PyPI - runbooks - Versions diffs - 1.1.2__py3-none-any.whl → 1.1.4__py3-none-any.whl - Mend

runbooks 1.1.2py3-none-any.whl → 1.1.4py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (94) hide show

runbooks/__init__.py +1 -1
runbooks/cfat/WEIGHT_CONFIG_README.md +1 -1
runbooks/cfat/assessment/compliance.py +7 -7
runbooks/cfat/models.py +6 -2
runbooks/cfat/tests/__init__.py +6 -1
runbooks/cli/__init__.py +13 -0
runbooks/cli/commands/cfat.py +233 -0
runbooks/cli/commands/finops.py +213 -0
runbooks/cli/commands/inventory.py +276 -0
runbooks/cli/commands/operate.py +266 -0
runbooks/cli/commands/security.py +224 -0
runbooks/cli/commands/validation.py +411 -0
runbooks/cli/commands/vpc.py +246 -0
runbooks/cli/registry.py +95 -0
runbooks/cloudops/__init__.py +3 -3
runbooks/cloudops/cost_optimizer.py +164 -28
runbooks/cloudops/interfaces.py +2 -2
runbooks/cloudops/mcp_cost_validation.py +3 -3
runbooks/cloudops/notebook_framework.py +2 -2
runbooks/common/aws_profile_manager.py +337 -0
runbooks/common/aws_utils.py +1 -1
runbooks/common/business_logic.py +3 -3
runbooks/common/comprehensive_cost_explorer_integration.py +1 -1
runbooks/common/cross_account_manager.py +1 -1
runbooks/common/decorators.py +225 -0
runbooks/common/mcp_cost_explorer_integration.py +2 -2
runbooks/common/organizations_client.py +1 -1
runbooks/common/patterns.py +206 -0
runbooks/common/profile_utils.py +149 -14
runbooks/common/rich_utils.py +507 -16
runbooks/finops/README.md +11 -11
runbooks/finops/__init__.py +4 -4
runbooks/finops/business_cases.py +3 -3
runbooks/finops/cli.py +169 -103
runbooks/finops/cost_optimizer.py +4 -4
runbooks/finops/dashboard_router.py +2 -2
runbooks/finops/ebs_cost_optimizer.py +4 -4
runbooks/finops/ebs_optimizer.py +19 -2
runbooks/finops/embedded_mcp_validator.py +101 -23
runbooks/finops/enhanced_progress.py +8 -8
runbooks/finops/enterprise_wrappers.py +7 -7
runbooks/finops/finops_scenarios.py +101 -27
runbooks/finops/legacy_migration.py +8 -8
runbooks/finops/markdown_exporter.py +2 -2
runbooks/finops/multi_dashboard.py +1 -1
runbooks/finops/nat_gateway_optimizer.py +1 -1
runbooks/finops/optimizer.py +6 -6
runbooks/finops/rds_snapshot_optimizer.py +1389 -0
runbooks/finops/scenario_cli_integration.py +13 -13
runbooks/finops/scenarios.py +16 -16
runbooks/finops/single_dashboard.py +10 -10
runbooks/finops/tests/test_finops_dashboard.py +3 -3
runbooks/finops/tests/test_reference_images_validation.py +2 -2
runbooks/finops/tests/test_single_account_features.py +17 -17
runbooks/finops/tests/validate_test_suite.py +1 -1
runbooks/finops/validation_framework.py +5 -5
runbooks/finops/vpc_cleanup_exporter.py +3 -3
runbooks/finops/vpc_cleanup_optimizer.py +3 -3
runbooks/finops/workspaces_analyzer.py +31 -13
runbooks/hitl/enhanced_workflow_engine.py +1 -1
runbooks/inventory/README.md +3 -3
runbooks/inventory/Tests/common_test_data.py +30 -30
runbooks/inventory/collectors/aws_comprehensive.py +28 -11
runbooks/inventory/collectors/aws_networking.py +2 -2
runbooks/inventory/discovery.md +2 -2
runbooks/inventory/find_ec2_security_groups.py +1 -1
runbooks/inventory/list_rds_snapshots_aggregator.py +745 -0
runbooks/inventory/organizations_discovery.py +1 -1
runbooks/inventory/vpc_analyzer.py +1 -1
runbooks/inventory/vpc_flow_analyzer.py +2 -2
runbooks/main.py +143 -8882
runbooks/metrics/dora_metrics_engine.py +2 -2
runbooks/operate/mcp_integration.py +1 -1
runbooks/operate/networking_cost_heatmap.py +4 -2
runbooks/operate/privatelink_operations.py +1 -1
runbooks/operate/vpc_endpoints.py +1 -1
runbooks/operate/vpc_operations.py +2 -2
runbooks/remediation/commvault_ec2_analysis.py +1 -1
runbooks/remediation/rds_snapshot_list.py +5 -5
runbooks/remediation/workspaces_list.py +5 -5
runbooks/security/integration_test_enterprise_security.py +5 -3
runbooks/security/run_script.py +1 -1
runbooks/sre/mcp_reliability_engine.py +6 -6
runbooks/utils/version_validator.py +1 -1
runbooks/validation/comprehensive_2way_validator.py +9 -4
runbooks/vpc/heatmap_engine.py +7 -4
runbooks/vpc/mcp_no_eni_validator.py +1 -1
runbooks/vpc/unified_scenarios.py +7 -7
{runbooks-1.1.2.dist-info → runbooks-1.1.4.dist-info}/METADATA +53 -52
{runbooks-1.1.2.dist-info → runbooks-1.1.4.dist-info}/RECORD +94 -80
{runbooks-1.1.2.dist-info → runbooks-1.1.4.dist-info}/WHEEL +0 -0
{runbooks-1.1.2.dist-info → runbooks-1.1.4.dist-info}/entry_points.txt +0 -0
{runbooks-1.1.2.dist-info → runbooks-1.1.4.dist-info}/licenses/LICENSE +0 -0
{runbooks-1.1.2.dist-info → runbooks-1.1.4.dist-info}/top_level.txt +0 -0

runbooks/cli/commands/security.py ADDED Viewed

@@ -0,0 +1,224 @@
+"""
+Security Commands Module - Security Assessment & Compliance
+KISS Principle: Focused on security assessment and compliance operations
+DRY Principle: Centralized security patterns and compliance frameworks
+Extracted from main.py lines 4500-6000 for modular architecture.
+Preserves 100% functionality while reducing main.py context overhead.
+"""
+import click
+from rich.console import Console
+# Import common utilities and decorators
+from runbooks.common.decorators import common_aws_options, common_output_options
+console = Console()
+def create_security_group():
+    """
+    Create the security command group with all subcommands.
+    Returns:
+        Click Group object with all security commands
+    Performance: Lazy creation only when needed by DRYCommandRegistry
+    Context Reduction: ~1500 lines extracted from main.py
+    """
+    @click.group(invoke_without_command=True)
+    @common_aws_options
+    @click.pass_context
+    def security(ctx, profile, region, dry_run):
+        """
+        Security assessment and compliance operations.
+        Comprehensive security baseline assessment with multi-framework compliance
+        and enterprise-grade reporting capabilities.
+        Compliance Frameworks:
+        • SOC2, PCI-DSS, HIPAA, ISO 27001
+        • AWS Well-Architected Security Pillar
+        • NIST Cybersecurity Framework
+        • CIS Benchmarks
+        Examples:
+            runbooks security assess --framework soc2
+            runbooks security baseline --all-checks
+            runbooks security report --format pdf --compliance hipaa
+        """
+        ctx.obj.update({"profile": profile, "region": region, "dry_run": dry_run})
+        if ctx.invoked_subcommand is None:
+            click.echo(ctx.get_help())
+    @security.command()
+    @common_aws_options
+    @click.option("--framework", type=click.Choice(['soc2', 'pci-dss', 'hipaa', 'iso27001', 'well-architected']),
+                  multiple=True, help="Compliance frameworks to assess")
+    @click.option("--all-checks", is_flag=True, help="Run all available security checks")
+    @click.option("--severity", type=click.Choice(['critical', 'high', 'medium', 'low']),
+                  help="Filter by minimum severity level")
+    @click.option("--export-format", type=click.Choice(['json', 'csv', 'pdf', 'markdown']),
+                  help="Export format for results")
+    @click.option("--language", type=click.Choice(['en', 'ja', 'ko', 'vi']), default='en',
+                  help="Report language (English, Japanese, Korean, Vietnamese)")
+    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account security assessment")
+    @click.pass_context
+    def assess(ctx, profile, region, dry_run, framework, all_checks, severity, export_format, language, all):
+        """
+        Comprehensive security assessment with multi-framework compliance and universal profile support.
+        Enterprise Features:
+        • 15+ security checks across multiple frameworks
+        • Multi-language reporting (EN/JP/KR/VN)
+        • Risk scoring and prioritization
+        • Remediation recommendations with business impact
+        • Multi-account security assessment with --all flag
+        Examples:
+            runbooks security assess --framework soc2,pci-dss
+            runbooks security assess --all-checks --export-format pdf
+            runbooks security assess --severity critical --language ja
+            runbooks security assess --all --framework soc2  # Multi-account assessment
+        """
+        try:
+            from runbooks.security.assessment_runner import SecurityAssessmentRunner
+            from runbooks.common.profile_utils import get_profile_for_operation
+            # Use ProfileManager for dynamic profile resolution
+            resolved_profile = get_profile_for_operation("operational", profile)
+            assessment = SecurityAssessmentRunner(
+                profile=resolved_profile,
+                region=region,
+                frameworks=list(framework) if framework else None,
+                all_checks=all_checks,
+                severity_filter=severity,
+                language=language
+            )
+            results = assessment.run_comprehensive_assessment()
+            if export_format:
+                assessment.export_results(results, format=export_format)
+            return results
+        except ImportError as e:
+            console.print(f"[red]❌ Security assessment module not available: {e}[/red]")
+            raise click.ClickException("Security assessment functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ Security assessment failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    @security.command()
+    @common_aws_options
+    @click.option("--check-type", type=click.Choice(['baseline', 'advanced', 'enterprise']),
+                  default='baseline', help="Security check depth level")
+    @click.option("--include-remediation", is_flag=True, help="Include remediation recommendations")
+    @click.option("--auto-fix", is_flag=True, help="Automatically fix low-risk issues (with approval)")
+    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account baseline assessment")
+    @click.pass_context
+    def baseline(ctx, profile, region, dry_run, check_type, include_remediation, auto_fix, all):
+        """
+        Security baseline assessment and configuration validation with universal profile support.
+        Baseline Security Checks:
+        • IAM policy analysis and least privilege validation
+        • S3 bucket public access and encryption assessment
+        • VPC security group and NACL configuration review
+        • CloudTrail and logging configuration verification
+        • Encryption at rest and in transit validation
+        Examples:
+            runbooks security baseline --check-type enterprise
+            runbooks security baseline --include-remediation --auto-fix
+            runbooks security baseline --all --check-type enterprise  # Multi-account assessment
+        """
+        try:
+            from runbooks.security.baseline_checker import SecurityBaselineChecker
+            from runbooks.common.profile_utils import get_profile_for_operation
+            # Use ProfileManager for dynamic profile resolution
+            resolved_profile = get_profile_for_operation("operational", profile)
+            baseline_checker = SecurityBaselineChecker(
+                profile=resolved_profile,
+                region=region,
+                check_type=check_type,
+                include_remediation=include_remediation,
+                auto_fix=auto_fix and not dry_run
+            )
+            baseline_results = baseline_checker.run_baseline_assessment()
+            return baseline_results
+        except ImportError as e:
+            console.print(f"[red]❌ Security baseline module not available: {e}[/red]")
+            raise click.ClickException("Security baseline functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ Security baseline assessment failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    @security.command()
+    @common_aws_options
+    @click.option("--format", "report_format", type=click.Choice(['pdf', 'html', 'markdown', 'json']),
+                  multiple=True, default=['pdf'], help="Report formats")
+    @click.option("--compliance", type=click.Choice(['soc2', 'pci-dss', 'hipaa', 'iso27001']),
+                  multiple=True, help="Include compliance mapping")
+    @click.option("--executive-summary", is_flag=True, help="Generate executive summary")
+    @click.option("--output-dir", default="./security_reports", help="Output directory")
+    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account security reporting")
+    @click.pass_context
+    def report(ctx, profile, region, dry_run, report_format, compliance, executive_summary, output_dir, all):
+        """
+        Generate comprehensive security compliance reports with universal profile support.
+        Enterprise Reporting Features:
+        • Executive-ready summary with risk quantification
+        • Compliance framework mapping and gap analysis
+        • Multi-language support for global enterprises
+        • Audit trail documentation and evidence collection
+        • Multi-account security reporting with --all flag
+        Examples:
+            runbooks security report --format pdf,html --executive-summary
+            runbooks security report --compliance soc2,hipaa --output-dir ./audit
+            runbooks security report --all --compliance soc2  # Multi-account reporting
+        """
+        try:
+            from runbooks.security.report_generator import SecurityReportGenerator
+            from runbooks.common.profile_utils import get_profile_for_operation
+            # Use ProfileManager for dynamic profile resolution
+            resolved_profile = get_profile_for_operation("operational", profile)
+            report_generator = SecurityReportGenerator(
+                profile=resolved_profile,
+                output_dir=output_dir,
+                compliance_frameworks=list(compliance) if compliance else None,
+                executive_summary=executive_summary
+            )
+            report_results = {}
+            for format_type in report_format:
+                result = report_generator.generate_report(format=format_type)
+                report_results[format_type] = result
+            console.print(f"[green]✅ Successfully generated {len(report_format)} report format(s)[/green]")
+            console.print(f"[dim]Output directory: {output_dir}[/dim]")
+            return report_results
+        except ImportError as e:
+            console.print(f"[red]❌ Security report module not available: {e}[/red]")
+            raise click.ClickException("Security report functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ Security report generation failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    return security

runbooks/cli/commands/validation.py ADDED Viewed

@@ -0,0 +1,411 @@
+"""
+Validation Commands Module - MCP Validation & Testing Framework
+KISS Principle: Focused on validation and testing operations
+DRY Principle: Centralized validation patterns and enterprise accuracy standards
+Context: Provides CLI interface for comprehensive MCP validation framework
+with enterprise-grade accuracy targets and universal profile support.
+"""
+import click
+from rich.console import Console
+# Import common utilities and decorators
+from runbooks.common.decorators import common_aws_options
+console = Console()
+def create_validation_group():
+    """
+    Create the validation command group with all subcommands.
+    Returns:
+        Click Group object with all validation commands
+    Performance: Lazy creation only when needed by DRYCommandRegistry
+    Context Reduction: Enterprise validation framework with universal profile support
+    """
+    @click.group(invoke_without_command=True)
+    @common_aws_options
+    @click.pass_context
+    def validation(ctx, profile, region, dry_run):
+        """
+        MCP validation and testing framework for enterprise accuracy standards.
+        Comprehensive validation framework ensuring ≥99.5% accuracy across all
+        AWS operations with enterprise-grade performance and reliability testing.
+        Validation Operations:
+        • Cost Explorer data accuracy validation
+        • Organizations API consistency checking
+        • Resource inventory validation across 50+ AWS services
+        • Security baseline compliance verification
+        • Performance benchmarking with <30s targets
+        Examples:
+            runbooks validation validate-all --profile billing-profile
+            runbooks validation costs --tolerance 2.0
+            runbooks validation benchmark --iterations 10
+        """
+        ctx.obj.update({"profile": profile, "region": region, "dry_run": dry_run})
+        if ctx.invoked_subcommand is None:
+            click.echo(ctx.get_help())
+    @validation.command("validate-all")
+    @common_aws_options
+    @click.option("--tolerance", default=5.0, help="Tolerance percentage for variance detection")
+    @click.option("--performance-target", default=30.0, help="Performance target in seconds")
+    @click.option("--save-report", is_flag=True, help="Save detailed report to artifacts")
+    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account validation")
+    @click.pass_context
+    def validate_all(ctx, profile, region, dry_run, tolerance, performance_target, save_report, all):
+        """
+        Run comprehensive validation across all critical operations with universal profile support.
+        Enterprise Validation Features:
+        • ≥99.5% accuracy target across all operations
+        • Performance benchmarking with <30s targets
+        • Multi-account validation with --all flag
+        • Comprehensive reporting with variance analysis
+        • Real-time progress monitoring with Rich UI
+        Examples:
+            runbooks validation validate-all --tolerance 2.0
+            runbooks validation validate-all --performance-target 20
+            runbooks validation validate-all --all --save-report  # Multi-account validation
+        """
+        try:
+            from runbooks.validation.mcp_validator import MCPValidator
+            from runbooks.common.profile_utils import get_profile_for_operation
+            import asyncio
+            console.print("[bold blue]🔍 Starting comprehensive MCP validation[/bold blue]")
+            console.print(f"Target Accuracy: ≥99.5% | Tolerance: ±{tolerance}% | Performance: <{performance_target}s")
+            # Use ProfileManager for dynamic profile resolution
+            resolved_profile = get_profile_for_operation("operational", profile)
+            # Initialize validator with resolved profile
+            profiles = None
+            if resolved_profile:
+                profiles = {
+                    "billing": resolved_profile,
+                    "management": resolved_profile,
+                    "centralised_ops": resolved_profile,
+                    "single_aws": resolved_profile
+                }
+            validator = MCPValidator(
+                profiles=profiles,
+                tolerance_percentage=tolerance,
+                performance_target_seconds=performance_target
+            )
+            # Run comprehensive validation
+            report = asyncio.run(validator.validate_all_operations())
+            # Display results
+            validator.display_validation_report(report)
+            # Save report if requested
+            if save_report:
+                validator.save_validation_report(report)
+            # Return results for further processing
+            return report
+        except ImportError as e:
+            console.print(f"[red]❌ Validation framework not available: {e}[/red]")
+            raise click.ClickException("Validation functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ Validation failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    @validation.command()
+    @common_aws_options
+    @click.option("--tolerance", default=5.0, help="Cost variance tolerance percentage")
+    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account cost validation")
+    @click.pass_context
+    def costs(ctx, profile, region, dry_run, tolerance, all):
+        """
+        Validate Cost Explorer data accuracy with universal profile support.
+        Cost Validation Features:
+        • Real-time cost data accuracy verification
+        • Variance analysis with configurable tolerance
+        • Multi-account cost validation with --all flag
+        • Performance benchmarking for cost operations
+        Examples:
+            runbooks validation costs --tolerance 2.0
+            runbooks validation costs --profile billing-profile
+            runbooks validation costs --all --tolerance 1.0  # Multi-account validation
+        """
+        try:
+            from runbooks.validation.mcp_validator import MCPValidator
+            from runbooks.common.profile_utils import get_profile_for_operation
+            import asyncio
+            console.print(f"[bold cyan]💰 Validating Cost Explorer data accuracy[/bold cyan]")
+            # Use ProfileManager for dynamic profile resolution (billing operation)
+            resolved_profile = get_profile_for_operation("billing", profile)
+            validator = MCPValidator(
+                profiles={"billing": resolved_profile},
+                tolerance_percentage=tolerance
+            )
+            result = asyncio.run(validator.validate_cost_explorer())
+            # Display detailed results
+            validator.display_validation_result(result, "Cost Explorer")
+            return result
+        except ImportError as e:
+            console.print(f"[red]❌ Cost validation module not available: {e}[/red]")
+            raise click.ClickException("Cost validation functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ Cost validation failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    @validation.command()
+    @common_aws_options
+    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account organizations validation")
+    @click.pass_context
+    def organizations(ctx, profile, region, dry_run, all):
+        """
+        Validate Organizations API data accuracy with universal profile support.
+        Organizations Validation Features:
+        • Account discovery consistency verification
+        • Organizational unit structure validation
+        • Multi-account organizations validation with --all flag
+        • Cross-account permission validation
+        Examples:
+            runbooks validation organizations
+            runbooks validation organizations --profile management-profile
+            runbooks validation organizations --all  # Multi-account validation
+        """
+        try:
+            from runbooks.validation.mcp_validator import MCPValidator
+            from runbooks.common.profile_utils import get_profile_for_operation
+            import asyncio
+            console.print(f"[bold cyan]🏢 Validating Organizations API data[/bold cyan]")
+            # Use ProfileManager for dynamic profile resolution (management operation)
+            resolved_profile = get_profile_for_operation("management", profile)
+            validator = MCPValidator(profiles={"management": resolved_profile})
+            result = asyncio.run(validator.validate_organizations_data())
+            # Display detailed results
+            validator.display_validation_result(result, "Organizations")
+            return result
+        except ImportError as e:
+            console.print(f"[red]❌ Organizations validation module not available: {e}[/red]")
+            raise click.ClickException("Organizations validation functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ Organizations validation failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    @validation.command()
+    @common_aws_options
+    @click.option("--target-accuracy", default=99.5, help="Target accuracy percentage")
+    @click.option("--iterations", default=5, help="Number of benchmark iterations")
+    @click.option("--performance-target", default=30.0, help="Performance target in seconds")
+    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account benchmarking")
+    @click.pass_context
+    def benchmark(ctx, profile, region, dry_run, target_accuracy, iterations, performance_target, all):
+        """
+        Run performance benchmark for MCP validation framework with universal profile support.
+        Benchmark Features:
+        • Comprehensive performance testing across all operations
+        • Configurable accuracy targets and iteration counts
+        • Multi-account benchmarking with --all flag
+        • Statistical analysis with confidence intervals
+        • Enterprise readiness assessment
+        Examples:
+            runbooks validation benchmark --target-accuracy 99.0 --iterations 10
+            runbooks validation benchmark --performance-target 20
+            runbooks validation benchmark --all --iterations 3  # Multi-account benchmark
+        """
+        try:
+            from runbooks.validation.mcp_validator import MCPValidator
+            from runbooks.common.profile_utils import get_profile_for_operation
+            import asyncio
+            console.print(f"[bold magenta]🎯 Running MCP validation benchmark[/bold magenta]")
+            console.print(f"Target: {target_accuracy}% | Iterations: {iterations} | Performance: <{performance_target}s")
+            # Use ProfileManager for dynamic profile resolution
+            resolved_profile = get_profile_for_operation("operational", profile)
+            validator = MCPValidator(performance_target_seconds=performance_target)
+            results = []
+            # Run benchmark iterations
+            for i in range(iterations):
+                console.print(f"\n[cyan]Iteration {i + 1}/{iterations}[/cyan]")
+                report = asyncio.run(validator.validate_all_operations())
+                results.append(report)
+                console.print(
+                    f"Accuracy: {report.overall_accuracy:.1f}% | "
+                    f"Time: {report.execution_time:.1f}s | "
+                    f"Status: {'✅' if report.overall_accuracy >= target_accuracy else '❌'}"
+                )
+            # Generate benchmark summary
+            benchmark_summary = validator.generate_benchmark_summary(results, target_accuracy)
+            console.print(f"\n[bold green]📊 Benchmark Complete[/bold green]")
+            console.print(f"Average Accuracy: {benchmark_summary['avg_accuracy']:.2f}%")
+            console.print(f"Success Rate: {benchmark_summary['success_rate']:.1f}%")
+            return benchmark_summary
+        except ImportError as e:
+            console.print(f"[red]❌ Benchmark module not available: {e}[/red]")
+            raise click.ClickException("Benchmark functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ Benchmark failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    @validation.command()
+    @common_aws_options
+    @click.option(
+        "--operation",
+        type=click.Choice(["costs", "organizations", "ec2", "security", "vpc"]),
+        required=True,
+        help="Specific operation to validate"
+    )
+    @click.option("--tolerance", default=5.0, help="Tolerance percentage")
+    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account single operation validation")
+    @click.pass_context
+    def single(ctx, profile, region, dry_run, operation, tolerance, all):
+        """
+        Validate a single operation with universal profile support.
+        Single Operation Validation Features:
+        • Focused validation on specific AWS service operations
+        • Configurable tolerance for variance detection
+        • Multi-account single operation validation with --all flag
+        • Detailed error analysis and recommendations
+        Examples:
+            runbooks validation single --operation costs --tolerance 2.0
+            runbooks validation single --operation security --profile ops-profile
+            runbooks validation single --operation vpc --all  # Multi-account single operation
+        """
+        try:
+            from runbooks.validation.mcp_validator import MCPValidator
+            from runbooks.common.profile_utils import get_profile_for_operation
+            import asyncio
+            console.print(f"[bold cyan]🔍 Validating {operation.title()} operation[/bold cyan]")
+            # Use ProfileManager for dynamic profile resolution based on operation type
+            operation_type_map = {
+                "costs": "billing",
+                "organizations": "management",
+                "ec2": "operational",
+                "security": "operational",
+                "vpc": "operational"
+            }
+            resolved_profile = get_profile_for_operation(
+                operation_type_map.get(operation, "operational"),
+                profile
+            )
+            validator = MCPValidator(tolerance_percentage=tolerance)
+            # Map operations to validator methods
+            operation_map = {
+                "costs": validator.validate_cost_explorer,
+                "organizations": validator.validate_organizations_data,
+                "ec2": validator.validate_ec2_inventory,
+                "security": validator.validate_security_baseline,
+                "vpc": validator.validate_vpc_analysis,
+            }
+            result = asyncio.run(operation_map[operation]())
+            # Display detailed results
+            validator.display_validation_result(result, operation.title())
+            return result
+        except ImportError as e:
+            console.print(f"[red]❌ Single validation module not available: {e}[/red]")
+            raise click.ClickException("Single validation functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ {operation.title()} validation failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    @validation.command()
+    @common_aws_options
+    @click.option("--all", is_flag=True, help="Check status for all available AWS profiles")
+    @click.pass_context
+    def status(ctx, profile, region, dry_run, all):
+        """
+        Show MCP validation framework status with universal profile support.
+        Status Check Features:
+        • Component availability and readiness verification
+        • AWS profile validation and connectivity testing
+        • MCP integration status and configuration validation
+        • Multi-account status checking with --all flag
+        Examples:
+            runbooks validation status
+            runbooks validation status --profile management-profile
+            runbooks validation status --all  # Multi-account status check
+        """
+        try:
+            from runbooks.validation.mcp_validator import MCPValidator
+            from runbooks.common.profile_utils import get_profile_for_operation, list_available_profiles
+            console.print("[bold blue]🔍 MCP Validation Framework Status[/bold blue]")
+            # Use ProfileManager for dynamic profile resolution
+            resolved_profile = get_profile_for_operation("operational", profile)
+            # Check available profiles if --all flag is used
+            if all:
+                profiles = list_available_profiles()
+                console.print(f"[dim]Checking {len(profiles)} available profiles[/dim]")
+            else:
+                profiles = [resolved_profile] if resolved_profile else []
+            validator = MCPValidator()
+            status_report = validator.generate_status_report(profiles)
+            # Display status report
+            validator.display_status_report(status_report)
+            return status_report
+        except ImportError as e:
+            console.print(f"[red]❌ Status module not available: {e}[/red]")
+            raise click.ClickException("Status functionality not available")
+        except Exception as e:
+            console.print(f"[red]❌ Status check failed: {e}[/red]")
+            raise click.ClickException(str(e))
+    return validation

runbooks 1.1.2__py3-none-any.whl → 1.1.4__py3-none-any.whl

runbooks 1.1.2py3-none-any.whl → 1.1.4py3-none-any.whl