| find_unused_lambda_functionsA | Find Lambda functions with no invocations in the specified period. Args:
region_name: AWS region name
period: Lookback period in days (default: 90)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused Lambda functions
|
| find_unused_elastic_ipsB | Find unattached Elastic IPs. Args:
region_name: AWS region name
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused Elastic IPs
|
| find_unused_amisA | Find AMIs not used by any EC2 instances, ASGs, or Spot Fleet Requests. Args:
region_name: AWS region name
period: Minimum age in days for AMI to be considered unused (default: 90)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused AMIs
|
| find_unused_load_balancersA | Find load balancers with no traffic in the specified period. Args:
region_name: AWS region name
period: Lookback period in days (default: 90)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused load balancers
|
| find_unused_target_groupsA | Find target groups with no registered targets or no traffic. This function identifies target groups that are:
1. Not attached to any load balancer, OR
2. Have no registered targets, OR
3. Have registered targets but no traffic in the specified period
Args:
region_name: AWS region name
period: Lookback period in days for traffic check (default: 7)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused target groups
|
| find_unused_log_groupsA | Find CloudWatch Log Groups with no recent log events. Args:
region_name: AWS region name
period: Lookback period in days (default: 90)
max_results: Maximum results to return (default: 50)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused log groups
|
| find_unused_snapshotsA | Find EBS snapshots not associated with any AMI or volume. Args:
region_name: AWS region name
period: Minimum age in days for snapshot to be considered unused (default: 90)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused snapshots
|
| find_unused_security_groupsB | Find security groups not attached to any resources. Args:
region_name: AWS region name
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused security groups
|
| find_unused_volumesA | Find EBS volumes that are not attached to any instance. Args:
region_name: AWS region name
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with unused EBS volumes
|
| find_underutilized_ec2_instancesA | Find EC2 instances with low CPU and memory utilization (≤20%). Args:
region_name: AWS region name
period: Lookback period in days (default: 30)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with underutilized EC2 instances
|
| find_overutilized_ec2_instancesA | Find EC2 instances with high CPU or memory utilization (≥80%). Args:
region_name: AWS region name
period: Lookback period in days (default: 30)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with overutilized EC2 instances
|
| find_underutilized_rds_instancesA | Find RDS instances with low CPU utilization (≤20%). Args:
region_name: AWS region name
period: Lookback period in days (default: 30)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with underutilized RDS instances
|
| find_overutilized_rds_instancesA | Find RDS instances with high CPU utilization (≥80%). Args:
region_name: AWS region name
period: Lookback period in days (default: 30)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with overutilized RDS instances
|
| get_all_cost_optimization_recommendationsA | Get all cost optimization recommendations from AWS Cost Optimization Hub. Returns recommendations for all resource types (19 types total).
Args:
region_name: AWS region to filter recommendations (optional)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
List of dictionaries with cost optimization recommendations by resource type
|
| get_cost_optimization_ec2C | Get EC2 instance cost optimization recommendations. Args:
region_name: AWS region to filter recommendations (optional)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with EC2 cost optimization recommendations
|
| get_cost_optimization_lambdaC | Get Lambda function cost optimization recommendations. Args:
region_name: AWS region to filter recommendations (optional)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with Lambda cost optimization recommendations
|
| get_cost_optimization_rdsB | Get RDS instance cost optimization recommendations. Args:
region_name: AWS region to filter recommendations (optional)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with RDS cost optimization recommendations
|
| get_cost_optimization_ebsC | Get EBS volume cost optimization recommendations. Args:
region_name: AWS region to filter recommendations (optional)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with EBS cost optimization recommendations
|
| find_target_groups_with_high_error_rateA | Find target groups with high error rates (5XX errors). Args:
region_name: AWS region name
period: Lookback period in days (default: 7)
error_threshold: Error rate threshold percentage (default: 5.0)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with target groups having high error rates
|
| find_target_groups_with_high_response_timeB | Find target groups with high response times. Args:
region_name: AWS region name
period: Lookback period in days (default: 7)
response_time_threshold: Response time threshold in seconds (default: 1.0)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with target groups having high response times
|
| get_cost_by_regionA | Get cost breakdown by AWS region for the specified period. Args:
start_date: Start date in YYYY-MM-DD format (default: first day of last month)
end_date: End date in YYYY-MM-DD format (default: first day of current month)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with cost breakdown by region
|
| get_cost_by_serviceA | Get cost breakdown by AWS service for the specified period. Args:
start_date: Start date in YYYY-MM-DD format (default: first day of last month)
end_date: End date in YYYY-MM-DD format (default: first day of current month)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with cost breakdown by service
|
| get_cost_by_region_and_serviceA | Get cost breakdown by AWS region and service for the specified period. Args:
start_date: Start date in YYYY-MM-DD format (default: first day of last month)
end_date: End date in YYYY-MM-DD format (default: first day of current month)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with cost breakdown by region and service
|
| get_daily_cost_trendB | Get daily cost trend for the specified number of days. Args:
days: Number of days to look back (default: 30)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with daily cost trend and statistics
|
| find_asgs_with_old_amisA | Find Auto Scaling Groups using AMIs older than the specified period. Args:
region_name: AWS region name
period: Minimum age in days for AMI to be considered old (default: 90)
max_results: Maximum results to return (default: 100)
profile_name: AWS profile name (optional)
role_arn: IAM role ARN to assume (optional)
access_key: AWS access key ID (optional)
secret_access_key: AWS secret access key (optional)
session_token: AWS session token for temporary credentials (optional)
Returns:
Dictionary with ASGs using old AMIs
|
| find_unused_nat_gatewaysC | Find NAT Gateways with no traffic in the specified period. |
| find_unused_vpc_endpointsC | Find VPC Endpoints with no connections in the specified period. |
| find_unused_internet_gatewaysC | Find Internet Gateways not attached or attached to VPCs with no resources. |
| find_unused_cloudfront_distributionsC | Find CloudFront distributions with no requests in the specified period. |
| find_unused_route53_hosted_zonesC | Find Route53 hosted zones with no query activity. |
| find_unused_s3_bucketsC | Find S3 buckets with no activity in the specified period. |
| get_s3_storage_class_recommendationsC | Get S3 storage class optimization recommendations. |
| find_old_ecs_task_definitionsC | Find old ECS task definitions not used by any service. |
| find_unused_ecr_imagesC | Find unused ECR images older than specified days. |
| find_unused_launch_templatesB | Find EC2 launch templates not used by any Auto Scaling Group or instance. |
| find_unused_ecs_clusters_and_servicesA | Find ECS clusters and services with no activity in the specified period. Identifies:
- Clusters with no active services, tasks, or scheduled tasks
- Services with zero running tasks and no recent CloudWatch activity
|
| find_unused_sqs_queuesC | Find SQS queues with no messages sent or received. |
| find_unused_sns_topicsC | Find SNS topics with no subscriptions or no messages published. |
| find_unused_eventbridge_rulesC | Find EventBridge rules with no invocations. |
| find_unused_dynamodb_tablesC | Find DynamoDB tables with no read/write activity. |
| find_underutilized_dynamodb_tablesC | Find DynamoDB tables with low capacity utilization. |
| find_unused_cloudwatch_alarmsC | Find CloudWatch alarms in INSUFFICIENT_DATA state for extended period. |
| find_orphaned_cloudwatch_dashboardsC | Find CloudWatch dashboards with widgets referencing deleted resources. |
| find_orphaned_cloudwatch_alarmsB | Find CloudWatch alarms not associated with any active AWS resources. This validates alarms against actual resources across multiple services:
EC2, RDS, ECS, Lambda, SQS, Target Groups, and Load Balancers.
|
| find_overutilized_dynamodb_tablesC | Find DynamoDB tables with high capacity utilization (>80%). |
| find_underutilized_elasticache_clustersC | Find ElastiCache clusters with low CPU utilization (<20%). |
| find_overutilized_elasticache_clustersC | Find ElastiCache clusters with high CPU or memory utilization (>80%). |
| find_underutilized_ecs_servicesC | Find ECS services with low CPU and memory utilization (<20%). |
| find_underutilized_lambda_functionsC | Find Lambda functions with low invocation rates or high error rates. |
| get_savings_plans_recommendationsC | Get Savings Plans recommendations from AWS Cost Explorer. |
| get_reserved_instance_recommendationsC | Get Reserved Instance purchase recommendations from AWS Cost Explorer. |
| analyze_reserved_instance_utilizationC | Analyze Reserved Instance utilization and coverage. |
| get_ebs_volume_type_recommendationsC | Get recommendations for optimizing EBS volume types based on usage patterns. |
| get_snapshot_lifecycle_recommendationsC | Get recommendations for snapshot lifecycle management and cleanup. |
| analyze_data_transfer_costsC | Analyze data transfer costs using AWS Cost Explorer. |
| get_nat_gateway_optimization_recommendationsC | Get recommendations for optimizing NAT Gateway costs. |
| find_outdated_rds_engine_versionsC | Find RDS instances not running the latest engine version. |
| find_outdated_elasticache_engine_versionsC | Find ElastiCache clusters not running the latest engine version. |
| find_outdated_lambda_runtimesC | Find Lambda functions with deprecated or outdated runtimes. |
| find_ec2_instances_with_old_generationsC | Find EC2 instances using previous generation instance types. |
| find_ebs_volumes_with_old_typesC | Find EBS volumes using previous generation volume types. |
| find_outdated_ecs_platform_versionsC | Find ECS services not using the latest platform version. |
| find_outdated_eks_cluster_versionsC | Find EKS clusters not running the latest Kubernetes version. |
| analyze_lambda_cold_startsC | Analyze Lambda functions for cold start issues. |
| analyze_api_gateway_performanceD | Analyze API Gateway performance metrics. |
| analyze_dynamodb_throttlingC | Analyze DynamoDB tables for throttling issues. |
| analyze_rds_performance_insightsC | Analyze RDS Performance Insights data. |
| analyze_cloudfront_cache_hit_ratioC | Analyze CloudFront cache hit ratios. |
| find_unencrypted_ebs_volumesC | Find EBS volumes without encryption enabled. |
| find_unencrypted_s3_bucketsC | Find S3 buckets without default encryption enabled. |
| find_unencrypted_rds_instancesC | Find RDS instances without encryption enabled. |
| find_public_s3_bucketsC | Find S3 buckets with public access enabled. |
| find_overly_permissive_security_groupsC | Find security groups with overly permissive rules (0.0.0.0/0 or ::/0). |
| find_untagged_resourcesC | Find AWS resources missing required tags. |
| analyze_tag_complianceC | Analyze tag compliance across AWS resources. |
| generate_cost_allocation_reportC | Generate cost allocation report based on resource tags. |
