runbooks 0.9.8__py3-none-any.whl → 1.0.0__py3-none-any.whl

runbooks/common/profile_utils.py

@@ -17,12 +17,28 @@ Version: 0.9.0
 """
 
 import os
+import time
 from typing import Dict, Optional
 
 import boto3
 
 from runbooks.common.rich_utils import console
 
+# Profile cache to reduce duplicate calls (enterprise performance optimization)
+_profile_cache = {}
+_cache_timestamp = None
+_cache_ttl = 300  # 5 minutes cache TTL
+
+# Enterprise AWS profile mappings with fallback defaults
+ENV_PROFILE_MAP = {
+    "billing": os.getenv("BILLING_PROFILE"),
+    "management": os.getenv("MANAGEMENT_PROFILE"),
+    "operational": os.getenv("CENTRALISED_OPS_PROFILE"),
+}
+
+# Fallback defaults if environment variables are not set - NO hardcoded defaults
+DEFAULT_PROFILE = os.getenv("AWS_PROFILE") or "default"  # "default" is AWS boto3 expected fallback
+
 
 def get_profile_for_operation(operation_type: str, user_specified_profile: Optional[str] = None) -> str:
     """
@@ -45,12 +61,30 @@ def get_profile_for_operation(operation_type: str, user_specified_profile: Optio
     Raises:
         SystemExit: If user-specified profile not found in AWS config
     """
+    global _profile_cache, _cache_timestamp
+    
+    # Check cache first to reduce duplicate calls (enterprise performance optimization)
+    cache_key = f"{operation_type}:{user_specified_profile or 'None'}"
+    current_time = time.time()
+    
+    if (_cache_timestamp and 
+        current_time - _cache_timestamp < _cache_ttl and 
+        cache_key in _profile_cache):
+        return _profile_cache[cache_key]
+    
+    # Clear cache if TTL expired
+    if not _cache_timestamp or current_time - _cache_timestamp >= _cache_ttl:
+        _profile_cache.clear()
+        _cache_timestamp = current_time
+    
     available_profiles = boto3.Session().available_profiles
 
     # PRIORITY 1: User-specified profile ALWAYS takes precedence
     if user_specified_profile and user_specified_profile != "default":
         if user_specified_profile in available_profiles:
             console.log(f"[green]Using user-specified profile for {operation_type}: {user_specified_profile}[/]")
+            # Cache the result to reduce duplicate calls
+            _profile_cache[cache_key] = user_specified_profile
             return user_specified_profile
         else:
             console.log(f"[red]Error: User-specified profile '{user_specified_profile}' not found in AWS config[/]")
@@ -68,11 +102,16 @@ def get_profile_for_operation(operation_type: str, user_specified_profile: Optio
     env_profile = profile_map.get(operation_type)
     if env_profile and env_profile in available_profiles:
         console.log(f"[dim cyan]Using {operation_type} profile from environment: {env_profile}[/]")
+        # Cache the result to reduce duplicate calls
+        _profile_cache[cache_key] = env_profile
         return env_profile
 
     # PRIORITY 3: Default profile (last resort)
-    console.log(f"[yellow]No {operation_type} profile found, using default: {user_specified_profile or 'default'}[/]")
-    return user_specified_profile or "default"
+    default_profile = user_specified_profile or "default"
+    console.log(f"[yellow]No {operation_type} profile found, using default: {default_profile}[/]")
+    # Cache the result to reduce duplicate calls
+    _profile_cache[cache_key] = default_profile
+    return default_profile
 
 
 def resolve_profile_for_operation_silent(operation_type: str, user_specified_profile: Optional[str] = None) -> str:
@@ -206,6 +245,60 @@ def validate_profile_access(profile_name: str, operation_type: str = "general")
         return False
 
 
+def get_available_profiles_for_validation() -> list:
+    """
+    Get available AWS profiles for validation - universal compatibility approach.
+    
+    Returns all configured AWS profiles for validation without hardcoded assumptions.
+    Supports any AWS setup: single account, multi-account, any profile naming convention.
+    
+    Returns:
+        list: Available AWS profile names for validation
+    """
+    try:
+        # Get all available profiles from AWS CLI configuration
+        available_profiles = boto3.Session().available_profiles
+        
+        # Filter out common system profiles that shouldn't be tested
+        system_profiles = {'default', 'none', 'null', ''}
+        
+        # Return profiles for validation, including default if it's the only one
+        validation_profiles = []
+        
+        # Add environment variable profiles if they exist
+        env_profiles = [
+            os.getenv("AWS_BILLING_PROFILE"),
+            os.getenv("AWS_MANAGEMENT_PROFILE"), 
+            os.getenv("AWS_CENTRALISED_OPS_PROFILE"),
+            os.getenv("AWS_SINGLE_ACCOUNT_PROFILE"),
+            os.getenv("BILLING_PROFILE"),
+            os.getenv("MANAGEMENT_PROFILE"),
+            os.getenv("CENTRALISED_OPS_PROFILE"),
+            os.getenv("SINGLE_AWS_PROFILE"),
+        ]
+        
+        # Add valid environment profiles
+        for profile in env_profiles:
+            if profile and profile in available_profiles and profile not in validation_profiles:
+                validation_profiles.append(profile)
+        
+        # If no environment profiles found, use available profiles (universal approach)
+        if not validation_profiles:
+            for profile in available_profiles:
+                if profile not in system_profiles:
+                    validation_profiles.append(profile)
+        
+        # Always include 'default' if available and no other profiles found
+        if not validation_profiles and 'default' in available_profiles:
+            validation_profiles.append('default')
+            
+        return validation_profiles
+        
+    except Exception as e:
+        console.log(f"[yellow]Warning: Could not detect AWS profiles: {e}[/]")
+        return ['default']  # Fallback to default profile
+
+
 # Export all public functions
 __all__ = [
     "get_profile_for_operation",
@@ -215,4 +308,5 @@ __all__ = [
     "create_operational_session",
     "get_enterprise_profile_mapping",
     "validate_profile_access",
+    "get_available_profiles_for_validation",
 ]

runbooks/common/rich_utils.py

@@ -132,6 +132,7 @@ def print_banner() -> None:
 
 def create_table(
     title: Optional[str] = None,
+    caption: Optional[str] = None,
     columns: List[Dict[str, Any]] = None,
     show_header: bool = True,
     show_footer: bool = False,
@@ -143,6 +144,7 @@ def create_table(
 
     Args:
         title: Table title
+        caption: Table caption (displayed below the table)
         columns: List of column definitions [{"name": "Col1", "style": "cyan", "justify": "left"}]
         show_header: Show header row
         show_footer: Show footer row
@@ -154,6 +156,7 @@ def create_table(
     """
     table = Table(
         title=title,
+        caption=caption,
         show_header=show_header,
         show_footer=show_footer,
         box=box_style,

runbooks/finops/cost_optimizer.py

@@ -25,6 +25,7 @@ from ..common.rich_utils import (
     console, print_header, print_success, print_error, print_warning,
     create_table, create_progress_bar, format_cost
 )
+from ..common.aws_pricing import DynamicAWSPricing
 
 @dataclass
 class IdleInstance:
@@ -55,7 +56,7 @@ class UnusedNATGateway:
     region: str
     vpc_id: str = ""
     state: str = ""
-    estimated_monthly_cost: float = 45.0  # ~$45/month per NAT Gateway
+    estimated_monthly_cost: float = 0.0  # Calculated dynamically using AWS pricing
     creation_date: Optional[str] = None
     tags: Dict[str, str] = Field(default_factory=dict)
 

runbooks/finops/elastic_ip_optimizer.py

@@ -36,6 +36,7 @@ from ..common.rich_utils import (
     console, print_header, print_success, print_error, print_warning, print_info,
     create_table, create_progress_bar, format_cost, create_panel, STATUS_INDICATORS
 )
+from ..common.aws_pricing import get_service_monthly_cost, calculate_annual_cost
 from .embedded_mcp_validator import EmbeddedMCPValidator
 from ..common.profile_utils import get_profile_for_operation
 
@@ -65,8 +66,8 @@ class ElasticIPOptimizationResult(BaseModel):
     domain: str
     is_attached: bool
     instance_id: Optional[str] = None
-    monthly_cost: float = 3.65  # $3.65/month for unattached EIPs
-    annual_cost: float = 43.80  # $43.80/year for unattached EIPs
+    monthly_cost: float = 0.0  # Calculated dynamically per region
+    annual_cost: float = 0.0   # Calculated dynamically (monthly * 12)
     optimization_recommendation: str = "retain"  # retain, release
     risk_level: str = "low"  # low, medium, high
     business_impact: str = "minimal"
@@ -118,8 +119,8 @@ class ElasticIPOptimizer:
             profile_name=get_profile_for_operation("operational", profile_name)
         )
         
-        # Elastic IP pricing (per month, as of 2024)
-        self.elastic_ip_monthly_cost = 3.65  # $3.65/month per unattached EIP
+        # Dynamic Elastic IP pricing - Enterprise compliance (no hardcoded values)
+        # Pricing will be calculated dynamically per region using AWS Pricing API
         
         # All AWS regions for comprehensive discovery
         self.all_regions = [
@@ -360,9 +361,12 @@ class ElasticIPOptimizer:
             try:
                 dns_refs = dns_dependencies.get(elastic_ip.allocation_id, [])
                 
-                # Calculate current costs (only unattached EIPs are charged)
-                monthly_cost = self.elastic_ip_monthly_cost if not elastic_ip.is_attached else 0.0
-                annual_cost = monthly_cost * 12
+                # Calculate current costs (only unattached EIPs are charged) - Dynamic pricing
+                if elastic_ip.is_attached:
+                    monthly_cost = 0.0  # Attached EIPs are free
+                else:
+                    monthly_cost = get_service_monthly_cost("elastic_ip", elastic_ip.region)
+                annual_cost = calculate_annual_cost(monthly_cost)
                 
                 # Determine optimization recommendation
                 recommendation = "retain"  # Default: keep the Elastic IP
@@ -384,14 +388,14 @@ class ElasticIPOptimizer:
                         recommendation = "release"
                         risk_level = "low"
                         business_impact = "none"
-                        potential_monthly_savings = self.elastic_ip_monthly_cost
+                        potential_monthly_savings = monthly_cost
                         safety_checks["safe_to_release"] = True
                     else:
                         # Unattached but has DNS references - investigate before release
                         recommendation = "investigate"
                         risk_level = "medium"
                         business_impact = "potential"
-                        potential_monthly_savings = self.elastic_ip_monthly_cost * 0.8  # Conservative estimate
+                        potential_monthly_savings = monthly_cost * 0.8  # Conservative estimate
                 elif elastic_ip.is_attached:
                     # Attached EIPs are retained (no cost for attached EIPs)
                     recommendation = "retain"

runbooks/finops/embedded_mcp_validator.py

@@ -126,6 +126,37 @@ class EmbeddedMCPValidator:
         self._finalize_validation_results(validation_results)
         return validation_results
 
+    def validate_cost_data_sync(self, runbooks_data: Dict[str, Any]) -> Dict[str, Any]:
+        """
+        Synchronous wrapper for MCP validation - for compatibility with test scripts.
+        
+        Args:
+            runbooks_data: Cost data from runbooks FinOps analysis
+            
+        Returns:
+            Validation results with accuracy metrics
+        """
+        # Use asyncio to run the async validation method
+        try:
+            loop = asyncio.get_event_loop()
+        except RuntimeError:
+            loop = asyncio.new_event_loop()
+            asyncio.set_event_loop(loop)
+            
+        try:
+            return loop.run_until_complete(self.validate_cost_data_async(runbooks_data))
+        except Exception as e:
+            print_error(f"Synchronous MCP validation failed: {e}")
+            return {
+                "validation_timestamp": datetime.now().isoformat(),
+                "profiles_validated": 0,
+                "total_accuracy": 0.0,
+                "passed_validation": False,
+                "profile_results": [],
+                "validation_method": "embedded_mcp_direct_aws_api_sync",
+                "error": str(e)
+            }
+
     def _validate_profile_sync(self, profile: str, session: boto3.Session, runbooks_data: List[Dict[str, Any]]) -> Optional[Dict[str, Any]]:
         """Synchronous wrapper for profile validation (for parallel execution)."""
         try:

runbooks/finops/enhanced_trend_visualization.py

@@ -343,8 +343,9 @@ def create_resource_based_trend_estimate(session, months: int = 6) -> List[Tuple
         current_date = datetime.now()
         trend_data = []
 
-        # Base resource cost estimation (simplified model)
-        base_monthly_cost = 850.0  # Starting baseline
+        # Base resource cost estimation (dynamic model)
+        # Calculate baseline from actual service usage patterns
+        base_monthly_cost = 0.0  # Will be calculated from actual usage data or dynamic pricing
 
         # Simulate realistic cost variations over 6 months
         # Based on typical AWS usage patterns