A collection of tools and documentation for managing cloud infrastructure, cleaning up resources, and understanding cloud architectures. This repository contains automation scripts for AWS resource cleanup and comprehensive documentation for AWS, Azure, GCP, and OpenShift platforms.
Automation scripts for cleaning up AWS resources, managing clusters, and maintaining cloud hygiene:
-
cleanup_aws_resources.sh - Comprehensive AWS cluster deprovisioning script
- Deprovisions OpenShift and Hypershift clusters older than a specified cutoff time
- Cleans up VPCs, subnets, route tables, security groups, load balancers, and other AWS resources
- Handles IAM user cleanup for
ci-op-*users - Supports multiple AWS regions and profiles
- Usage:
./cleanup_aws_resources.sh [--profile PROFILE] [--cutoff TIME]
-
cleanup_iam_users.sh - IAM user cleanup utility
- Removes IAM users matching
ci-op-*pattern older than 24 hours - Detaches policies, deletes access keys, and removes group memberships
- Supports parallel processing for efficiency
- Usage:
./cleanup_iam_users.sh <aws-profile>
- Removes IAM users matching
-
cleanup_lb_sg.sh - Load balancer and security group cleanup
- Removes unused load balancers and security groups
- Supports safeguard lists to protect specific resources
- Configurable age threshold and dry-run mode
- Usage:
./cleanup_lb_sg.sh <safeguard-sgs> <age-hours> <dry-run>
-
cleanup_sg_rules_by_hash.sh - Security group rules cleanup by hash
- Removes security group rules based on hash matching
- Useful for cleaning up duplicate or unnecessary rules
-
cleanup_users_mac-supported.sh - Mac-compatible user cleanup script
- Cross-platform version of user cleanup utilities
Comprehensive architecture and platform documentation organized by cloud provider:
Located in docs/Openshift/
Comprehensive documentation for understanding OpenShift architecture, components, networking, APIs, and cluster management:
- Overview - High-level overview of OpenShift
- Architecture - System architecture and component diagrams
- Network and API Guide - Networking and API architecture
- Component Interactions - How components interact
- Navigation and Debugging - How to navigate and debug clusters
- Setup Guide - Setting up access and navigation
- Usage Guide - Practical examples and operations
- FAQ - Frequently asked questions
- Summaries - Technical summaries at different levels
- Release Notes - Release information
See docs/Openshift/README.md for the complete OpenShift documentation index.
Located in docs/Kubernetes/
Beginner-friendly architecture documentation for understanding Kubernetes:
- Architecture - Comprehensive Kubernetes architecture diagram
- Control plane components (API Server, etcd, Scheduler, Controller Manager)
- Worker node components (Kubelet, kube-proxy, Container Runtime)
- Networking (Services, Ingress, CNI, DNS)
- Storage (Volumes, PVs, PVCs, Storage Classes)
- Security (RBAC, Secrets, Network Policies)
- Observability (Metrics, Logs, Tracing)
- Application deployment and scaling workflows
-
AWS Architecture - Amazon Web Services architecture overview
- Compute, networking, storage, security, and operations layers
- Service relationships and best practices
-
Azure Architecture - Microsoft Azure architecture overview
- Virtual machines, containers, networking, storage, and security services
- Azure-specific patterns and configurations
-
GCP Architecture - Google Cloud Platform architecture overview
- Compute Engine, Kubernetes, serverless, networking, and storage services
- GCP-specific architectures and recommendations
-
Prerequisites:
- AWS CLI installed and configured
- Appropriate AWS credentials and permissions
jqcommand-line JSON processor- Optional:
openshift-installandhypershiftfor cluster management
-
Basic Usage:
# Clean up AWS resources (default: 72 hours ago) ./cleanup_aws_resources.sh # Use specific AWS profile ./cleanup_aws_resources.sh --profile myprofile # Custom age cutoff ./cleanup_aws_resources.sh --cutoff "24 hours ago" # Combined options ./cleanup_aws_resources.sh --profile prod --cutoff "1 week ago"
-
IAM User Cleanup:
./cleanup_iam_users.sh <aws-profile>
-
Load Balancer and Security Group Cleanup:
./cleanup_lb_sg.sh sg-abc123,sg-def456 48 false
- OpenShift: Start with docs/Openshift/OPENSHIFT_OVERVIEW.md
- Kubernetes: See docs/Kubernetes/architecture.md
- AWS: See docs/AWS/architecture.md
- Azure: See docs/AZURE/architecture.md
- GCP: See docs/GCP/architecture.md
The cleanup scripts support the following environment variables:
ARTIFACTS- Directory for logs and metadata (default:/tmp/artifacts)CLUSTER_TTL- Default age cutoff for cluster cleanup (default:72 hours ago)AWS_PROFILE- AWS profile to use (optional)AWS_SHARED_CREDENTIALS_FILE- AWS credentials file (default:~/.aws/credentials)HYPERSHIFT_BASE_DOMAIN- Hypershift base domain (default:origin-ci-int-aws.dev.rhcloud.com)
bash(version 4.0+)awsCLIjq(JSON processor)date(GNU date or macOS gdate)
openshift-install- For OpenShift cluster managementhypershift- For Hypershift cluster managementoc- OpenShift CLI
- Dry-run mode - Test scripts without making changes
- Safeguard lists - Protect specific resources from deletion
- Age thresholds - Only clean resources older than specified time
- Comprehensive logging - All operations logged to files
- Error handling - Graceful failure handling and retry logic
- Dependency checks - Verifies required tools before execution
- OpenShift Documentation - Official OpenShift documentation
- Kubernetes Documentation - Kubernetes documentation
- AWS CLI Documentation - AWS Command Line Interface
- AWS IAM Best Practices
Contributions are welcome! When contributing:
- Test scripts thoroughly before submitting
- Update documentation for any new features
- Follow existing code style and patterns
- Add appropriate error handling and logging
- Include usage examples in script headers
This repository follows the organization's standard license terms.
For issues, questions, or contributions:
- Review the documentation in the
docs/directory - Check script headers for usage information
- Review logs in the
ARTIFACTSdirectory for troubleshooting