runbooks 0.9.9__py3-none-any.whl → 1.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. runbooks/cfat/cloud_foundations_assessment.py +626 -0
  2. runbooks/cloudops/cost_optimizer.py +95 -33
  3. runbooks/common/aws_pricing.py +388 -0
  4. runbooks/common/aws_pricing_api.py +205 -0
  5. runbooks/common/aws_utils.py +2 -2
  6. runbooks/common/comprehensive_cost_explorer_integration.py +979 -0
  7. runbooks/common/cross_account_manager.py +606 -0
  8. runbooks/common/enhanced_exception_handler.py +4 -0
  9. runbooks/common/env_utils.py +96 -0
  10. runbooks/common/mcp_integration.py +49 -2
  11. runbooks/common/organizations_client.py +579 -0
  12. runbooks/common/profile_utils.py +96 -2
  13. runbooks/finops/cost_optimizer.py +2 -1
  14. runbooks/finops/elastic_ip_optimizer.py +13 -9
  15. runbooks/finops/embedded_mcp_validator.py +31 -0
  16. runbooks/finops/enhanced_trend_visualization.py +3 -2
  17. runbooks/finops/markdown_exporter.py +217 -2
  18. runbooks/finops/nat_gateway_optimizer.py +57 -20
  19. runbooks/finops/vpc_cleanup_exporter.py +28 -26
  20. runbooks/finops/vpc_cleanup_optimizer.py +370 -16
  21. runbooks/inventory/__init__.py +10 -1
  22. runbooks/inventory/cloud_foundations_integration.py +409 -0
  23. runbooks/inventory/core/collector.py +1148 -88
  24. runbooks/inventory/discovery.md +389 -0
  25. runbooks/inventory/drift_detection_cli.py +327 -0
  26. runbooks/inventory/inventory_mcp_cli.py +171 -0
  27. runbooks/inventory/inventory_modules.py +4 -7
  28. runbooks/inventory/mcp_inventory_validator.py +2149 -0
  29. runbooks/inventory/mcp_vpc_validator.py +23 -6
  30. runbooks/inventory/organizations_discovery.py +91 -1
  31. runbooks/inventory/rich_inventory_display.py +129 -1
  32. runbooks/inventory/unified_validation_engine.py +1292 -0
  33. runbooks/inventory/verify_ec2_security_groups.py +3 -1
  34. runbooks/inventory/vpc_analyzer.py +825 -7
  35. runbooks/inventory/vpc_flow_analyzer.py +36 -42
  36. runbooks/main.py +654 -35
  37. runbooks/monitoring/performance_monitor.py +11 -7
  38. runbooks/operate/dynamodb_operations.py +6 -5
  39. runbooks/operate/ec2_operations.py +3 -2
  40. runbooks/operate/networking_cost_heatmap.py +4 -3
  41. runbooks/operate/s3_operations.py +13 -12
  42. runbooks/operate/vpc_operations.py +49 -1
  43. runbooks/remediation/base.py +1 -1
  44. runbooks/remediation/commvault_ec2_analysis.py +6 -1
  45. runbooks/remediation/ec2_unattached_ebs_volumes.py +6 -3
  46. runbooks/remediation/rds_snapshot_list.py +5 -3
  47. runbooks/validation/__init__.py +21 -1
  48. runbooks/validation/comprehensive_2way_validator.py +1996 -0
  49. runbooks/validation/mcp_validator.py +904 -94
  50. runbooks/validation/terraform_citations_validator.py +363 -0
  51. runbooks/validation/terraform_drift_detector.py +1098 -0
  52. runbooks/vpc/cleanup_wrapper.py +231 -10
  53. runbooks/vpc/config.py +310 -62
  54. runbooks/vpc/cross_account_session.py +308 -0
  55. runbooks/vpc/heatmap_engine.py +96 -29
  56. runbooks/vpc/manager_interface.py +9 -9
  57. runbooks/vpc/mcp_no_eni_validator.py +1551 -0
  58. runbooks/vpc/networking_wrapper.py +14 -8
  59. runbooks/vpc/runbooks.inventory.organizations_discovery.log +0 -0
  60. runbooks/vpc/runbooks.security.report_generator.log +0 -0
  61. runbooks/vpc/runbooks.security.run_script.log +0 -0
  62. runbooks/vpc/runbooks.security.security_export.log +0 -0
  63. runbooks/vpc/tests/test_cost_engine.py +1 -1
  64. runbooks/vpc/unified_scenarios.py +73 -3
  65. runbooks/vpc/vpc_cleanup_integration.py +512 -78
  66. {runbooks-0.9.9.dist-info → runbooks-1.0.0.dist-info}/METADATA +94 -52
  67. {runbooks-0.9.9.dist-info → runbooks-1.0.0.dist-info}/RECORD +71 -49
  68. {runbooks-0.9.9.dist-info → runbooks-1.0.0.dist-info}/WHEEL +0 -0
  69. {runbooks-0.9.9.dist-info → runbooks-1.0.0.dist-info}/entry_points.txt +0 -0
  70. {runbooks-0.9.9.dist-info → runbooks-1.0.0.dist-info}/licenses/LICENSE +0 -0
  71. {runbooks-0.9.9.dist-info → runbooks-1.0.0.dist-info}/top_level.txt +0 -0
runbooks/inventory/vpc_flow_analyzer.py CHANGED
@@ -460,13 +460,14 @@ class VPCFlowAnalyzer(BaseInventory):
460
460
 
461
461
  def _simulate_flow_log_analysis(self, flow_log: Dict[str, Any], time_range_hours: int) -> Dict[str, Any]:
462
462
  """Simulate flow log analysis with realistic data patterns."""
463
- import random
463
+ # REMOVED: import random (violates enterprise standards)
464
464
 
465
465
  flow_log_id = flow_log["FlowLogId"]
466
466
  resource_id = flow_log.get("ResourceId", "unknown")
467
467
 
468
- # Simulate traffic data based on resource type and time range
469
- base_traffic = random.randint(1000, 10000) * time_range_hours
468
+ # REMOVED: Random traffic simulation violates enterprise standards
469
+ # Use real VPC Flow Log data from CloudWatch Logs or S3
470
+ base_traffic = 5000 * time_range_hours # Deterministic baseline
470
471
 
471
472
  analysis = {
472
473
  "flow_log_id": flow_log_id,
@@ -474,46 +475,38 @@ class VPCFlowAnalyzer(BaseInventory):
474
475
  "destination_type": "cloudwatch-logs",
475
476
  "log_format": flow_log.get("LogFormat", "${version} ${account-id} ${interface-id} ${srcaddr} ${dstaddr}"),
476
477
  "traffic_summary": {
477
- "total_bytes": base_traffic * random.randint(1000, 5000),
478
- "total_packets": base_traffic * random.randint(100, 500),
479
- "unique_connections": random.randint(50, 500),
480
- "accepted_connections": random.randint(40, 450),
481
- "rejected_connections": random.randint(0, 50),
478
+ # TODO: Parse actual VPC Flow Log data from CloudWatch/S3
479
+ "total_bytes": 0, # Replace with real flow log parsing
480
+ "total_packets": 0, # Replace with real flow log parsing
481
+ "unique_connections": 0, # Replace with real connection analysis
482
+ "accepted_connections": 0, # Replace with real ACCEPT record count
483
+ "rejected_connections": 0, # Replace with real REJECT record count
482
484
  },
483
485
  "top_talkers": {
484
- "by_bytes": [
485
- {
486
- "src_addr": f"10.0.{random.randint(1, 255)}.{random.randint(1, 255)}",
487
- "dst_addr": f"10.0.{random.randint(1, 255)}.{random.randint(1, 255)}",
488
- "bytes": random.randint(100000, 1000000),
489
- "az_pair": f"us-east-1{chr(ord('a') + random.randint(0, 2))}-to-us-east-1{chr(ord('a') + random.randint(0, 2))}",
490
- }
491
- for _ in range(5)
492
- ],
493
- "by_packets": [],
494
- "by_connections": [],
486
+ # TODO: Parse actual flow log data for top traffic sources/destinations
487
+ "by_bytes": [], # Replace with real flow log analysis
488
+ "by_packets": [], # Replace with real packet analysis
489
+ "by_connections": [], # Replace with real connection analysis
495
490
  },
496
491
  "protocol_distribution": {
497
- "TCP": random.randint(60, 80),
498
- "UDP": random.randint(15, 25),
499
- "ICMP": random.randint(1, 5),
500
- "Other": random.randint(1, 10),
492
+ # TODO: Parse actual protocol distribution from flow logs
493
+ "TCP": 0, # Replace with real TCP traffic percentage
494
+ "UDP": 0, # Replace with real UDP traffic percentage
495
+ "ICMP": 0, # Replace with real ICMP traffic percentage
496
+ "Other": 0, # Replace with real other protocol percentage
501
497
  },
502
498
  "port_analysis": {
503
499
  "top_destination_ports": {
504
- "443": random.randint(20, 40),
505
- "80": random.randint(15, 30),
506
- "22": random.randint(5, 15),
507
- "3306": random.randint(5, 20),
508
- "5432": random.randint(3, 15),
500
+ # TODO: Parse actual port usage from flow logs
501
+ # Replace with real port traffic analysis
509
502
  }
510
503
  },
511
504
  "cross_az_traffic": {
512
- "total_cross_az_bytes": base_traffic * random.uniform(0.2, 0.4),
505
+ # TODO: Calculate actual cross-AZ traffic from flow logs
506
+ "total_cross_az_bytes": 0, # Replace with real cross-AZ traffic calculation
513
507
  "az_pairs": {
514
- "us-east-1a-to-us-east-1b": random.randint(100000, 500000),
515
- "us-east-1b-to-us-east-1c": random.randint(100000, 500000),
516
- "us-east-1a-to-us-east-1c": random.randint(50000, 300000),
508
+ # TODO: Parse actual AZ-to-AZ traffic patterns from flow logs
509
+ # Replace with real availability zone traffic analysis
517
510
  },
518
511
  },
519
512
  "errors": [],
@@ -614,22 +607,23 @@ class VPCFlowAnalyzer(BaseInventory):
614
607
  for i, source_az in enumerate(azs):
615
608
  for j, dest_az in enumerate(azs):
616
609
  if i != j: # Cross-AZ traffic
617
- # Simulate traffic volume
618
- import random
619
-
620
- traffic_bytes = random.randint(100000, 1000000) * time_range_hours
610
+ # REMOVED: Random traffic simulation violates enterprise standards
611
+ # TODO: Calculate actual cross-AZ traffic from VPC Flow Logs
612
+
613
+ traffic_bytes = 500000 * time_range_hours # Deterministic baseline
621
614
  az_pair = f"{source_az}-to-{dest_az}"
622
615
 
623
616
  cross_az_patterns[az_pair] = {
624
617
  "source_az": source_az,
625
618
  "destination_az": dest_az,
626
- "bytes_transferred": traffic_bytes,
627
- "gb_transferred": traffic_bytes / (1024**3),
628
- "connection_count": random.randint(10, 100),
619
+ "bytes_transferred": 0, # Replace with real flow log data
620
+ "gb_transferred": 0, # Replace with real traffic calculation
621
+ "connection_count": 0, # Replace with real connection count
629
622
  "top_protocols": {
630
- "TCP": random.randint(70, 90),
631
- "UDP": random.randint(5, 20),
632
- "Other": random.randint(1, 10),
623
+ # TODO: Parse actual protocol distribution from flow logs
624
+ "TCP": 0, # Replace with real TCP percentage
625
+ "UDP": 0, # Replace with real UDP percentage
626
+ "Other": 0, # Replace with real other protocol percentage
633
627
  },
634
628
  }
635
629