AWS Daily Resources Cleaner #876
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | |
# SPDX-License-Identifier: MIT | |
name: AWS Daily Resources Cleaner | |
on: | |
schedule: | |
- cron: "0 0 * * *" # Run Every Day At Midnight | |
workflow_dispatch: | |
jobs: | |
clean-opensource-ami: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old ami | |
working-directory: tool/clean | |
run: go run ./clean_ami/clean_ami.go --tags=clean | |
clean-old-file-systems: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old file system | |
working-directory: tool/clean | |
run: go run ./clean_file_system/clean_file_system.go --tags=clean | |
clean-opensource-dedicated-hosts: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old dedicated host | |
working-directory: tool/clean | |
run: go run ./clean_dedicated_host/clean_dedicated_host.go --tags=clean | |
clean-internal-dedicated-hosts: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
strategy: | |
matrix: | |
region: [ | |
us-east-1, us-east-2, | |
us-west-1, us-west-2, | |
ap-southeast-1, ap-southeast-2, | |
ap-south-1, | |
ap-northeast-1, ap-northeast-2, ap-northeast-3, | |
ca-central-1, | |
eu-central-1, | |
eu-west-1, eu-west-2, eu-west-3, | |
eu-north-1, | |
sa-east-1 | |
] | |
fail-fast: false | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.INTERNAL_AWS_ASSUME_ROLE }} | |
aws-region: ${{ matrix.region }} | |
- name: Clean old dedicated host | |
working-directory: tool/clean | |
run: go run ./clean_dedicated_host/clean_dedicated_host.go --tags=clean | |
clean-hosts: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
strategy: | |
matrix: | |
role: [ internal, external] | |
include: | |
- role: internal | |
role_secret: INTERNAL_AWS_ASSUME_ROLE | |
- role: external | |
role_secret: TERRAFORM_AWS_ASSUME_ROLE | |
region: [ | |
us-east-1, us-east-2, | |
us-west-1, us-west-2, | |
ap-southeast-1, ap-southeast-2, | |
ap-south-1, | |
ap-northeast-1, ap-northeast-2, ap-northeast-3, | |
ca-central-1, | |
eu-central-1, | |
eu-west-1, eu-west-2, eu-west-3, | |
eu-north-1, | |
sa-east-1 | |
] | |
fail-fast: false | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets[matrix.role_secret] }} | |
aws-region: ${{ matrix.region }} | |
- name: Clean old host | |
working-directory: tool/clean | |
run: go run ./clean_host/clean_host.go ${{ matrix.region }} | |
clean-hosts-china: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_CN }} | |
aws-region: "cn-north-1" | |
- name: Clean old hosts | |
working-directory: tool/clean | |
run: go run ./clean_host/clean_host.go cn-north-1 | |
clean-ecs-clusters: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old ecs cluster | |
working-directory: tool/clean | |
run: go run ./clean_ecs/clean_ecs.go --tags=clean | |
clean-eks-clusters: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old eks cluster | |
working-directory: tool/clean | |
run: go run ./clean_eks/clean_eks.go --tags=clean | |
clean-ebs-volumes: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old unused ebs volumes | |
working-directory: tool/clean | |
run: go run ./clean_ebs/clean_ebs.go --tags=clean | |
clean-asg: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old asg | |
working-directory: tool/clean | |
run: go run ./clean_auto_scaling_groups/clean_auto_scaling_groups.go --tags=clean | |
clean-launch-configs: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old launch configuration | |
working-directory: tool/clean | |
run: go run ./clean_launch_configuration/clean_launch_configuration.go --tags=clean | |
clean-iam-roles: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-to-assume: ${{ secrets.TERRAFORM_AWS_ASSUME_ROLE }} | |
aws-region: us-west-2 | |
- name: Clean old IAM roles | |
working-directory: tool/clean | |
run: go run ./clean_iam_roles/clean_iam_roles.go --tags=clean |