservations.rb
+#
+# NOTES:
+#
+# LICENSE:
+#   Copyright (c) 2019, Nicolas Boutet amd3002@gmail.com
+#   Released under the same terms as Sensu (the MIT license); see LICENSE
+#   for details.
+#
+
+require 'sensu-plugin/check/cli'
+require 'aws-sdk'
+require 'sensu-plugins-aws'
+
+class CheckExpiringReservations < Sensu::Plugin::Check::CLI
+  include Common
+
+  option :reservation_id,
+         description: 'Reservation id (defaults to all reservations if omitted)',
+         short:       '-R RESERVATION_ID',
+         long:        '--reservation-id RESERVATION_ID',
+         default:     nil
+
+  option :offering_class,
+         description: 'The offering class of the Reserved Instance (standard or convertible)',
+         short:       '-o OFFERING_CLASS',
+         long:        '--offering-class OFFERING_CLASS',
+         default:     'standard'
+
+  option :aws_region,
+         short:       '-r AWS_REGION',
+         long:        '--aws-region REGION',
+         description: 'AWS Region (defaults to us-east-1).',
+         default:     'us-east-1'
+
+  option :warning,
+         short:       '-w N',
+         long:        '--warning VALUE',
+         description: 'Issue a warning if a reservation will expire in under VALUE days',
+         default:     0,
+         proc:        proc(&:to_i)
+
+  option :critical,
+         short:       '-c N',
+         long:        '--critical VALUE',
+         description: 'Issue a critical if a reservation will expire in under VALUE days',
+         default:     1,
+         proc:        proc(&:to_i)
+
+  def run
+    begin
+      client = Aws::EC2::Client.new(aws_config)
+
+      params = {
+        filters: [
+          {
+            name: 'state',
+            values: ['active']
+          }
+        ],
+        offering_class: config[:offering_class]
+      }
+
+      unless config[:reservation_id].nil?
+        params[:reserved_instances_ids] = [config[:reservation_id]]
+      end
+
+      reservations = client.describe_reserved_instances(params)
+
+      warnflag = false
+      critflag = false
+      reportstring = ''
+
+      reservations.reserved_instances.each do |reservation|
+        time_left = (reservation.end - Time.now).abs.to_i / (24 * 60 * 60)
+
+        if time_left <= config[:critical]
+          critflag = true
+          reportstring += " reservation #{reservation.reserved_instances_id} (#{reservation.instance_type} x #{reservation.instance_count}) expires in #{time_left} days;"
+        elsif time_left <= config[:warning]
+          warnflag = true
+          reportstring += " reservation #{reservation.reserved_instances_id} (#{reservation.instance_type} x #{reservation.instance_count}) expires in #{time_left} days;"
+        end
+      end
+
+      if critflag
+        critical reportstring
+      elsif warnflag
+        warning reportstring
+      else
+        ok 'All checked reservations are ok'
+      end
+    rescue StandardError => e
+      critical "Error: exception: #{e}"
+    end
+    ok
+  end
+end

data/bin/check-instance-events.rb

@@ -67,6 +67,11 @@ class CheckInstanceEvents < Sensu::Plugin::Check::CLI
          description: "Includes any offending instance's 'Name' tag in the check output",
          default: false
 
+  option :role,
+         short:       '-R ASSUME_ROLE',
+         long:        '--assume-role-arn ARN',
+         description: 'IAM Role to assume'
+
   def aws_config
     { access_key_id: config[:aws_access_key],
       secret_access_key: config[:aws_secret_access_key],
@@ -77,6 +82,23 @@ class CheckInstanceEvents < Sensu::Plugin::Check::CLI
     Aws.partition('aws').regions.map(&:name)
   end
 
+  def assume_role
+    role_config = aws_config
+
+    # Delete keys so we can use an IAM role
+    role_config.delete(:access_key_id)
+    role_config.delete(:secret_access_key)
+
+    Aws.config[:region] = role_config[:region]
+
+    role_credentials = Aws::AssumeRoleCredentials.new(
+      role_arn: config[:role],
+      role_session_name: 'sensu-monitoring'
+    )
+
+    role_config.merge!(credentials: role_credentials)
+  end
+
   def run
     event_instances = []
     aws_config = {}

data/bin/check-rds.rb

@@ -161,7 +161,7 @@ class CheckRDS < Sensu::Plugin::Check::CLI
 
   def find_db_cluster_writer(id)
     wr = rds.describe_db_clusters(db_cluster_identifier: id).db_clusters[0].db_cluster_members.detect(&:is_cluster_writer).db_instance_identifier
-    unknown 'DB cluster not found.' if cl.nil?
+    unknown 'DB cluster not found.' if wr.nil?
     wr
   end
 
@@ -321,11 +321,9 @@ class CheckRDS < Sensu::Plugin::Check::CLI
   def run
     instances = []
     if config[:db_cluster_id]
-      db_cluster_writer_id = find_db_cluster_writer(db_cluster_id)
+      db_cluster_writer_id = find_db_cluster_writer(config[:db_cluster_id])
       instances << find_db_instance(db_cluster_writer_id)
-    end
-
-    if config[:db_instance_id].nil? || config[:db_instance_id].empty?
+    elsif config[:db_instance_id].nil? || config[:db_instance_id].empty?
       rds.describe_db_instances[:db_instances].map { |db| instances << db }
     else
       instances << find_db_instance(config[:db_instance_id])

data/bin/check-sqs-messages.rb

@@ -118,7 +118,16 @@ class SQSMsgs < Sensu::Plugin::Check::CLI
       queues = config[:queues]
       queues.each do |q|
         url = sqs.get_queue_by_name(queue_name: q).url
-        messages = sqs.client.get_queue_attributes(queue_url: url, attribute_names: ['All']).attributes[config[:metric]].to_i
+        messages = sqs.client.get_queue_attributes(queue_url: url, attribute_names: ['All'])
+        if messages.attributes.key(config[:metric])
+          messages = messages.attributes([config[:metric]]).to_i
+        else
+          failure_msg = <<~MESSAGE
+            failed to pull metric #{config[:metric]} on queue: #{q}.
+            available attributes: #{messages.attributes}
+          MESSAGE
+          unknown failure_msg
+        end
 
         if (config[:crit_under] >= 0 && messages < config[:crit_under]) || (config[:crit_over] >= 0 && messages > config[:crit_over])
           crits << "#{messages} message(s) in #{q}"

data/bin/check-subnet-ip-consumption.rb

@@ -74,6 +74,13 @@ class CheckSubnetIpConsumption < Sensu::Plugin::Check::CLI
          default:     0,
          description: 'Manipulate the verbosity of the alert output. Valid options are 0, 1, and 2 (from least to most verbose). Default is 0.'
 
+  option :warn_only,
+         short:       '-w',
+         long:        '--warn-only',
+         boolean:     true,
+         default:     false,
+         description: 'Warning only'
+
   def iam_client
     @iam_client ||= Aws::IAM::Client.new
   end
@@ -218,16 +225,23 @@ class CheckSubnetIpConsumption < Sensu::Plugin::Check::CLI
 
       case config[:show_account_alias]
       when true
-        critical(alert_prefix_with_alias % { count: alert_msg.length,
-                                             alias: account_alias,
-                                             region: config[:aws_region],
-                                             threshold: config[:alert_threshold],
-                                             alerts: alert_msg.join(', ') })
+        alert_msg = alert_prefix_with_alias % { count: alert_msg.length,
+                                                alias: account_alias,
+                                                region: config[:aws_region],
+                                                threshold: config[:alert_threshold],
+                                                alerts: alert_msg.join(', ') }
+      when false
+        alert_msg = alert_prefix % { count: alert_msg.length,
+                                     region: config[:aws_region],
+                                     threshold: config[:alert_threshold],
+                                     alerts: alert_msg.join(', ') }
+      end
+
+      case config[:warn_only]
+      when true
+        warning(alert_msg)
       when false
-        critical(alert_prefix % { count: alert_msg.length,
-                                  region: config[:aws_region],
-                                  threshold: config[:alert_threshold],
-                                  alerts: alert_msg.join(', ') })
+        critical(alert_msg)
       end
     end
   end

data/bin/check-trustedadvisor-service-limits.rb

@@ -45,29 +45,37 @@ class CheckTrustedAdvisorServiceLimits < Sensu::Plugin::Check::CLI
          description: "ISO 639-1 language code to be used when querying Trusted Advisor API. Only 'en' and 'ja' supported for now",
          default: 'en'
 
-  def run
+  def aws_support
     # The Support endpoint seems to only available in us-east-1 region
     # http://docs.aws.amazon.com/sdkforruby/api/Aws/Support.html
-    aws_support = Aws::Support::Client.new(region: 'us-east-1')
+    @aws_support ||= Aws::Support::Client.new(region: 'us-east-1')
+  end
 
+  def run
     service_limit_msg = []
 
     begin
-      # service limit check
-      # Perform a refresh to make sure the API result is not stale.
-      aws_support.refresh_trusted_advisor_check(check_id: 'eW7HH0l7J9')
-      sl = aws_support.describe_trusted_advisor_check_result(check_id: 'eW7HH0l7J9', language: config[:aws_language])
+      # Get all check IDs with category "service_limits"
+      check_ids = []
+      aws_support.describe_trusted_advisor_checks(language: config[:aws_language])[:checks].each { |c| check_ids << c.id if c.category == 'service_limits' }
+
+      # Get all checks that are not "ok"
+      checks_not_ok = []
+      aws_support.describe_trusted_advisor_check_summaries(check_ids: check_ids)[:summaries].each { |c| checks_not_ok << c.check_id if c.status != 'ok' }
+
+      checks_not_ok.each do |cno|
+        aws_support.describe_trusted_advisor_check_result(language: config[:aws_language], check_id: cno)[:result][:flagged_resources].each do |slr|
+          # Data structure will be as follow
+          # ["<region>", "<service>", "<description>", "<limit>", "<usage>", "<status>"]
+          sl_region, sl_service, sl_description, sl_limit, sl_usage, sl_status = slr[:metadata]
 
-      sl[:result][:flagged_resources].each do |slr|
-        # Data structure will be as follow
-        # ["<region>", "<service>", "<description>", "<limit>", "<usage>", "<status>"]
-        sl_region, sl_service, sl_description, sl_limit, sl_usage, sl_status = slr[:metadata]
+          next if slr.status == 'ok' || sl_status == 'Green'
 
-        next if sl_status == 'Green'
-        sl_usage = 0 if sl_usage.nil?
+          sl_usage = 0 if sl_usage.nil?
 
-        sl_msg = "#{sl_service} (#{sl_region}) #{sl_description} #{sl_usage} out of #{sl_limit}"
-        service_limit_msg.push(sl_msg)
+          sl_msg = "#{sl_service} (#{sl_region}) #{sl_description} #{sl_usage} out of #{sl_limit}"
+          service_limit_msg.push(sl_msg)
+        end
       end
     rescue StandardError => e
       unknown "An error occurred processing AWS TrustedAdvisor API: #{e.message}"

data/bin/metrics-reservation-utilization.rb

@@ -0,0 +1,84 @@
+#! /usr/bin/env ruby
+#
+# reservation-utilization
+#
+# DESCRIPTION:
+#   Gets Reservation Utilization of an AWS account.
+#
+# OUTPUT:
+#   metric-data
+#
+# PLATFORMS:
+#   Linux
+#
+# DEPENDENCIES:
+#   gem: aws-sdk
+#   gem: sensu-plugin
+#   gem: sensu-plugins-aws
+#
+# USAGE:
+#   metrics-reservation-utilization.rb
+#
+# NOTES:
+#
+# LICENSE:
+#   Copyright (c) 2019, Nicolas Boutet amd3002@gmail.com
+#   Released under the same terms as Sensu (the MIT license); see LICENSE
+#   for details.
+#
+
+require 'sensu-plugin/metric/cli'
+require 'aws-sdk'
+require 'sensu-plugins-aws'
+
+class ReservationUtilizationMetrics < Sensu::Plugin::Metric::CLI::Graphite
+  include Common
+
+  option :from,
+         short:       '-f TIME',
+         long:        '--from TIME',
+         default:     Time.now - 2 * 86_400, # start date cannot be after 2 days ago
+         proc:        proc { |a| Time.parse a },
+         description: 'The beginning of the time period that you want the usage and costs for (inclusive).'
+
+  option :to,
+         short:       '-t TIME',
+         long:        '--to TIME',
+         default:     Time.now,
+         proc:        proc { |a| Time.parse a },
+         description: 'The end of the time period that you want the usage and costs for (exclusive).'
+
+  option :scheme,
+         description: 'Metric naming scheme, text to prepend to metric.',
+         short:       '-s SCHEME',
+         long:        '--scheme SCHEME',
+         default:     'sensu.aws.reservation_utilization'
+
+  option :aws_region,
+         short:       '-r AWS_REGION',
+         long:        '--aws-region REGION',
+         description: 'AWS Region (defaults to us-east-1).',
+         default:     'us-east-1'
+
+  def run
+    begin
+      client = Aws::CostExplorer::Client.new(aws_config)
+
+      reservation_utilization = client.get_reservation_utilization(
+        time_period: {
+          start: config[:from].strftime('%Y-%m-%d'),
+          end: config[:to].strftime('%Y-%m-%d')
+        }
+      )
+
+      reservation_utilization.utilizations_by_time.each do |time|
+        time.total.to_h.each do |key, value|
+          output "#{config[:scheme]}.utilizations_by_time.#{key}", value, Time.parse(time.time_period.end).to_i
+        end
+      end
+    rescue StandardError => e
+      critical "Error: exception: #{e}"
+    end
+    ok
+  end
+end

data/lib/sensu-plugins-aws/version.rb

@@ -1,7 +1,7 @@
 module SensuPluginsAWS
   module Version
     MAJOR = 18
-    MINOR = 3
+    MINOR = 6
     PATCH = 0
     VER_STRING = [MAJOR, MINOR, PATCH].compact.join('.')
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sensu-plugins-aws
 version: !ruby/object:Gem::Version
-  version: 18.3.0
+  version: 18.6.0
 platform: ruby
 authors:
 - Sensu-Plugins and contributors
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-07 00:00:00.000000000 Z
+date: 2021-01-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sensu-plugin
@@ -58,42 +58,62 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.32.0
+        version: 2.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.32.0
+        version: 2.1.0
 - !ruby/object:Gem::Dependency
   name: fog-core
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.43.0
+        version: 1.45.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.43.0
+        version: 1.45.0
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.10.4
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.10.4
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rest-client
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.8.0
+        version: 2.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.8.0
+        version: 2.1.0
 - !ruby/object:Gem::Dependency
   name: right_aws
   requirement: !ruby/object:Gem::Requirement
@@ -114,14 +134,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '2.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.7'
+        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: github-markup
   requirement: !ruby/object:Gem::Requirement
@@ -156,14 +176,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.3'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: redcarpet
   requirement: !ruby/object:Gem::Requirement
@@ -228,86 +248,89 @@ description: |-
                                 for EC2, SES, and SNS.
 email: "<sensu-users@googlegroups.com>"
 executables:
+- check-reserved-instances.rb
+- check-vpc-nameservers.rb
+- metrics-autoscaling-instance-count.rb
+- check-cloudwatch-alarm.rb
+- check-dynamodb-throttle.rb
 - check-cloudwatch-alarms.rb
-- metrics-cloudfront.rb
-- metrics-ses.rb
-- check-ebs-burst-limit.rb
-- handler-scale-asg-down.rb
-- check-s3-bucket-visibility.rb
-- check-trustedadvisor-service-limits.rb
 - check-kms-key.rb
-- check-ses-statistics.rb
-- check-alb-target-group-health.rb
 - check-ses-limit.rb
-- check-sns-subscriptions.rb
-- metrics-waf.rb
-- metrics-autoscaling-instance-count.rb
 - metrics-s3.rb
-- check-s3-tag.rb
-- check-dynamodb-throttle.rb
-- handler-ec2_node.rb
-- check-ec2-cpu_balance.rb
-- check-beanstalk-health.rb
-- metrics-asg.rb
+- handler-sns.rb
+- check-s3-bucket-visibility.rb
+- metrics-cloudfront.rb
+- check-ec2-network.rb
+- check-rds-events.rb
+- metrics-rds.rb
 - check-instances-count.rb
-- check-elb-certs.rb
-- check-reserved-instances.rb
+- check-cloudwatch-alarm-multi.rb
+- metrics-sqs.rb
+- check-emr-steps.rb
+- check-ebs-burst-limit.rb
+- check-redshift-events.rb
 - check-instance-health.rb
-- check-ec2-network.rb
-- check-efs-metric.rb
-- check-sensu-client.rb
-- check-emr-cluster.rb
-- handler-ses.rb
-- check-asg-instances-inservice.rb
+- check-elb-health.rb
+- check-expiring-reservations.rb
+- handler-ec2_node.rb
+- check-elb-instances-inservice.rb
+- check-ec2-cpu_balance.rb
 - check-sqs-messages.rb
 - check-rds-pending.rb
-- check-cloudwatch-metric.rb
-- check-configservice-rules.rb
-- check-beanstalk-elb-metric.rb
-- check-elb-health.rb
-- check-instance-reachability.rb
-- check-emr-steps.rb
-- check-elasticache-failover.rb
+- check-emr-cluster.rb
 - check-eip-allocation.rb
-- check-s3-object.rb
-- check-redshift-events.rb
-- check-ecs-service-health.rb
-- check-autoscaling-cpucredits.rb
-- check-s3-bucket.rb
-- check-elb-health-sdk.rb
-- check-cloudwatch-alarm.rb
-- check-route.rb
-- check-ebs-snapshots.rb
 - metrics-ec2-filter.rb
+- check-ebs-snapshots.rb
+- metrics-waf.rb
+- metrics-billing.rb
+- check-autoscaling-cpucredits.rb
+- metrics-asg.rb
+- check-instance-events.rb
 - check-route53-domain-expiration.rb
-- metrics-rds.rb
-- check-dynamodb-capacity.rb
+- check-elasticache-failover.rb
 - check-ec2-filter.rb
-- check-asg-instances-created.rb
-- check-eni-status.rb
-- metrics-sqs.rb
-- check-instance-events.rb
-- metrics-elasticache.rb
-- check-rds-events.rb
-- check-subnet-ip-consumption.rb
-- check-elb-nodes.rb
 - check-elb-sum-requests.rb
+- metrics-reservation-utilization.rb
+- check-sns-subscriptions.rb
+- metrics-ses.rb
 - check-elb-health-fog.rb
-- handler-sns.rb
 - handler-scale-asg-up.rb
-- check-vpc-nameservers.rb
+- check-sensu-client.rb
+- check-elb-nodes.rb
+- check-s3-object.rb
+- check-trustedadvisor-service-limits.rb
+- check-ses-statistics.rb
+- check-cloudwatch-metric.rb
+- check-beanstalk-health.rb
+- check-dynamodb-capacity.rb
+- check-eni-status.rb
+- check-s3-tag.rb
+- check-direct-connect-virtual-interfaces.rb
 - check-cloudwatch-composite-metric.rb
-- check-rds.rb
+- metrics-ec2-count.rb
+- metrics-elasticache.rb
 - check-cloudfront-tag.rb
-- metrics-emr-steps.rb
-- check-certificate-expiry.rb
-- check-elb-instances-inservice.rb
+- check-alb-target-group-health.rb
+- check-elb-health-sdk.rb
 - check-elb-latency.rb
-- metrics-ec2-count.rb
-- metrics-billing.rb
+- check-s3-bucket.rb
+- handler-scale-asg-down.rb
+- check-elb-certs.rb
+- check-efs-metric.rb
 - check-vpc-vpn.rb
-- check-direct-connect-virtual-interfaces.rb
+- check-subnet-ip-consumption.rb
+- check-ecs-service-health.rb
+- check-rds.rb
+- handler-ses.rb
+- check-asg-instances-created.rb
+- check-route.rb
+- check-instance-reachability.rb
+- check-certificate-expiry.rb
+- check-asg-instances-inservice.rb
+- metrics-emr-steps.rb
 - metrics-elb.rb
+- check-configservice-rules.rb
+- check-beanstalk-elb-metric.rb
 extensions: []
 extra_rdoc_files: []
 files:
@@ -322,6 +345,7 @@ files:
 - bin/check-beanstalk-health.rb
 - bin/check-certificate-expiry.rb
 - bin/check-cloudfront-tag.rb
+- bin/check-cloudwatch-alarm-multi.rb
 - bin/check-cloudwatch-alarm.rb
 - bin/check-cloudwatch-alarms.rb
 - bin/check-cloudwatch-composite-metric.rb
@@ -350,6 +374,7 @@ files:
 - bin/check-emr-cluster.rb
 - bin/check-emr-steps.rb
 - bin/check-eni-status.rb
+- bin/check-expiring-reservations.rb
 - bin/check-instance-events.rb
 - bin/check-instance-health.rb
 - bin/check-instance-reachability.rb
@@ -390,6 +415,7 @@ files:
 - bin/metrics-elb.rb
 - bin/metrics-emr-steps.rb
 - bin/metrics-rds.rb
+- bin/metrics-reservation-utilization.rb
 - bin/metrics-s3.rb
 - bin/metrics-ses.rb
 - bin/metrics-sqs.rb
@@ -424,7 +450,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.8
 signing_key: 
 specification_version: 4
 summary: Sensu plugins for working with an AWS environment