aws-cost-calculator-cli 1.6.3__py3-none-any.whl → 1.9.1__py3-none-any.whl

{aws_cost_calculator_cli-1.6.3.dist-info → aws_cost_calculator_cli-1.9.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aws-cost-calculator-cli
-Version: 1.6.3
+Version: 1.9.1
 Summary: AWS Cost Calculator CLI - Calculate daily and annual AWS costs across multiple accounts
 Home-page: https://github.com/trilogy-group/aws-cost-calculator
 Author: Cost Optimization Team
@@ -229,6 +229,16 @@ cc setup-api
 # Enter your API secret when prompted (input will be hidden)
 ```
 
+**CUR Configuration (for --resources flag):**
+
+To use resource-level queries, configure CUR settings:
+```bash
+cc setup-cur
+# Enter: Database name, table name, S3 output location
+```
+
+This saves configuration to `~/.config/cost-calculator/cur_config.json`
+
 Or set manually:
 ```bash
 export COST_API_SECRET="your-api-secret"
@@ -374,11 +384,13 @@ The `drill` command allows you to investigate cost changes at different levels o
 1. **Start broad:** `cc trends` → See EC2 costs up $1000
 2. **Drill by service:** `cc drill --service "EC2 - Other"` → See which accounts
 3. **Drill deeper:** `cc drill --service "EC2 - Other" --account 123` → See usage types
+4. **Resource-level:** `cc drill --service "EC2 - Other" --account 123 --resources` → See individual instance IDs
 
 **Features:**
 - **Week-over-week cost analysis**: Compare costs between consecutive weeks
 - **Month-over-month cost analysis**: Compare costs between consecutive months
 - **Drill-down analysis**: Analyze costs by service, account, or usage type
+- **Resource-level analysis**: See individual resource IDs and costs using CUR data (NEW in v1.7.0)
 - **Pandas aggregations**: Time series analysis with sum, avg, std across all weeks
 - **Volatility detection**: Identify services with high cost variability and outliers
 - **Trend detection**: Auto-detect increasing/decreasing cost patterns

aws_cost_calculator_cli-1.9.1.dist-info/RECORD

@@ -0,0 +1,15 @@
+aws_cost_calculator_cli-1.9.1.dist-info/licenses/LICENSE,sha256=cYtmQZHNGGTXOtg3T7LHDRneleaH0dHXHfxFV3WR50Y,1079
+cost_calculator/__init__.py,sha256=PJeIqvWh5AYJVrJxPPkI4pJnAt37rIjasrNS0I87kaM,52
+cost_calculator/api_client.py,sha256=4ZI2XcGIN3FBeQqb7xOxQ91kCoeM43-rExiOELXoKBQ,2485
+cost_calculator/cli.py,sha256=IRlRxefn9rfrt6EWwSEcMi9HCISHuOfnUs2_Bf5IZkA,54085
+cost_calculator/cur.py,sha256=QaZ_nyDSw5_cti-h5Ho6eYLbqzY5TWoub24DpyzIiSs,9502
+cost_calculator/drill.py,sha256=hGi-prLgZDvNMMICQc4fl3LenM7YaZ3To_Ei4LKwrdc,10543
+cost_calculator/executor.py,sha256=vZX3BCgTRHwBfxC0WqQsHgv1ww5rpmKqLCTrW2sflSY,6509
+cost_calculator/forensics.py,sha256=uhRo3I_zOeMEaBENHfgq65URga31W0Z4vzS2UN6VmTY,12819
+cost_calculator/monthly.py,sha256=6k9F8S7djhX1wGV3-T1MZP7CvWbbfhSTEaddwCfVu5M,7932
+cost_calculator/trends.py,sha256=k_s4ylBX50sqoiM_fwepi58HW01zz767FMJhQUPDznk,12246
+aws_cost_calculator_cli-1.9.1.dist-info/METADATA,sha256=jMNKiSSMAbMNajhVxBOyzSuJaWg3lrGfuCBSz0THo38,11978
+aws_cost_calculator_cli-1.9.1.dist-info/WHEEL,sha256=Nw36Djuh_5VDukK0H78QzOX-_FQEo6V37m3nkm96gtU,91
+aws_cost_calculator_cli-1.9.1.dist-info/entry_points.txt,sha256=_5Qy4EcHbYVYrdgOu1E48faMHb9fLUl5VJ3djDHuJBo,47
+aws_cost_calculator_cli-1.9.1.dist-info/top_level.txt,sha256=PRwGPPlNqASfyhGHDjSfyl4SXeE7GF3OVTu1tY1Uqyc,16
+aws_cost_calculator_cli-1.9.1.dist-info/RECORD,,

{aws_cost_calculator_cli-1.6.3.dist-info → aws_cost_calculator_cli-1.9.1.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (80.9.0)
+Generator: setuptools (80.7.1)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

{aws_cost_calculator_cli-1.6.3.dist-info → aws_cost_calculator_cli-1.9.1.dist-info}/top_level.txt

@@ -1,2 +1 @@
-backend
 cost_calculator

cost_calculator/api_client.py

@@ -50,7 +50,8 @@ def call_lambda_api(endpoint, credentials, accounts, **kwargs):
         'monthly': 'https://6aueebodw6q4zdeu3aaexb6tle0fqhhr.lambda-url.us-east-1.on.aws/',
         'drill': 'https://3ncm2gzxrsyptrhud3ua3x5lju0akvsr.lambda-url.us-east-1.on.aws/',
         'analyze': 'https://y6npmidtxwzg62nrqzkbacfs5q0edwgs.lambda-url.us-east-1.on.aws/',
-        'profiles': 'https://64g7jq7sjygec2zmll5lsghrpi0txrzo.lambda-url.us-east-1.on.aws/'
+        'profiles': 'https://64g7jq7sjygec2zmll5lsghrpi0txrzo.lambda-url.us-east-1.on.aws/',
+        'forensics': 'https://gaekfzz7sc2hwn4mjyk64sieke0vadfo.lambda-url.us-east-1.on.aws/'  # Will be populated after deployment
     }
     
     url = endpoint_urls.get(endpoint)

cost_calculator/cli.py

@@ -136,8 +136,11 @@ def load_profile(profile_name):
             profile_data = response_data.get('profile', response_data)
             profile = {'accounts': profile_data['accounts']}
             
+            # If profile has aws_profile field, use it
+            if 'aws_profile' in profile_data:
+                profile['aws_profile'] = profile_data['aws_profile']
             # Check for AWS_PROFILE environment variable (SSO support)
-            if os.environ.get('AWS_PROFILE'):
+            elif os.environ.get('AWS_PROFILE'):
                 profile['aws_profile'] = os.environ['AWS_PROFILE']
             # Use environment credentials
             elif os.environ.get('AWS_ACCESS_KEY_ID'):
@@ -146,6 +149,33 @@ def load_profile(profile_name):
                     'aws_secret_access_key': os.environ['AWS_SECRET_ACCESS_KEY'],
                     'aws_session_token': os.environ.get('AWS_SESSION_TOKEN')
                 }
+            else:
+                # Try to find a matching AWS profile by name
+                # This allows "khoros" profile to work with "khoros_umbrella" AWS profile
+                import subprocess
+                try:
+                    result = subprocess.run(
+                        ['aws', 'configure', 'list-profiles'],
+                        capture_output=True,
+                        text=True,
+                        timeout=5
+                    )
+                    if result.returncode == 0:
+                        available_profiles = result.stdout.strip().split('\n')
+                        # Try exact match first
+                        if profile_name in available_profiles:
+                            profile['aws_profile'] = profile_name
+                        # Try with common suffixes
+                        elif f"{profile_name}_umbrella" in available_profiles:
+                            profile['aws_profile'] = f"{profile_name}_umbrella"
+                        elif f"{profile_name}-umbrella" in available_profiles:
+                            profile['aws_profile'] = f"{profile_name}-umbrella"
+                        elif f"{profile_name}_prod" in available_profiles:
+                            profile['aws_profile'] = f"{profile_name}_prod"
+                        # If no match found, leave it unset - user must provide --sso
+                except:
+                    # If we can't list profiles, leave it unset - user must provide --sso
+                    pass
             
             return profile
         else:
@@ -325,7 +355,8 @@ def calculate_costs(profile_config, accounts, start_date, offset, window):
     # Calculate days in the month that the support covers
     # Support on Nov 1 covers October (31 days)
     support_month = support_month_date - timedelta(days=1)  # Go back to previous month
-    days_in_support_month = support_month.day  # This gives us the last day of the month
+    import calendar
+    days_in_support_month = calendar.monthrange(support_month.year, support_month.month)[1]
     
     # Support allocation: divide by 2 (50% allocation), then by days in month
     support_per_day = (support_cost / 2) / days_in_support_month
@@ -386,6 +417,43 @@ def cli():
     pass
 
 
+@cli.command('setup-cur')
+@click.option('--database', required=True, prompt='CUR Athena Database', help='Athena database name for CUR')
+@click.option('--table', required=True, prompt='CUR Table Name', help='CUR table name')
+@click.option('--s3-output', required=True, prompt='S3 Output Location', help='S3 bucket for Athena query results')
+def setup_cur(database, table, s3_output):
+    """
+    Configure CUR (Cost and Usage Report) settings for resource-level queries
+    
+    Saves CUR configuration to ~/.config/cost-calculator/cur_config.json
+    
+    Example:
+      cc setup-cur --database my_cur_db --table cur_table --s3-output s3://my-bucket/
+    """
+    import json
+    
+    config_dir = Path.home() / '.config' / 'cost-calculator'
+    config_dir.mkdir(parents=True, exist_ok=True)
+    
+    config_file = config_dir / 'cur_config.json'
+    
+    config = {
+        'database': database,
+        'table': table,
+        's3_output': s3_output
+    }
+    
+    with open(config_file, 'w') as f:
+        json.dump(config, f, indent=2)
+    
+    click.echo(f"✓ CUR configuration saved to {config_file}")
+    click.echo(f"  Database: {database}")
+    click.echo(f"  Table: {table}")
+    click.echo(f"  S3 Output: {s3_output}")
+    click.echo("")
+    click.echo("You can now use: cc drill --service 'EC2 - Other' --resources")
+
+
 @cli.command('setup-api')
 @click.option('--api-secret', required=True, prompt=True, hide_input=True, help='COST_API_SECRET value')
 def setup_api(api_secret):
@@ -887,14 +955,19 @@ def monthly(profile, months, output, json_output, sso, access_key_id, secret_acc
 @click.option('--service', help='Filter by service name (e.g., "EC2 - Other")')
 @click.option('--account', help='Filter by account ID')
 @click.option('--usage-type', help='Filter by usage type')
+@click.option('--resources', is_flag=True, help='Show individual resource IDs (requires CUR, uses Athena)')
 @click.option('--output', default='drill_down.md', help='Output markdown file (default: drill_down.md)')
 @click.option('--json-output', is_flag=True, help='Output as JSON')
 @click.option('--sso', help='AWS SSO profile name')
 @click.option('--access-key-id', help='AWS Access Key ID')
 @click.option('--secret-access-key', help='AWS Secret Access Key')
 @click.option('--session-token', help='AWS Session Token')
-def drill(profile, weeks, service, account, usage_type, output, json_output, sso, access_key_id, secret_access_key, session_token):
-    """Drill down into cost changes by service, account, or usage type"""
+def drill(profile, weeks, service, account, usage_type, resources, output, json_output, sso, access_key_id, secret_access_key, session_token):
+    """
+    Drill down into cost changes by service, account, or usage type
+    
+    Add --resources flag to see individual resource IDs and costs (requires CUR data via Athena)
+    """
     
     # Load profile
     config = load_profile(profile)
@@ -908,10 +981,19 @@ def drill(profile, weeks, service, account, usage_type, output, json_output, sso
         click.echo(f"  Account filter: {account}")
     if usage_type:
         click.echo(f"  Usage type filter: {usage_type}")
+    if resources:
+        click.echo(f"  Mode: Resource-level (CUR via Athena)")
     click.echo("")
     
     # Execute via API or locally
-    drill_data = execute_drill(config, weeks, service, account, usage_type)
+    drill_data = execute_drill(config, weeks, service, account, usage_type, resources)
+    
+    # Handle resource-level output differently
+    if resources:
+        from cost_calculator.cur import format_resource_output
+        output_text = format_resource_output(drill_data)
+        click.echo(output_text)
+        return
     
     if json_output:
         # Output as JSON
@@ -1084,5 +1166,219 @@ def profile(operation, name, accounts, description):
         click.echo(result.get('message', 'Operation completed'))
 
 
+@cli.command()
+@click.option('--profile', required=True, help='Profile name')
+@click.option('--sso', help='AWS SSO profile to use')
+@click.option('--weeks', default=8, help='Number of weeks to analyze')
+@click.option('--account', help='Focus on specific account ID')
+@click.option('--service', help='Focus on specific service')
+@click.option('--no-cloudtrail', is_flag=True, help='Skip CloudTrail analysis (faster)')
+@click.option('--output', default='investigation_report.md', help='Output file path')
+def investigate(profile, sso, weeks, account, service, no_cloudtrail, output):
+    """
+    Multi-stage cost investigation:
+    1. Analyze cost trends and drill-downs
+    2. Inventory actual resources in problem accounts
+    3. Analyze CloudTrail events (optional)
+    4. Generate comprehensive report
+    """
+    from cost_calculator.executor import execute_trends, execute_drill, get_credentials_dict
+    from cost_calculator.api_client import call_lambda_api, is_api_configured
+    from cost_calculator.forensics import format_investigation_report
+    from datetime import datetime, timedelta
+    
+    click.echo("=" * 80)
+    click.echo("COST INVESTIGATION")
+    click.echo("=" * 80)
+    click.echo(f"Profile: {profile}")
+    click.echo(f"Weeks: {weeks}")
+    if account:
+        click.echo(f"Account: {account}")
+    if service:
+        click.echo(f"Service: {service}")
+    click.echo("")
+    
+    # Load profile
+    config = load_profile(profile)
+    
+    # Override with SSO if provided
+    if sso:
+        config['aws_profile'] = sso
+    
+    # Validate that we have a way to get credentials
+    if 'aws_profile' not in config and 'credentials' not in config:
+        import subprocess
+        try:
+            result = subprocess.run(
+                ['aws', 'configure', 'list-profiles'],
+                capture_output=True,
+                text=True,
+                timeout=5
+            )
+            available = result.stdout.strip().split('\n') if result.returncode == 0 else []
+            suggestion = f"\nAvailable AWS profiles: {', '.join(available[:5])}" if available else ""
+        except:
+            suggestion = ""
+        
+        raise click.ClickException(
+            f"Profile '{profile}' has no AWS authentication configured.\n"
+            f"Use --sso flag to specify your AWS SSO profile:\n"
+            f"  cc investigate --profile {profile} --sso YOUR_AWS_PROFILE{suggestion}"
+        )
+    
+    # Step 1: Cost Analysis
+    click.echo("Step 1/3: Analyzing cost trends...")
+    try:
+        trends_data = execute_trends(config, weeks)
+        click.echo(f"✓ Found cost data for {weeks} weeks")
+    except Exception as e:
+        click.echo(f"✗ Error analyzing trends: {str(e)}")
+        trends_data = None
+    
+    # Step 2: Drill-down
+    click.echo("\nStep 2/3: Drilling down into costs...")
+    drill_data = None
+    if service or account:
+        try:
+            drill_data = execute_drill(config, weeks, service, account, None, False)
+            click.echo(f"✓ Drill-down complete")
+        except Exception as e:
+            click.echo(f"✗ Error in drill-down: {str(e)}")
+    
+    # Step 3: Resource Inventory
+    click.echo("\nStep 3/3: Inventorying resources...")
+    inventories = []
+    cloudtrail_analyses = []
+    
+    # Determine which accounts to investigate
+    accounts_to_investigate = []
+    if account:
+        accounts_to_investigate = [account]
+    else:
+        # Extract top cost accounts from trends/drill data
+        # For now, we'll need the user to specify
+        click.echo("⚠️  No account specified. Use --account to inventory resources.")
+    
+    # For each account, do inventory and CloudTrail via backend API
+    for acc_id in accounts_to_investigate:
+        click.echo(f"\n  Investigating account {acc_id}...")
+        
+        # Get credentials (SSO or static)
+        account_creds = get_credentials_dict(config)
+        if not account_creds:
+            click.echo(f"    ⚠️  No credentials available for account")
+            continue
+        
+        # Inventory resources via backend API only
+        if not is_api_configured():
+            click.echo(f"    ✗ API not configured. Set COST_API_SECRET environment variable.")
+            continue
+        
+        try:
+            regions = ['us-west-2', 'us-east-1', 'eu-west-1']
+            for region in regions:
+                try:
+                    inv = call_lambda_api(
+                        'forensics',
+                        account_creds,
+                        [],  # accounts not needed for forensics
+                        operation='inventory',
+                        account_id=acc_id,
+                        region=region
+                    )
+                    
+                    if not inv.get('error'):
+                        inventories.append(inv)
+                        click.echo(f"    ✓ Inventory complete for {region}")
+                        click.echo(f"      - EC2: {len(inv['ec2_instances'])} instances")
+                        click.echo(f"      - EFS: {len(inv['efs_file_systems'])} file systems ({inv.get('total_efs_size_gb', 0):,.0f} GB)")
+                        click.echo(f"      - ELB: {len(inv['load_balancers'])} load balancers")
+                        break
+                except Exception as e:
+                    continue
+        except Exception as e:
+            click.echo(f"    ✗ Inventory error: {str(e)}")
+        
+        # CloudTrail analysis via backend API only
+        if not no_cloudtrail:
+            if not is_api_configured():
+                click.echo(f"    ✗ CloudTrail skipped: API not configured")
+            else:
+                try:
+                    start_date = (datetime.now() - timedelta(days=weeks * 7)).isoformat() + 'Z'
+                    end_date = datetime.now().isoformat() + 'Z'
+                    
+                    ct_analysis = call_lambda_api(
+                        'forensics',
+                        account_creds,
+                        [],
+                        operation='cloudtrail',
+                        account_id=acc_id,
+                        start_date=start_date,
+                        end_date=end_date,
+                        region='us-west-2'
+                    )
+                    
+                    cloudtrail_analyses.append(ct_analysis)
+                    
+                    if ct_analysis.get('error'):
+                        click.echo(f"    ⚠️  CloudTrail: {ct_analysis['error']}")
+                    else:
+                        click.echo(f"    ✓ CloudTrail analysis complete")
+                        click.echo(f"      - {len(ct_analysis['event_summary'])} event types")
+                        click.echo(f"      - {len(ct_analysis['write_events'])} resource changes")
+                except Exception as e:
+                    click.echo(f"    ✗ CloudTrail error: {str(e)}")
+    
+    # Generate report
+    click.echo(f"\nGenerating report...")
+    report = format_investigation_report(trends_data, inventories, cloudtrail_analyses if not no_cloudtrail else None)
+    
+    # Write to file
+    with open(output, 'w') as f:
+        f.write(report)
+    
+    click.echo(f"\n✓ Investigation complete!")
+    click.echo(f"✓ Report saved to: {output}")
+    click.echo("")
+
+
+def find_account_profile(account_id):
+    """
+    Find the SSO profile name for a given account ID
+    Returns profile name or None
+    """
+    import subprocess
+    
+    try:
+        # Get list of profiles
+        result = subprocess.run(
+            ['aws', 'configure', 'list-profiles'],
+            capture_output=True,
+            text=True
+        )
+        
+        profiles = result.stdout.strip().split('\n')
+        
+        # Check each profile
+        for profile in profiles:
+            try:
+                result = subprocess.run(
+                    ['aws', 'sts', 'get-caller-identity', '--profile', profile],
+                    capture_output=True,
+                    text=True,
+                    timeout=5
+                )
+                
+                if account_id in result.stdout:
+                    return profile
+            except:
+                continue
+        
+        return None
+    except:
+        return None
+
+
 if __name__ == '__main__':
     cli()