[IT-1729] A lambda to stop or terminate all EC2 instances in an accou…

…nt (#1)

Stop or terminate all instances in the same account as this lambda.
Instances less than an hour old will be ignored, and instances can also
be ignored based on a tag value.

.coveragerc

@@ -2,4 +2,4 @@
 relative_files = True
 
 # Use 'source' instead of 'omit' in order to ignore 'tests/unit/__init__.py'
-source = hello_world
+source = ec2_terminator

.github/workflows/test.yaml

@@ -9,19 +9,19 @@ jobs:
   pre-commit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: 3.9
-      - uses: pre-commit/[email protected].0
+      - uses: pre-commit/[email protected].1
 
   pytest:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: 3.9
       - run: pip install -U pipenv
@@ -33,6 +33,6 @@ jobs:
   sam-build-and-lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: ./.github/actions/sam-build
       - run: sam validate --lint --template .aws-sam/build/template.yaml

.pre-commit-config.yaml

@@ -1,6 +1,6 @@
 repos:
 -   repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.3.0
+    rev: v4.6.0
     hooks:
     # On Windows, git will convert all CRLF to LF, but only after all hooks are done executing.
     # yamllint will fail before git has a chance to convert line endings, so line endings must be explicitly converted before yamllint
@@ -11,16 +11,16 @@ repos:
     -   id: trailing-whitespace
     -   id: check-ast
 -   repo: https://github.com/adrienverge/yamllint
-    rev: v1.27.1
+    rev: v1.35.1
     hooks:
     -   id: yamllint
 -   repo: https://github.com/awslabs/cfn-python-lint
-    rev: v0.63.2
+    rev: v0.86.2
     hooks:
     -   id: cfn-python-lint
         files: template\.(json|yml|yaml)$
 -   repo: https://github.com/Lucas-C/pre-commit-hooks
-    rev: v1.3.1
+    rev: v1.5.5
     hooks:
     -   id: remove-tabs
 -   repo: https://github.com/aristanetworks/j2lint.git

Pipfile

@@ -4,13 +4,10 @@ url = "https://pypi.org/simple"
 verify_ssl = true
 
 [dev-packages]
-pytest = "~=7.1"
+pytest = "~=8.1"
 pytest-mock = "~=3.8"
 boto3 = "~=1.24"
 coverage = "~=7.3"
 
-[packages]
-crhelper = "~=2.0"
-
 [requires]
 python_version = "3.9"

README.md

@@ -1,26 +1,50 @@
-# lambda-template
-A GitHub template for quickly starting a new AWS lambda project.
+# lambda-ec2-terminator
 
-## Naming
-Naming conventions:
-* for a vanilla Lambda: `lambda-<context>`
-* for a Cloudformation Transform macro: `cfn-macro-<context>`
-* for a Cloudformation Custom Resource: `cfn-cr-<context>`
+An AWS lambda to stop or terminate all EC2 instances in the current account.
+
+## Operation
+
+This lambda will scan the account it is deployed to for running or stopped EC2
+instances and will stop or terminate them. Stop Protection or Termination
+Protection should be used to prevent instances from being effected.
+
+### Parameters
+
+| Parameter Name | Default Value      | Allowed Values        |
+|----------------|--------------------|-----------------------|
+| Ec2Action      | "STOP"             | "STOP" or "TERMINATE" |
+| Schedule       | cron(0 2 * * ? \*) | EventBridge schedule  |
+
+#### Ec2Action
+
+The EC2 action to take on running instances: either stop or terminate.
+
+#### Schedule
+
+When to run the lambda, the default is daily at 2am UTC. Must be an EventBridge schedule.
+Format details: https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html
+
+### Running
+
+This lambda is triggered by a scheduled CloudWatch event at 2am UTC (8pm PST).
 
 ## Development
 
 ### Contributions
+
 Contributions are welcome.
 
 ### Setup Development Environment
 
 Install the following applications:
-* [AWS CLI](https://github.com/aws/aws-cli)
-* [AWS SAM CLI](https://github.com/aws/aws-sam-cli)
-* [pre-commit](https://github.com/pre-commit/pre-commit)
-* [pipenv](https://github.com/pypa/pipenv)
+
+- [AWS CLI](https://github.com/aws/aws-cli)
+- [AWS SAM CLI](https://github.com/aws/aws-sam-cli)
+- [pre-commit](https://github.com/pre-commit/pre-commit)
+- [pipenv](https://github.com/pypa/pipenv)
 
 ### Install Requirements
+
 Run `pipenv install --dev` to install both production and development
 requirements, and `pipenv shell` to activate the virtual environment. For more
 information see the [pipenv docs](https://pipenv.pypa.io/en/latest/).
@@ -29,6 +53,7 @@ After activating the virtual environment, run `pre-commit install` to install
 the [pre-commit](https://pre-commit.com/) git hook.
 
 ### Update Requirements
+
 First, make any needed updates to the base requirements in `Pipfile`,
 then use `pipenv` to regenerate both `Pipfile.lock` and
 `requirements.txt`. We use `pipenv` to control versions in testing,
@@ -49,17 +74,21 @@ $ pipenv requirements > requirements.txt
 ```
 
 Additionally, `pre-commit` manages its own requirements.
+
 ```shell script
 $ pre-commit autoupdate
 ```
 
 ### Create a local build
+
 Use a Lambda-like docker container to build the Lambda artifact
+
 ```shell script
 $ sam build --use-container
 ```
 
 ### Run unit tests
+
 Tests are defined in the `tests` folder in this project, and dependencies are
 managed with `pipenv`. Install the development dependencies and run the tests
 using `coverage`.
@@ -71,16 +100,18 @@ $ pipenv run coverage run -m pytest tests/ -vv
 Automated testing will upload coverage results to [Coveralls](coveralls.io).
 
 ### Run integration tests
+
 Running integration tests
 [requires docker](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-local-start-api.html)
 
 ```shell script
-$ sam local invoke HelloWorldFunction --event events/event.json
+$ sam local invoke TerminatorFunction --event events/event.json
 ```
 
 ## Deployment
 
 ### Deploy Lambda to S3
+
 Deployments are sent to the
 [Sage cloudformation repository](https://bootstrap-awss3cloudformationbucket-19qromfd235z9.s3.amazonaws.com/index.html)
 which requires permissions to upload to Sage
@@ -98,6 +129,7 @@ aws s3 cp .aws-sam/build/lambda-template.yaml s3://bootstrap-awss3cloudformation
 ## Publish Lambda
 
 ### Private access
+
 Publishing the lambda makes it available in your AWS account.  It will be accessible in
 the [serverless application repository](https://console.aws.amazon.com/serverlessrepo).
 
@@ -106,6 +138,7 @@ sam publish --template .aws-sam/build/lambda-template.yaml
 ```
 
 ### Public access
+
 Making the lambda publicly accessible makes it available in the
 [global AWS serverless application repository](https://serverlessrepo.aws.amazon.com/applications)
 
@@ -118,6 +151,7 @@ aws serverlessrepo put-application-policy \
 ## Install Lambda into AWS
 
 ### Sceptre
+
 Create the following [sceptre](https://github.com/Sceptre/sceptre) file
 config/prod/lambda-template.yaml
 
@@ -133,20 +167,22 @@ stack_tags:
 ```
 
 Install the lambda using sceptre:
+
 ```shell script
 sceptre --var "profile=my-profile" --var "region=us-east-1" launch prod/lambda-template.yaml
 ```
 
 ### AWS Console
+
 Steps to deploy from AWS console.
 
 1. Login to AWS
-2. Access the
-[serverless application repository](https://console.aws.amazon.com/serverlessrepo)
--> Available Applications
-3. Select application to install
-4. Enter Application settings
-5. Click Deploy
+1. Access the
+   [serverless application repository](https://console.aws.amazon.com/serverlessrepo)
+   -> Available Applications
+1. Select application to install
+1. Enter Application settings
+1. Click Deploy
 
 ## Releasing