Sigler · August 3, 2021 17:32 · Aug 3, 2021 · Aug 3, 2021 · Aug 2, 2021 · Aug 2, 2021
diff --git a/remove-unused-keypairs-loop.yml b/remove-unused-keypairs-loop.yml
@@ -1,7 +1,6 @@
 summary: Remove unused EC2 key pairs
 
 workflow-loop:
-  # only showing 5 of 500
   - set: prod
     parameters:
     - aws-connection: aws-prod-cac
@@ -14,6 +13,7 @@ workflow-loop:
       aws-awsRegion: eu-west-2
     - aws-connection: aws-prod-apne
       awsRegion: ap-northeast-2
+    # only showing 5 of 500
 
   - set: dev
     - connection: aws-dev-foo

diff --git a/remove-unused-keypairs-loop.yml b/remove-unused-keypairs-loop.yml
@@ -3,19 +3,17 @@ summary: Remove unused EC2 key pairs
 workflow-loop:
   # only showing 5 of 500
   - set: prod
-    variables:
-      awsRegion: us-east-1
     parameters:
-    - connection: aws-prod-cac
-      awsRegion: {{awsRegion}}
-    - connection: aws-prod-euc
-      awsRegion: {{awsRegion}}
-    - connection: aws-prod-euw1
-      awsRegion: {{awsRegion}}
-    - connection: aws-prod-euw2
-      awsRegion: {{awsRegion}}
-    - connection: aws-prod-apne
-      awsRegion:  {{awsRegion}}     
+    - aws-connection: aws-prod-cac
+      awsRegion: ca-central-1
+    - aws-connection: aws-prod-euc
+      awsRegion: eu-central-1
+    - aws-connection: aws-prod-euw1
+      awsRegion: eu-west-1
+    - aws-connection: aws-prod-euw2
+      aws-awsRegion: eu-west-2
+    - aws-connection: aws-prod-apne
+      awsRegion: ap-northeast-2
 
   - set: dev
     - connection: aws-dev-foo
@@ -24,9 +22,9 @@ workflow-loop:
       awsRegion: us-east-1
 
 parameters:
-  connection:
+  aws-connection:
     description: The target account
-    default: 
+    default: my-aws-account
   awsRegion:
     description: The AWS region to run in
     default: us-east-1
@@ -41,23 +39,22 @@ triggers:
     schedule: '0 * * * *'
   binding:
     parameters:
-      awsRegion: {{awsRegion}}
+      awsRegion: us-east-1
       dryRun: true
 
 steps:
 - name: describe-instances
   image: relaysh/aws-ec2-step-instances-describe
   spec:
     aws:
-      connection: ${parameters.connection}
-      # connection: ${connections.aws.{{my-aws-account}}}
-      region: ${parameters.{{awsRegion}}}
+      connection: ${parameters.aws-connection}
+      region: ${parameters.awsRegion}
 
 - name: describe-key-pairs
   image: relaysh/aws-ec2-step-key-pairs-describe
   spec:
-    connection: ${connections.aws.{{my-aws-account}}}
-    region: ${parameters.{{awsRegion}}}
+    connection: ${parameters.aws-connection}
+    region: ${parameters.awsRegion}
 
 - name: filter-key-pairs
   image: relaysh/core:latest-python
@@ -79,6 +76,6 @@ steps:
   spec:
     aws:
       # This uses a separate connection named awsAdmin. What kind of issues does this surface?
-      connection: ${connections.aws.awsAdmin}
-      region: ${parameters.{{awsRegion}}}
+      connection: ${parameters.aws-connection}
+      region: ${parameters.awsRegion}
     keyPairNames: !Output {from: filter-key-pairs, name: keyPairNames}
diff --git a/remove-unused-keypairs-loop.yml b/remove-unused-keypairs-loop.yml
@@ -3,16 +3,19 @@ summary: Remove unused EC2 key pairs
 workflow-loop:
   # only showing 5 of 500
   - set: prod
+    variables:
+      awsRegion: us-east-1
+    parameters:
     - connection: aws-prod-cac
-      awsRegion: ca-central-1
+      awsRegion: {{awsRegion}}
     - connection: aws-prod-euc
-      awsRegion: eu-central-2
+      awsRegion: {{awsRegion}}
     - connection: aws-prod-euw1
-      awsRegion: eu-west-1
+      awsRegion: {{awsRegion}}
     - connection: aws-prod-euw2
-      awsRegion: eu-west-2
+      awsRegion: {{awsRegion}}
     - connection: aws-prod-apne
-      awsRegion: ap-northeast-1      
+      awsRegion:  {{awsRegion}}     
 
   - set: dev
     - connection: aws-dev-foo
@@ -21,6 +24,9 @@ workflow-loop:
       awsRegion: us-east-1
 
 parameters:
+  connection:
+    description: The target account
+    default: 
   awsRegion:
     description: The AWS region to run in
     default: us-east-1
@@ -43,7 +49,8 @@ steps:
   image: relaysh/aws-ec2-step-instances-describe
   spec:
     aws:
-      connection: ${connections.aws.{{my-aws-account}}}
+      connection: ${parameters.connection}
+      # connection: ${connections.aws.{{my-aws-account}}}
       region: ${parameters.{{awsRegion}}}
 
 - name: describe-key-pairs

diff --git a/remove-unused-keypairs-loop.yml b/remove-unused-keypairs-loop.yml
@@ -6,7 +6,7 @@ workflow-loop:
     - connection: aws-prod-cac
       awsRegion: ca-central-1
     - connection: aws-prod-euc
-      awsRegion: eu-central-dos
+      awsRegion: eu-central-2
     - connection: aws-prod-euw1
       awsRegion: eu-west-1
     - connection: aws-prod-euw2

diff --git a/remove-unused-keypairs-loop.yml b/remove-unused-keypairs-loop.yml
@@ -71,6 +71,7 @@ steps:
   when: ${parameters.dryrun == 'false'}
   spec:
     aws:
+      # This uses a separate connection named awsAdmin. What kind of issues does this surface?
       connection: ${connections.aws.awsAdmin}
       region: ${parameters.{{awsRegion}}}
     keyPairNames: !Output {from: filter-key-pairs, name: keyPairNames}
diff --git a/remove-unused-keypairs-loop.yml b/remove-unused-keypairs-loop.yml
@@ -1,6 +1,7 @@
 summary: Remove unused EC2 key pairs
 
 workflow-loop:
+  # only showing 5 of 500
   - set: prod
     - connection: aws-prod-cac
       awsRegion: ca-central-1
@@ -17,7 +18,7 @@ workflow-loop:
     - connection: aws-dev-foo
       awsRegion: us-west-1
     - connection: aws-dev-bar
-      awsRegion: us-west-1
+      awsRegion: us-east-1
 
 parameters:
   awsRegion:
@@ -70,6 +71,6 @@ steps:
   when: ${parameters.dryrun == 'false'}
   spec:
     aws:
-      connection: ${connections.aws.{{my-aws-account}}}
+      connection: ${connections.aws.awsAdmin}
       region: ${parameters.{{awsRegion}}}
     keyPairNames: !Output {from: filter-key-pairs, name: keyPairNames}
diff --git a/remove-unused-keypairs-loop.yml b/remove-unused-keypairs-loop.yml
@@ -0,0 +1,75 @@
+summary: Remove unused EC2 key pairs
+
+workflow-loop:
+  - set: prod
+    - connection: aws-prod-cac
+      awsRegion: ca-central-1
+    - connection: aws-prod-euc
+      awsRegion: eu-central-dos
+    - connection: aws-prod-euw1
+      awsRegion: eu-west-1
+    - connection: aws-prod-euw2
+      awsRegion: eu-west-2
+    - connection: aws-prod-apne
+      awsRegion: ap-northeast-1      
+
+  - set: dev
+    - connection: aws-dev-foo
+      awsRegion: us-west-1
+    - connection: aws-dev-bar
+      awsRegion: us-west-1
+
+parameters:
+  awsRegion:
+    description: The AWS region to run in
+    default: us-east-1
+  dryRun:
+    description: True if you dont want to actually delete the resources. Use this to test the workflow and ensure it is behaving as expected.
+    default: 'true'
+
+triggers:
+- name: schedule
+  source:
+    type: schedule
+    schedule: '0 * * * *'
+  binding:
+    parameters:
+      awsRegion: {{awsRegion}}
+      dryRun: true
+
+steps:
+- name: describe-instances
+  image: relaysh/aws-ec2-step-instances-describe
+  spec:
+    aws:
+      connection: ${connections.aws.{{my-aws-account}}}
+      region: ${parameters.{{awsRegion}}}
+
+- name: describe-key-pairs
+  image: relaysh/aws-ec2-step-key-pairs-describe
+  spec:
+    connection: ${connections.aws.{{my-aws-account}}}
+    region: ${parameters.{{awsRegion}}}
+
+- name: filter-key-pairs
+  image: relaysh/core:latest-python
+  spec:
+    instances: !Output {from: describe-instances, name: instances}
+    keyPairs: !Output { from: describe-key-pairs, name: keyPairs}
+  inputFile: https://raw.githubusercontent.com/puppetlabs/relay-workflows/master/ec2-remove-unused-key-pairs/filter-key-pairs.py
+
+- name: approval
+  description: Wait for approval to delete key pairs
+  type: approval
+  dependsOn: filter-key-pairs
+  when: ${parameters.dryrun == 'false'}
+
+- name: delete-key-pairs
+  dependsOn: approval
+  image: relaysh/aws-ec2-step-key-pairs-delete
+  when: ${parameters.dryrun == 'false'}
+  spec:
+    aws:
+      connection: ${connections.aws.{{my-aws-account}}}
+      region: ${parameters.{{awsRegion}}}
+    keyPairNames: !Output {from: filter-key-pairs, name: keyPairNames}