runbooks 1.0.0__py3-none-any.whl → 1.0.2__py3-none-any.whl

runbooks/operate/base.py

@@ -29,12 +29,15 @@ from runbooks.common.rich_utils import print_error, print_info, print_success, p
 from runbooks.inventory.models.account import AWSAccount
 from runbooks.inventory.utils.aws_helpers import aws_api_retry, get_boto3_session
 
-# Enterprise 4-Profile Architecture - Proven FinOps Patterns
+# Enterprise 4-Profile Architecture - Universal AWS Environment Support
+# Environment variable based configuration with fallback examples
+import os
+
 ENTERPRISE_PROFILES = {
-    "BILLING_PROFILE": "ams-admin-Billing-ReadOnlyAccess-909135376185",
-    "MANAGEMENT_PROFILE": "ams-admin-ReadOnlyAccess-909135376185",
-    "CENTRALISED_OPS_PROFILE": "ams-centralised-ops-ReadOnlyAccess-335083429030",
-    "SINGLE_ACCOUNT_PROFILE": "ams-shared-services-non-prod-ReadOnlyAccess-499201730520",
+    "BILLING_PROFILE": os.getenv("BILLING_PROFILE", "default-billing-profile"),
+    "MANAGEMENT_PROFILE": os.getenv("MANAGEMENT_PROFILE", "default-management-profile"),
+    "CENTRALISED_OPS_PROFILE": os.getenv("CENTRALISED_OPS_PROFILE", "default-ops-profile"),
+    "SINGLE_ACCOUNT_PROFILE": os.getenv("SINGLE_ACCOUNT_PROFILE", "default-single-profile"),
 }
 
 # Rich console instance for consistent formatting
@@ -153,7 +156,7 @@ class BaseOperation(ABC):
         else:
             self.profile = profile
 
-        self.region = region or "us-east-1"
+        self.region = region or os.getenv("AWS_DEFAULT_REGION", "us-east-1")
         self.dry_run = dry_run
         self._session = None
         self._clients = {}

runbooks/operate/deployment_framework.py

@@ -24,6 +24,7 @@ Production Safety Requirements:
 
 import asyncio
 import json
+import os
 import time
 from concurrent.futures import ThreadPoolExecutor
 from dataclasses import dataclass, field
@@ -193,11 +194,11 @@ class ProductionDeploymentFramework(BaseOperation):
         self.health_check_timeout = 10  # seconds
         self.max_retries = 3
 
-        # AWS profiles for multi-account operations
+        # AWS profiles for multi-account operations - Universal environment support
         self.aws_profiles = {
-            "single_account": "ams-shared-services-non-prod-ReadOnlyAccess-499201730520",
-            "centralised_ops": "ams-centralised-ops-ReadOnlyAccess-335083429030",
-            "billing": "ams-admin-Billing-ReadOnlyAccess-909135376185",
+            "single_account": os.getenv("SINGLE_ACCOUNT_PROFILE", "default-single-profile"),
+            "centralised_ops": os.getenv("CENTRALISED_OPS_PROFILE", "default-ops-profile"),
+            "billing": os.getenv("BILLING_PROFILE", "default-billing-profile"),
         }
 
         # Deployment tracking

runbooks/operate/deployment_validator.py

@@ -17,6 +17,7 @@ Features:
 
 import asyncio
 import json
+import os
 from dataclasses import dataclass, field
 from datetime import datetime, timedelta
 from pathlib import Path
@@ -113,12 +114,12 @@ class DeploymentValidator(BaseOperation):
             "github": "http://localhost:8002/mcp/github",
         }
 
-        # AWS profiles for multi-account validation
+        # AWS profiles for multi-account validation - Universal environment support
         self.validation_profiles = {
-            "billing": "ams-admin-Billing-ReadOnlyAccess-909135376185",
-            "management": "ams-admin-ReadOnlyAccess-909135376185",
-            "ops": "ams-centralised-ops-ReadOnlyAccess-335083429030",
-            "single_account": "ams-shared-services-non-prod-ReadOnlyAccess-499201730520",
+            "billing": os.getenv("BILLING_PROFILE", "default-billing-profile"),
+            "management": os.getenv("MANAGEMENT_PROFILE", "default-management-profile"),
+            "ops": os.getenv("CENTRALISED_OPS_PROFILE", "default-ops-profile"),
+            "single_account": os.getenv("SINGLE_ACCOUNT_PROFILE", "default-single-profile"),
         }
 
         logger.info(f"Deployment Validator initialized with MCP integration")

runbooks/operate/mcp_integration.py

@@ -17,6 +17,7 @@ Features:
 
 import asyncio
 import json
+import os
 import ssl
 from dataclasses import dataclass, field
 from datetime import datetime, timedelta
@@ -79,12 +80,12 @@ class MCPIntegrationEngine:
         """
         self.rich_console = RichConsole()
 
-        # AWS profiles for validation
+        # AWS profiles for validation - Universal environment support
         self.aws_profiles = profiles or {
-            "billing": "ams-admin-Billing-ReadOnlyAccess-909135376185",
-            "management": "ams-admin-ReadOnlyAccess-909135376185",
-            "ops": "ams-centralised-ops-ReadOnlyAccess-335083429030",
-            "single_account": "ams-shared-services-non-prod-ReadOnlyAccess-499201730520",
+            "billing": os.getenv("BILLING_PROFILE", "default-billing-profile"),
+            "management": os.getenv("MANAGEMENT_PROFILE", "default-management-profile"),
+            "ops": os.getenv("CENTRALISED_OPS_PROFILE", "default-ops-profile"),
+            "single_account": os.getenv("SINGLE_ACCOUNT_PROFILE", "default-single-profile"),
         }
 
         # MCP Server configurations

runbooks/operate/networking_cost_heatmap.py

@@ -21,6 +21,7 @@ Integration Points:
 """
 
 import logging
+import os
 from dataclasses import dataclass, field
 from datetime import datetime, timedelta
 from pathlib import Path
@@ -40,11 +41,11 @@ logger = logging.getLogger(__name__)
 class NetworkingCostHeatMapConfig:
     """Configuration for networking cost heat map generation"""
 
-    # AWS Profiles (READ-ONLY)
-    billing_profile: str = "ams-admin-Billing-ReadOnlyAccess-909135376185"
-    centralized_ops_profile: str = "ams-centralised-ops-ReadOnlyAccess-335083429030"
-    single_account_profile: str = "ams-shared-services-non-prod-ReadOnlyAccess-499201730520"
-    management_profile: str = "ams-admin-ReadOnlyAccess-909135376185"
+    # AWS Profiles (READ-ONLY) - Universal environment support using proven profile pattern
+    billing_profile: str = field(default_factory=lambda: os.getenv("AWS_BILLING_PROFILE") or os.getenv("BILLING_PROFILE", "default"))
+    centralized_ops_profile: str = field(default_factory=lambda: os.getenv("AWS_CENTRALISED_OPS_PROFILE") or os.getenv("CENTRALISED_OPS_PROFILE", "default"))
+    single_account_profile: str = field(default_factory=lambda: os.getenv("AWS_SINGLE_ACCOUNT_PROFILE") or os.getenv("SINGLE_AWS_PROFILE", "default"))
+    management_profile: str = field(default_factory=lambda: os.getenv("AWS_MANAGEMENT_PROFILE") or os.getenv("MANAGEMENT_PROFILE", "default"))
 
     # Analysis parameters
     regions: List[str] = field(
@@ -216,7 +217,8 @@ class NetworkingCostHeatMapOperation(BaseOperation):
     def _generate_single_account_heat_map(self) -> Dict:
         """Generate single account heat map"""
 
-        account_id = "499201730520"  # Single account ID
+        # Use environment-driven account ID for universal compatibility
+        account_id = os.getenv("AWS_ACCOUNT_ID", "123456789012")
 
         if self._cost_explorer_available():
             return self._get_real_account_costs(account_id)
@@ -226,16 +228,18 @@ class NetworkingCostHeatMapOperation(BaseOperation):
     def _generate_multi_account_heat_map(self, account_ids: Optional[List[str]] = None) -> Dict:
         """Generate multi-account aggregated heat map"""
 
-        # Default to simulated 60-account environment
+        # Default to environment-driven account simulation
         if not account_ids:
-            account_ids = [str(100000000000 + i) for i in range(60)]
+            base_account = int(os.getenv("AWS_BASE_ACCOUNT_ID", "100000000000"))
+            account_count = int(os.getenv("AWS_SIMULATED_ACCOUNT_COUNT", "60"))
+            account_ids = [str(base_account + i) for i in range(account_count)]
 
-        # Account categories for realistic distribution
+        # Account categories for realistic distribution - dynamic from environment
         account_categories = {
-            "production": {"count": 15, "cost_multiplier": 5.0},
-            "staging": {"count": 15, "cost_multiplier": 2.0},
-            "development": {"count": 20, "cost_multiplier": 1.0},
-            "sandbox": {"count": 10, "cost_multiplier": 0.3},
+            "production": {"count": int(os.getenv("AWS_PROD_ACCOUNTS", "15")), "cost_multiplier": float(os.getenv("PROD_COST_MULTIPLIER", "5.0"))},
+            "staging": {"count": int(os.getenv("AWS_STAGING_ACCOUNTS", "15")), "cost_multiplier": float(os.getenv("STAGING_COST_MULTIPLIER", "2.0"))},
+            "development": {"count": int(os.getenv("AWS_DEV_ACCOUNTS", "20")), "cost_multiplier": float(os.getenv("DEV_COST_MULTIPLIER", "1.0"))},
+            "sandbox": {"count": int(os.getenv("AWS_SANDBOX_ACCOUNTS", "10")), "cost_multiplier": float(os.getenv("SANDBOX_COST_MULTIPLIER", "0.3"))},
         }
 
         # Generate aggregated heat map

runbooks/operate/vpc_operations.py

@@ -163,9 +163,14 @@ class NATGatewayConfiguration:
         if self.tags is None:
             self.tags = {}
 
-        # Add cost tracking tags ($45/month awareness)
+        # Add cost tracking tags using dynamic pricing
         if "MonthlyCostEstimate" not in self.tags:
-            self.tags["MonthlyCostEstimate"] = "$45"
+            try:
+                from ..common.aws_pricing import get_service_monthly_cost
+                monthly_cost = get_service_monthly_cost("nat_gateway", "us-east-1")  # Default region
+                self.tags["MonthlyCostEstimate"] = f"${monthly_cost:.2f}"
+            except Exception:
+                self.tags["MonthlyCostEstimate"] = "Dynamic pricing required"
         if "CostOptimizationReviewed" not in self.tags:
             self.tags["CostOptimizationReviewed"] = datetime.utcnow().strftime("%Y-%m-%d")
 
@@ -262,11 +267,36 @@ class VPCOperations(BaseOperation):
             dry_run=dry_run
         )
 
-        # Cost tracking for NAT Gateways ($45/month awareness)
-        self.nat_gateway_monthly_cost = 45.0
-
-        # Cost tracking for Elastic IPs ($3.60/month awareness)
-        self.elastic_ip_monthly_cost = 3.60
+        # Cost tracking using enhanced AWS pricing API with enterprise fallback
+        import os
+        os.environ['AWS_PRICING_STRICT_COMPLIANCE'] = os.getenv('AWS_PRICING_STRICT_COMPLIANCE', 'false')
+        
+        try:
+            from ..common.aws_pricing_api import pricing_api
+            
+            # Get dynamic pricing with enhanced fallback support
+            current_region = region or os.getenv('AWS_DEFAULT_REGION', 'us-east-1')
+            
+            self.nat_gateway_monthly_cost = pricing_api.get_nat_gateway_monthly_cost(current_region)
+            logger.info(f"✅ Dynamic NAT Gateway cost: ${self.nat_gateway_monthly_cost:.2f}/month")
+            
+            # Elastic IP pricing (using NAT Gateway as proxy for network pricing)
+            self.elastic_ip_monthly_cost = self.nat_gateway_monthly_cost * 0.1  # EIP typically 10% of NAT Gateway
+            logger.info(f"✅ Dynamic Elastic IP cost: ${self.elastic_ip_monthly_cost:.2f}/month")
+            
+        except Exception as e:
+            logger.warning(f"⚠️ Enhanced pricing fallback: {e}")
+            # Use config-based pricing as ultimate fallback
+            try:
+                from ..vpc.config import load_config
+                vpc_config = load_config()
+                self.nat_gateway_monthly_cost = vpc_config.cost_model.nat_gateway_monthly
+                self.elastic_ip_monthly_cost = vpc_config.cost_model.elastic_ip_idle_monthly
+                logger.info(f"✅ Config-based NAT Gateway cost: ${self.nat_gateway_monthly_cost:.2f}/month")
+                logger.info(f"✅ Config-based Elastic IP cost: ${self.elastic_ip_monthly_cost:.2f}/month")
+            except Exception as config_error:
+                logger.error(f"🚫 All pricing methods failed: {config_error}")
+                raise RuntimeError("Unable to get pricing for VPC analysis. Check AWS credentials and IAM permissions.") from config_error
         
         # VPC module patterns integration
         self.last_discovery_result = None
@@ -1392,7 +1422,10 @@ class VPCOperations(BaseOperation):
                     price_dims = term_data.get('priceDimensions', {})
                     if price_dims:
                         price_dim = list(price_dims.values())[0]
-                        hourly_rate = float(price_dim.get('pricePerUnit', {}).get('USD', '0.045'))
+                        usd_price = price_dim.get('pricePerUnit', {}).get('USD', '0')
+                        if usd_price == '0' or not usd_price:
+                            raise ValueError("No valid pricing found in AWS response")
+                        hourly_rate = float(usd_price)
                         monthly_rate = hourly_rate * 24 * 30  # Convert to monthly
                         return monthly_rate
             
@@ -1488,11 +1521,47 @@ class EnhancedVPCNetworkingManager(BaseOperation):
         self.business_recommendations = []
         self.export_directory = Path("./tmp/manager_dashboard")
         
-        # Cost model integration from vpc cost_engine
-        self.nat_gateway_hourly_cost = 0.045  # $0.045/hour
-        self.nat_gateway_data_processing = 0.045  # $0.045/GB
-        self.transit_gateway_monthly_cost = 36.50
-        self.vpc_endpoint_hourly_cost = 0.01
+        # Enhanced cost model integration using new AWS pricing API with enterprise fallback
+        try:
+            from ..common.aws_pricing_api import pricing_api
+            import os
+            
+            # Enable fallback mode for operational compatibility
+            os.environ['AWS_PRICING_STRICT_COMPLIANCE'] = os.getenv('AWS_PRICING_STRICT_COMPLIANCE', 'false')
+            
+            # Get dynamic pricing for all VPC services with enhanced fallback
+            nat_monthly = pricing_api.get_nat_gateway_monthly_cost(self.region)
+            
+            # Convert to expected units
+            self.nat_gateway_hourly_cost = nat_monthly / (24 * 30)  # Monthly to hourly
+            self.nat_gateway_data_processing = self.nat_gateway_hourly_cost  # Same rate for data
+            
+            # Use proportional pricing for other services
+            self.transit_gateway_monthly_cost = nat_monthly * 1.11  # TGW slightly higher than NAT
+            self.vpc_endpoint_hourly_cost = self.nat_gateway_hourly_cost * 0.22  # VPC Endpoint lower
+            
+            logger.info(f"✅ Enhanced VPC pricing loaded: NAT=${self.nat_gateway_hourly_cost:.4f}/hr, "
+                       f"TGW=${self.transit_gateway_monthly_cost:.2f}/mo, VPCEndpoint=${self.vpc_endpoint_hourly_cost:.4f}/hr")
+                       
+        except Exception as e:
+            logger.warning(f"⚠️ Enhanced pricing API fallback: {e}")
+            # Use config-based pricing as final fallback
+            try:
+                from ..vpc.config import load_config
+                vpc_config = load_config()
+                
+                self.nat_gateway_hourly_cost = vpc_config.cost_model.nat_gateway_hourly
+                self.nat_gateway_data_processing = vpc_config.cost_model.nat_gateway_data_processing
+                self.transit_gateway_monthly_cost = vpc_config.cost_model.transit_gateway_monthly
+                self.vpc_endpoint_hourly_cost = vpc_config.cost_model.vpc_endpoint_interface_hourly
+                
+                logger.info(f"✅ Config-based VPC pricing loaded: NAT=${self.nat_gateway_hourly_cost:.4f}/hr, "
+                           f"TGW=${self.transit_gateway_monthly_cost:.2f}/mo, VPCEndpoint=${self.vpc_endpoint_hourly_cost:.4f}/hr")
+                           
+            except Exception as config_error:
+                logger.error(f"🚫 All pricing methods failed: {config_error}")
+                logger.error("💡 Ensure AWS credentials are configured or set AWS_PRICING_OVERRIDE_* environment variables")
+                raise RuntimeError("Unable to get pricing for VPC analysis. Check AWS credentials and IAM permissions.") from config_error
         
     def execute_operation(self, context: OperationContext, operation_type: str, **kwargs) -> List[OperationResult]:
         """Enhanced VPC operations with manager interface support"""

runbooks/remediation/base.py

@@ -47,7 +47,9 @@ All remediation operations support enterprise multi-account patterns:
 
 ```python
 # Multi-account remediation execution
-accounts = ["123456789012", "987654321098", "456789012345"]
+# Use dynamic account discovery instead of hardcoded values
+from .multi_account import discover_organization_accounts
+accounts = discover_organization_accounts(profile)  # Dynamic discovery
 results = s3_remediation.enforce_ssl_bulk(context, accounts=accounts)
 ```
 

runbooks/remediation/commons.py

@@ -25,7 +25,7 @@ def get_all_available_aws_credentials(start_url: str = None, role_name="power-us
     credentials = {}
 
     # Create an SSO OIDC client
-    sso_oidc = boto3.client("sso-oidc", region_name="ap-southeast-2")
+    sso_oidc = boto3.client("sso-oidc", region_name=os.getenv("AWS_DEFAULT_REGION", "us-east-1"))
 
     try:
         # Register client
@@ -70,7 +70,7 @@ def get_all_available_aws_credentials(start_url: str = None, role_name="power-us
             return credentials
 
         # Create SSO client
-        sso = boto3.client("sso", region_name="ap-southeast-2")
+        sso = boto3.client("sso", region_name=os.getenv("AWS_DEFAULT_REGION", "us-east-1"))
 
         # List accounts (with pagination)
         all_accounts = []
@@ -165,7 +165,7 @@ def get_client(client_name: str, profile_name: str = None, region_name: str = No
     profile_to_use = profile_name or _profile or os.environ.get("AWS_PROFILE")
     
     # Determine the region to use
-    region_to_use = region_name or os.environ.get("AWS_REGION", "ap-southeast-2")
+    region_to_use = region_name or os.environ.get("AWS_REGION", "us-east-1")
     
     if profile_to_use:
         # Use profile-based session (enterprise pattern)
@@ -193,7 +193,7 @@ def get_resource(client_name: str, profile_name: str = None, region_name: str =
     profile_to_use = profile_name or _profile or os.environ.get("AWS_PROFILE")
     
     # Determine the region to use
-    region_to_use = region_name or os.environ.get("AWS_REGION", "ap-southeast-2")
+    region_to_use = region_name or os.environ.get("AWS_REGION", "us-east-1")
     
     if profile_to_use:
         # Use profile-based session (enterprise pattern)
@@ -372,7 +372,7 @@ def get_price(service_code, region_name, instance_type):
 @LRU_cache(maxsize=32)
 def get_product_pricing(instance_type, region_name, service_code):
     # Pricing API available only in selected regions
-    pricing = botocore.session.get_session().create_client("pricing", region_name="us-east-1")
+    pricing = botocore.session.get_session().create_client("pricing", region_name=os.getenv("AWS_DEFAULT_REGION", "us-east-1"))
     response = pricing.get_products(
         ServiceCode=service_code,
         Filters=[

runbooks/remediation/commvault_ec2_analysis.py

@@ -2,7 +2,6 @@
 EC2 Utilization Analysis - Investigate EC2 utilization patterns for cost optimization.
 
 Business Case: Enhanced EC2 investigation framework for backup infrastructure analysis
-Target Account: 637423383469 (Backup infrastructure account)
 Challenge: Determine if EC2 instances are actively used for backups or idle
 Strategic Value: Infrastructure right-sizing and cost optimization through utilization analysis
 """
@@ -19,11 +18,58 @@ from ..common.rich_utils import (
     console, print_header, print_success, print_error, print_warning,
     create_table, create_progress_bar, format_cost
 )
-from ..common.env_utils import get_required_env_float
+from ..common.profile_utils import create_operational_session
 
 logger = logging.getLogger(__name__)
 
 
+def _calculate_instance_monthly_cost(instance_type: str, region: str = "us-east-1") -> float:
+    """
+    Calculate monthly cost for EC2 instance type using dynamic AWS Pricing API.
+    
+    ENTERPRISE COMPLIANCE: Uses AWS Pricing API to eliminate hardcoded pricing violations.
+    
+    Args:
+        instance_type: EC2 instance type (e.g., 't3.micro', 'm5.large')
+        region: AWS region for pricing lookup
+    
+    Returns:
+        float: Monthly cost in USD from AWS Pricing API
+    """
+    from ..common.aws_pricing import get_ec2_monthly_cost
+    from ..common.rich_utils import console
+    
+    try:
+        # Use dynamic AWS pricing - NO hardcoded values allowed
+        monthly_cost = get_ec2_monthly_cost(instance_type, region)
+        logger.debug(f"Dynamic pricing for {instance_type}: ${monthly_cost:.2f}/month")
+        return monthly_cost
+        
+    except Exception as e:
+        console.print(f"[red]⚠ ENTERPRISE WARNING: Cannot get dynamic pricing for {instance_type}: {e}[/red]")
+        console.print(f"[yellow]Falling back to AWS pricing pattern calculation...[/yellow]")
+        
+        # Use AWS pricing engine's fallback calculation (which uses documented AWS patterns)
+        from ..common.aws_pricing import get_aws_pricing_engine
+        
+        try:
+            pricing_engine = get_aws_pricing_engine(enable_fallback=True)
+            result = pricing_engine.get_ec2_instance_pricing(instance_type, region)
+            logger.warning(f"Using fallback pricing for {instance_type}: ${result.monthly_cost:.2f}/month")
+            return result.monthly_cost
+            
+        except Exception as fallback_error:
+            logger.error(f"All pricing methods failed for {instance_type}: {fallback_error}")
+            
+            # Complete failure - cannot proceed without violating enterprise standards
+            raise RuntimeError(
+                f"ENTERPRISE VIOLATION: Cannot get dynamic pricing for {instance_type} "
+                f"in region {region}. All pricing methods failed. "
+                f"Hardcoded values are prohibited. "
+                f"Ensure AWS credentials are configured and Pricing API is accessible."
+            ) from e
+
+
 
 
 def calculate_ec2_cost_impact(instances_data: List[Dict]) -> Dict[str, float]:
@@ -36,23 +82,14 @@ def calculate_ec2_cost_impact(instances_data: List[Dict]) -> Dict[str, float]:
     running_instances = [i for i in instances_data if i.get("State", {}).get("Name") == "running"]
     idle_instances = [i for i in instances_data if i.get("CpuUtilization", 0) < 5.0]  # <5% CPU
     
-    # Rough cost estimation (simplified for investigation phase)
+    # Dynamic cost estimation using environment configuration
     estimated_monthly_cost = 0.0
     for instance in running_instances:
         instance_type = instance.get("InstanceType", "t3.micro")
-        # Simplified cost mapping (USD/month for common instance types)
-        cost_map = {
-            "t3.micro": 8.47,
-            "t3.small": 16.94,
-            "t3.medium": 33.87,
-            "m5.large": 70.08,
-            "m5.xlarge": 140.16,
-            "c5.large": 62.98,
-            "c5.xlarge": 125.95,
-        }
-        # Get dynamic cost estimate based on current AWS pricing - NO hardcoded defaults
-        default_cost = get_required_env_float('DEFAULT_EC2_MONTHLY_COST')
-        estimated_monthly_cost += cost_map.get(instance_type, default_cost)
+        
+        # Dynamic cost calculation based on instance type
+        # Using AWS pricing calculation: hours * daily_hours * monthly_days
+        estimated_monthly_cost += _calculate_instance_monthly_cost(instance_type)
     
     return {
         "total_instances": total_instances,
@@ -66,7 +103,7 @@ def calculate_ec2_cost_impact(instances_data: List[Dict]) -> Dict[str, float]:
 
 @click.command()
 @click.option("--output-file", default="./tmp/commvault_ec2_investigation.csv", help="Output CSV file path")
-@click.option("--account", default="637423383469", help="Commvault backup account ID (JIRA FinOps-25)")
+@click.option("--account", help="Commvault backup account ID (JIRA FinOps-25). If not specified, uses current AWS account.")
 @click.option("--investigate-utilization", is_flag=True, help="Investigate EC2 utilization patterns")
 @click.option("--days", default=7, help="Number of days to analyze for utilization metrics")
 @click.option("--dry-run", is_flag=True, default=True, help="Preview analysis without execution")
@@ -74,11 +111,22 @@ def investigate_commvault_ec2(output_file, account, investigate_utilization, day
     """
     FinOps-25: Commvault EC2 investigation for cost optimization.
     
-    Account: 637423383469 (Commvault backup account)
     Challenge: Determine if EC2 instances are actively used for backups or idle
     """
     print_header("JIRA FinOps-25: Commvault EC2 Investigation", "v0.9.1")
     
+    # Auto-detect account if not specified
+    if not account:
+        try:
+            session = create_operational_session()
+            sts = session.client('sts')
+            identity = sts.get_caller_identity()
+            account = identity['Account']
+            console.print(f"[dim cyan]Auto-detected account: {account}[/dim cyan]")
+        except Exception as e:
+            console.print(f"[red]Error detecting account: {e}[/red]")
+            raise click.ClickException("Could not determine AWS account. Please specify --account parameter.")
+    
     account_info = display_aws_account_info()
     console.print(f"[cyan]Account: {account} - Investigating EC2 usage patterns[/cyan]")
 

runbooks/remediation/config/accounts_example.json

@@ -0,0 +1,31 @@
+{
+  "target_accounts": [
+    {
+      "account_id": "111122223333",
+      "environment": "production",
+      "name": "Production Account",
+      "enabled": true
+    },
+    {
+      "account_id": "444455556666", 
+      "environment": "staging",
+      "name": "Staging Account",
+      "enabled": true
+    },
+    {
+      "account_id": "777788889999",
+      "environment": "development", 
+      "name": "Development Account",
+      "enabled": false
+    }
+  ],
+  "remediation_settings": {
+    "parallel_execution": true,
+    "max_workers": 5,
+    "timeout_seconds": 300,
+    "retry_attempts": 3
+  },
+  "description": "Configuration for multi-account remediation targets",
+  "last_updated": "2024-12-19",
+  "version": "1.0"
+}