runbooks finops¶
Track | Target | 37 commands. Auto-generated from Click registry on 2026-04-01.
QA/QC: 37/37 commands PASSED (v1.3.17)
L1 --help: 37/37 | L2 params: PASS | L4 cross-validation: PASS 100%
First time? Set up your AWS profiles
Before running any command, configure your AWS SSO profiles. See the Single Account or Multi-Account Landing Zone tabs below for copy-paste setup blocks.
AWS Profile Configuration¶
All runbooks commands support these common options for AWS authentication:
| Option | Scope | When to Use |
|---|---|---|
--profile PROFILE |
Single account | Developer/operator targeting one AWS account |
--all-profiles |
All accounts (Landing Zone) | Platform team — discovers across all SSO profiles |
--region REGION |
Override region | Non-default region (default: ap-southeast-2) |
--dry-run |
Safe mode | Analysis only, no mutations (recommended for first run) |
--output-dir DIR |
Output path | Directory for generated reports (default: output/) |
--format FORMAT |
Output format | table, json, csv, markdown (varies by command) |
Copy and configure:
# =============================================================
# AWS Single Account Configuration
# =============================================================
export AWS_REGION="ap-southeast-2"
export AWS_PROFILE="your-account-profile"
# Authenticate via SSO
aws sso login --profile $AWS_PROFILE
# Verify
aws sts get-caller-identity --profile $AWS_PROFILE
# Run any command
runbooks finops dashboard --profile $AWS_PROFILE
Copy and configure all 4 environment variables:
# =============================================================
# AWS Multi-Account Landing Zone Configuration
# =============================================================
export AWS_REGION="ap-southeast-2"
## Single account (default fallback)
export AWS_PROFILE="your-default-profile"
## FinOps/Billing profile (READ-ONLY access to Cost Explorer)
export AWS_BILLING_PROFILE="your-billing-readonly-profile"
## Management account profile (Organizations, Control Tower)
export AWS_MANAGEMENT_PROFILE="your-management-readonly-profile"
## Centralized Operations account profile (for shared resources)
export AWS_OPERATIONS_PROFILE="your-operations-readonly-profile"
# =============================================================
# Authenticate all profiles
# =============================================================
aws sso login --profile $AWS_BILLING_PROFILE
aws sso login --profile $AWS_MANAGEMENT_PROFILE
aws sso login --profile $AWS_OPERATIONS_PROFILE
# =============================================================
# Verify connectivity
# =============================================================
aws sts get-caller-identity --profile $AWS_BILLING_PROFILE
aws sts get-caller-identity --profile $AWS_MANAGEMENT_PROFILE
# =============================================================
# Run org-wide commands
# =============================================================
runbooks inventory collect --all-profiles --region $AWS_REGION
runbooks finops dashboard --all-profiles --format table
Environment Variables Reference¶
| Variable | Required | Purpose |
|---|---|---|
AWS_REGION |
Yes | Target AWS region (default: ap-southeast-2) |
AWS_PROFILE |
Yes | Default profile when --profile is omitted |
AWS_BILLING_PROFILE |
LZ only | Cost Explorer data enrichment |
AWS_MANAGEMENT_PROFILE |
LZ only | Organizations metadata enrichment |
AWS_OPERATIONS_PROFILE |
LZ only | Centralized Operations shared resources |
RUNBOOKS_TEST_MODE |
No | Set to 1 for offline/mock mode (no AWS calls) |
Commands¶
| Command | Description | Params | API Type |
|---|---|---|---|
analyze-ec2 |
EC2 cost analysis with 4-way enrichment. | 12 | read-only |
analyze-graviton-eligibility |
Graviton migration eligibility analysis for ARM64 cost optimization. | 8 | read-only |
analyze-s3-storage-lens |
Analyze S3 Storage Lens metrics for cost optimization. | 4 | read-only |
analyze-workspaces |
WorkSpaces cost analysis with decommission tier scoring. | 11 | read-only |
appstream-decommission-analysis |
AppStream decommission analysis with A1-A7 scoring framework. | 6 | read-only |
azure |
Azure Cost Management analysis. | 0 | read-only |
azure anomaly |
Detect cost anomalies (spending spikes). | 3 | read-only |
azure daily |
Daily cost breakdown by Azure service. | 4 | read-only |
azure monthly |
Monthly cost summary with subscription breakdown. | 7 | read-only |
azure preflight |
Pre-flight auth and access validation for Azure FinOps. | 1 | read-only |
azure validate |
Validate SDK against Azure native API (ground truth). | 3 | read-only |
check-config-compliance |
Check AWS Config compliance and map to cost impact. | 5 | read-only |
cost-drops |
Detect month-over-month cost drops across all linked accounts and services. | 17 | read-only |
dashboard |
Multi-account cost visibility with MCP validation. | 32 | read-only |
detect-orphans |
Detect orphaned AWS resources across multiple types. | 7 | read-only |
detect-rds-idle |
Detect idle RDS instances for $50K annual savings potential. | 9 | read-only |
ec2-decommission-analysis |
EC2 decommission analysis with E1-E7 scoring framework. | 6 | read-only |
ec2-snapshots |
EC2 snapshot cost optimization and cleanup analysis. | 7 | read-only |
enrich-workspaces |
Enrich WorkSpaces inventory with Organizations metadata. | 5 | read-only |
export |
Export financial analysis results in multiple formats. | 6 | read-only |
infrastructure |
Epic 2 Infrastructure Optimization - $210,147 annual savings target | 0 | read-only |
infrastructure analyze |
Comprehensive Infrastructure Optimization Analysis - Epic 2 | 4 | read-only |
infrastructure elastic-ip |
Elastic IP optimization analysis - $21,593 Epic 2 target | 0 | read-only |
infrastructure load-balancer |
Load Balancer optimization analysis - $35,280 Epic 2 target | 0 | read-only |
infrastructure nat-gateway |
NAT Gateway optimization analysis - $147,420 Epic 2 target | 0 | read-only |
infrastructure vpc-endpoint |
VPC Endpoint optimization analysis - $5,854 Epic 2 target | 0 | read-only |
lambda-analysis |
Lambda cost and activity analysis with optimization signals. | 8 | read-only |
optimize |
Generate cost optimization recommendations for specific resource types. | 4 | read-only |
optimize-cloudwatch-costs |
Analyze and optimize CloudWatch log retention costs. | 9 | read-only |
optimize-s3-lifecycle |
S3 Lifecycle Optimizer - Automated Storage Cost Optimization ($180K target) | 6 | read-only |
optimize-savings-plans |
Generate hybrid Savings Plans + RI recommendations (60/30/10 strategy). | 7 | read-only |
scenario |
Execute a FinOps business scenario analysis. | 6 | read-only |
sprint1 |
Run Sprint 1 cost optimization analysis. | 6 | read-only |
validate |
4-Way Validation: HTML vs CSV vs MCP vs AWS API | 8 | read-only |
validate-with-mcp |
Validate runbooks cost projections against MCP Cost Explorer (Feature 1). | 4 | read-only |
vizro |
Launch interactive Vizro FinOps dashboard (port 8050). | 4 | read-only |
workspaces-decommission-analysis |
WorkSpaces decommission analysis with W1-W6 scoring framework. | 5 | read-only |
Quick Start by Role¶
Cost optimization and financial operations across AWS accounts.
| Task | Command |
|---|---|
| Monthly cost report | runbooks finops dashboard --profile $AWS_BILLING_PROFILE |
| Cost trends | runbooks finops cost-trends --profile $AWS_BILLING_PROFILE --period monthly |
| Task | Command |
|---|---|
| EC2 right-sizing | runbooks finops analyze-ec2 --profile $AWS_PROFILE --output /tmp/ec2-analysis.json |
| Savings plan analysis | runbooks finops optimize-savings-plans --profile $AWS_BILLING_PROFILE |
| Idle RDS detection | runbooks finops detect-rds-idle --profile $AWS_PROFILE |
| Task | Command |
|---|---|
| Cost anomaly check | runbooks finops cost-drops --profile $AWS_BILLING_PROFILE --threshold 20 |
| Resource waste scan | runbooks finops optimize --profile $AWS_PROFILE --savings-target 0.2 |
Command Details¶
runbooks finops analyze-ec2¶
EC2 cost analysis with 4-way enrichment.
All Parameters (12)
| Parameter | Type | Default | Description |
|---|---|---|---|
--input/-i |
PATH | - | Input EC2 inventory Excel file (with Identifier, AWS Account, Region columns) |
--output/-o |
PATH | - | Output enriched Excel file (multi-sheet with cost analysis) |
--enable-organizations |
BOOL | True |
Enable Organizations metadata enrichment (default: enabled) |
--enable-cost |
BOOL | True |
Enable Cost Explorer enrichment (default: enabled) |
--enable-activity |
BOOL | False |
Enable CloudTrail activity tracking (default: disabled, takes 60-90 seconds) |
--include-12month-cost |
BOOL | True |
Include 12-month cost breakdown (default: enabled) |
--decommission-mode |
BOOL | False |
Decommission mode: Filter to 45 decision-focused columns (default: disabled, shows all 87 columns) |
--verbose/-v |
BOOL | False |
Show detailed logs |
--format |
CHOICE(compact | table | json) |
--output-dir |
PATH | . |
Output directory for exported files |
--profile |
STRING | - | AWS profile (KISS: auto-resolves management/billing/ops from AWS_MANAGEMENT_PROFILE, AWS_BILLING_PROFILE env vars) |
--all-profile |
STRING | - | Multi-Account: management profile for Organizations + Cost Explorer across all accounts. |
runbooks finops analyze-graviton-eligibility¶
Graviton migration eligibility analysis for ARM64 cost optimization.
All Parameters (8)
| Parameter | Type | Default | Description |
|---|---|---|---|
--input/-i |
PATH | - | Input EC2 enriched Excel file (output from analyze-ec2) |
--output/-o |
PATH | - | Output Excel file with Graviton eligibility assessment |
--profile |
STRING | - | AWS profile (convenience - sets both management and billing profiles) |
--management-profile/-m |
STRING | - | AWS management profile for EC2 operations (defaults to service routing) |
--billing-profile/-b |
STRING | - | AWS billing profile for Cost Explorer (defaults to service routing) |
--enable-ami-check |
BOOL | True |
Enable AMI architecture compatibility checking (default: enabled) |
--enable-compute-optimizer |
BOOL | True |
Enable Compute Optimizer integration for confidence scoring (default: enabled) |
--verbose/-v |
BOOL | False |
Enable verbose logging |
runbooks finops analyze-s3-storage-lens¶
Analyze S3 Storage Lens metrics for cost optimization.
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--region |
STRING | ap-southeast-2 |
AWS region for S3 client (S3 is global) |
runbooks finops analyze-workspaces¶
WorkSpaces cost analysis with decommission tier scoring.
All Parameters (11)
| Parameter | Type | Default | Description |
|---|---|---|---|
--input/-i |
PATH | - | Input WorkSpaces inventory Excel file (with Identifier, AWS Account, Region columns) |
--output/-o |
PATH | - | Output enriched Excel file (multi-sheet with cost analysis) |
--enable-organizations |
BOOL | True |
Enable Organizations metadata enrichment (default: enabled) |
--enable-cost |
BOOL | True |
Enable Cost Explorer enrichment (default: enabled) |
--enable-activity |
BOOL | False |
Enable CloudTrail activity tracking (default: disabled, takes 60-90 seconds) |
--include-12month-cost |
BOOL | True |
Include 12-month cost breakdown (default: enabled) |
--verbose/-v |
BOOL | False |
Show detailed logs |
--format |
CHOICE(compact | table | json) |
--output-dir |
PATH | . |
Output directory for exported files |
--profile |
STRING | - | AWS profile (KISS: auto-resolves management/billing/ops from AWS_MANAGEMENT_PROFILE, AWS_BILLING_PROFILE env vars) |
--all-profile |
STRING | - | Multi-Account: management profile for Organizations + Cost Explorer across all accounts. |
runbooks finops appstream-decommission-analysis¶
AppStream decommission analysis with A1-A7 scoring framework.
All Parameters (6)
| Parameter | Type | Default | Description |
|---|---|---|---|
--input/-i |
PATH | /tmp/appstream_discovery.csv |
Input AppStream inventory CSV file (default: /tmp/appstream_discovery.csv) |
--output/-o |
PATH | - | Output enriched Excel file with decommission analysis |
--enrich |
CHOICE(organizations | cost | activity |
--profile |
STRING | - | AWS profile (KISS: auto-resolves management/billing/ops from AWS_MANAGEMENT_PROFILE, AWS_BILLING_PROFILE env vars) |
--all-profile |
STRING | - | Multi-Account: management profile for Organizations + Cost Explorer across all accounts. |
--output-dir |
PATH | . |
Output directory for exported files |
runbooks finops azure¶
Azure Cost Management analysis.
runbooks finops azure anomaly¶
Detect cost anomalies (spending spikes).
| Parameter | Type | Default | Description |
|---|---|---|---|
--subscription/-s |
STRING | - | Azure subscription ID (uses default if not provided) |
--threshold/-t |
FLOAT | - | Anomaly threshold (e.g., 0.2 = 20% above rolling average) |
--days/-d |
INT | - | Rolling average period in days (default: 7) |
runbooks finops azure daily¶
Daily cost breakdown by Azure service.
| Parameter | Type | Default | Description |
|---|---|---|---|
--subscription/-s |
STRING | - | Azure subscription ID (uses default if not provided) |
--days/-d |
INT | - | Number of days to analyze (default: 7) |
--top-n/-n |
INT | - | Number of top services to display (default: 10) |
--export/-e |
CHOICE(json | csv) | - |
runbooks finops azure monthly¶
Monthly cost summary with subscription breakdown.
All Parameters (7)
| Parameter | Type | Default | Description |
|---|---|---|---|
--subscription/-s |
STRING | - | Azure subscription ID (uses default if not provided) |
--months/-m |
INT | - | Number of months to analyze (default: 1, current MTD) |
--all-subscriptions/-a |
BOOL | - | Include all enabled subscriptions |
--start-date |
DATETIME | - | Start date for custom range (YYYY-MM-DD, e.g., 2025-11-01) |
--end-date |
DATETIME | - | End date for custom range (YYYY-MM-DD, e.g., 2025-11-30) |
--export/-e |
CHOICE(json | csv | xlsx) |
--mode |
CHOICE(cfo | cto | technical) |
runbooks finops azure preflight¶
Pre-flight auth and access validation for Azure FinOps.
| Parameter | Type | Default | Description |
|---|---|---|---|
--subscription/-s |
STRING | - | Azure subscription ID (defaults to AZURE_SUBSCRIPTION_ID env) |
runbooks finops azure validate¶
Validate SDK against Azure native API (ground truth).
| Parameter | Type | Default | Description |
|---|---|---|---|
--subscription/-s |
STRING | - | Azure subscription ID (uses default if not provided) |
--ground-truth |
FLOAT | - | Expected total cost for validation (from Azure Portal/CLI) |
--tolerance |
FLOAT | - | Acceptable variance in dollars (default: 0.01) |
runbooks finops check-config-compliance¶
Check AWS Config compliance and map to cost impact.
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--regions |
STRING | - | AWS regions to analyze |
--config-rules |
CHOICE(ebs-inuse | eip-attached | cw-retention |
runbooks finops cost-drops¶
Detect month-over-month cost drops across all linked accounts and services.
All Parameters (17)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
-f/--format/--output-format |
CHOICE(json | csv | table |
--output-dir |
PATH | ./ops_evidence |
Directory for generated files and evidence packages |
--all-outputs |
BOOL | False |
Generate all output formats (JSON, CSV, PDF, Markdown) - use with --output-dir |
--csv |
BOOL | False |
Export to CSV format (convenience flag, activates --all-outputs) |
--json |
BOOL | False |
Export to JSON format (convenience flag, activates --all-outputs) |
--markdown |
BOOL | False |
Export to Markdown format (convenience flag, activates --all-outputs) |
--export |
BOOL | False |
[DEPRECATED] Use --all-outputs instead |
--validate |
BOOL | False |
Enable MCP validation for enhanced accuracy (≥99.5% target) |
--confidence-threshold |
FLOAT | 99.5 |
Minimum confidence threshold for validation (default: 99.5%%) |
--top |
INT | 30 |
Number of top cost drops to display (default: 30) |
--months |
CHOICE(2 | 3 | 4 |
--min-previous |
FLOAT | 1.0 |
Minimum previous month cost in USD to consider (default: 1.0) |
--billing-profile |
STRING | - | AWS billing profile for Cost Explorer (default: same as --profile) |
--org-profile |
STRING | - | AWS management profile for Organizations account names (optional) |
runbooks finops dashboard¶
Multi-account cost visibility with MCP validation.
All Parameters (32)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile/-p |
STRING | - | AWS profile name (default: from AWS_PROFILE env var) |
--all |
BOOL | False |
[Multi-Account Mode] Enable org-wide cost aggregation. |
--all-profile |
STRING | - | DEPRECATED: Use --all with AWS_MANAGEMENT_PROFILE env var instead. |
--billing-profile |
STRING | - | [Multi-Account Mode] Billing account profile for Cost Explorer LINKED_ACCOUNT dimension queries (optional, defaults to... |
--ops-profile |
STRING | - | [Multi-Account Mode] Centralized ops profile for CloudWatch/operational data (optional, defaults to... |
--timeframe |
CHOICE(daily | weekly | monthly |
--month/-m |
STRING | - | Specific month to analyze (YYYY-MM format, e.g., 2025-12). |
--previous-month |
BOOL | False |
Show last completed calendar month (finance convention). |
--services |
STRING | - | Specific AWS services to analyze |
--accounts |
STRING | - | Specific AWS accounts to analyze |
--mode |
CHOICE(executive | architect | sre |
--executive |
BOOL | False |
DEPRECATED: Use --mode executive |
--dry-run |
BOOL | False |
Execute in dry-run mode (default: False for real execution) |
--verbose/-v |
BOOL | False |
Enable verbose diagnostic logging |
--top-n |
INT | 10 |
Number of top services to display in table (1-50, default: 10) |
--sort-by |
CHOICE(current | previous | change) |
--cost-threshold |
FLOAT | 0.0 |
Minimum cost threshold for service display (e.g., 100.0 for $100+) |
--summary-mode |
CHOICE(table | tree | both |
--output-format |
CHOICE(both | table | tree) |
--activity-analysis |
BOOL | False |
Enable resource activity analysis with decommission recommendations (E1-E7, R1-R7, S1-S7 signals) |
--show-zero-cost |
BOOL | False |
Show services with zero cost in both current and previous months (default: hide) |
--show-empty |
BOOL | False |
Show all resource types including those with 0 resources (for troubleshooting) |
--full-names |
BOOL | False |
Use full AWS API service names instead of simplified names (default: simplified like 'S3', 'VPC') |
--persona |
CHOICE(CFO | CTO | CEO |
--screenshot |
BOOL | False |
Capture Playwright screenshot of dashboard HTML export (requires console recording) |
--validation-level |
CHOICE(basic | mcp | strict) |
--output-dir |
PATH | outputs/finops-exports |
Output directory for exported files (HTML, XLSX, Markdown, JSON, CSV) |
--export |
CHOICE(csv | markdown | |
--output-file |
STRING | - | Output file path for HTML export (default: outputs/finops-exports/dashboard_TIMESTAMP.html) |
--cost-metric |
CHOICE(blended | unblended | amortized |
--filter |
STRING | - | Filter DSL: 'service:EC2,RDS' 'cost>100' 'account:123' (repeatable) |
--group-by-tag |
STRING | - | Cost allocation tag key for grouping (e.g., CostCenter, Environment, Team) |
runbooks finops detect-orphans¶
Detect orphaned AWS resources across multiple types.
All Parameters (7)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--regions |
STRING | - | AWS regions to analyze |
--resource-type |
CHOICE(all | ebs | eip |
--validate-with-config |
BOOL | False |
Validate orphans with AWS Config compliance rules |
--executive |
BOOL | False |
Executive summary format (business narrative, <5 min review) |
runbooks finops detect-rds-idle¶
Detect idle RDS instances for $50K annual savings potential.
All Parameters (9)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--lookback-days |
INT | 7 |
Analysis period in days for CloudWatch metrics (default: 7) |
--connection-threshold |
INT | 10 |
Daily connection threshold for idle detection (default: 10) |
--cpu-threshold |
FLOAT | 5.0 |
CPU percentage threshold for idle detection (default: 5.0) |
--export-json |
BOOL | False |
Export results to JSON file |
--output-file |
PATH | - | Output file path for JSON export |
--output-dir |
PATH | . |
Output directory for exported files |
runbooks finops ec2-decommission-analysis¶
EC2 decommission analysis with E1-E7 scoring framework.
All Parameters (6)
| Parameter | Type | Default | Description |
|---|---|---|---|
--input/-i |
PATH | - | Input EC2 inventory Excel file (with instance_id, account_id, region columns) |
--output/-o |
PATH | - | Output enriched Excel file with decommission analysis |
--enable-expensive-signals |
BOOL | False |
Enable expensive signals (CloudTrail activity, SSM, Compute Optimizer) |
--output-dir |
PATH | . |
Output directory for exported files |
--profile |
STRING | - | AWS profile (KISS: auto-resolves management/billing/ops from AWS_MANAGEMENT_PROFILE, AWS_BILLING_PROFILE env vars) |
--all-profile |
STRING | - | Multi-Account: management profile for Organizations + Cost Explorer across all accounts. |
runbooks finops ec2-snapshots¶
EC2 snapshot cost optimization and cleanup analysis.
All Parameters (7)
| Parameter | Type | Default | Description |
|---|---|---|---|
--older-than-days |
INT | 90 |
Minimum age in days for cleanup consideration (default: 90) |
--validate |
BOOL | True |
Enable MCP validation for ≥99.5% accuracy (default: enabled) |
--cleanup |
BOOL | False |
Enable cleanup recommendations (READ-ONLY analysis only) |
--export-results |
BOOL | False |
Export analysis results to JSON file |
--safety-checks |
BOOL | True |
Enable comprehensive safety validations (default: enabled) |
--all |
BOOL | False |
Use all available AWS profiles for multi-account snapshot analysis |
--output-dir |
PATH | . |
Output directory for exported files |
runbooks finops enrich-workspaces¶
Enrich WorkSpaces inventory with Organizations metadata.
| Parameter | Type | Default | Description |
|---|---|---|---|
--input/-i |
PATH | - | Input WorkSpaces data file (Excel/CSV with 'AWS Account' column) |
--output/-o |
PATH | - | Output enriched data file (Excel/CSV/JSON) |
--profile/-p |
STRING | default |
AWS operational profile (WorkSpaces access) |
--management-profile/-m |
STRING | - | AWS management profile (Organizations access) |
--display-only |
BOOL | False |
Display Rich CLI output without file export |
runbooks finops export¶
Export financial analysis results in multiple formats.
All Parameters (6)
| Parameter | Type | Default | Description |
|---|---|---|---|
--format |
CHOICE(csv | json | |
--output-dir |
STRING | ./finops_reports |
Output directory for exports |
--include-quarterly |
BOOL | False |
Include quarterly intelligence data |
--executive-summary |
BOOL | False |
Generate executive summary format |
--mcp-validate |
BOOL | False |
Enable MCP validation for ≥99.5% accuracy cross-validation |
--input |
PATH | - | Input JSON or CSV file to re-export in a different format |
runbooks finops infrastructure¶
Epic 2 Infrastructure Optimization - $210,147 annual savings target
runbooks finops infrastructure analyze¶
Comprehensive Infrastructure Optimization Analysis - Epic 2
| Parameter | Type | Default | Description |
|---|---|---|---|
--components |
CHOICE(nat-gateway | elastic-ip | load-balancer |
--export-format |
CHOICE(json | csv | markdown) |
--output-file |
STRING | - | Output file path for results export |
--mcp-validate |
BOOL | - | Enable MCP validation for ≥99.5% accuracy cross-validation |
runbooks finops infrastructure elastic-ip¶
Elastic IP optimization analysis - $21,593 Epic 2 target
runbooks finops infrastructure load-balancer¶
Load Balancer optimization analysis - $35,280 Epic 2 target
runbooks finops infrastructure nat-gateway¶
NAT Gateway optimization analysis - $147,420 Epic 2 target
runbooks finops infrastructure vpc-endpoint¶
VPC Endpoint optimization analysis - $5,854 Epic 2 target
runbooks finops lambda-analysis¶
Lambda cost and activity analysis with optimization signals.
All Parameters (8)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile/-p |
STRING | default |
AWS profile for Lambda operations (Organizations, Cost Explorer, CloudWatch) |
--output/-o |
PATH | tmp/runbooks/finops/lambda-analysis.xlsx |
Output enriched Excel file with Lambda analysis |
--regions/-r |
STRING | - | AWS regions to analyze (defaults to all enabled regions) |
--enable-organizations |
BOOL | True |
Enable Organizations metadata enrichment (default: enabled) |
--enable-cost |
BOOL | True |
Enable Cost Explorer enrichment (default: enabled) |
--verbose/-v |
BOOL | False |
Show detailed logs |
--format |
CHOICE(compact | table | json) |
--output-dir |
PATH | . |
Output directory for exported files |
runbooks finops optimize¶
Generate cost optimization recommendations for specific resource types.
| Parameter | Type | Default | Description |
|---|---|---|---|
--resource-type |
CHOICE(ec2 | s3 | rds |
--savings-target |
FLOAT_RANGE | 0.3 |
Target savings percentage (0.1-0.8) |
--analysis-depth |
CHOICE(basic | comprehensive | enterprise) |
--mcp-validate |
BOOL | False |
Enable MCP validation for ≥99.5% accuracy cross-validation |
runbooks finops optimize-cloudwatch-costs¶
Analyze and optimize CloudWatch log retention costs.
All Parameters (9)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--regions |
STRING | - | AWS regions to analyze (default: major commercial regions) |
--mcp-validation |
BOOL | False |
Enable MCP validation for cost projections |
--export-format |
CHOICE(json | csv | markdown) |
--output-file |
PATH | - | Output file path for results export |
--output-dir |
PATH | . |
Output directory for exported files |
--executive |
BOOL | False |
Executive summary format (business narrative, <5 min review) |
runbooks finops optimize-s3-lifecycle¶
S3 Lifecycle Optimizer - Automated Storage Cost Optimization ($180K target)
All Parameters (6)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile/-p |
STRING | - | AWS profile name (default: from AWS_PROFILE env var) |
--regions |
STRING | - | AWS regions to analyze |
--dry-run |
BOOL | True |
Execute in dry-run mode (READ-ONLY analysis) |
-f/--format/--export-format |
CHOICE(json | csv) | json |
--output-file |
STRING | - | Output file path for results export |
--output-dir |
PATH | . |
Output directory for exported files |
runbooks finops optimize-savings-plans¶
Generate hybrid Savings Plans + RI recommendations (60/30/10 strategy).
All Parameters (7)
| Parameter | Type | Default | Description |
|---|---|---|---|
--lookback-days |
INT | 90 |
Usage history analysis period (default: 90 days, minimum: 30) |
--term-years |
CHOICE(1 | 3) | 1 |
--payment-option |
CHOICE(ALL_UPFRONT | PARTIAL_UPFRONT | NO_UPFRONT) |
--billing-profile |
STRING | - | AWS billing profile for Cost Explorer |
--validate-with-mcp |
BOOL | True |
Enable MCP validation (≥99.5% accuracy, default: enabled) |
--output |
PATH | - | Export recommendations to Excel |
--verbose |
BOOL | False |
Enable verbose logging |
runbooks finops scenario¶
Execute a FinOps business scenario analysis.
All Parameters (6)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--name/-n |
CHOICE(workspaces | rds-snapshots | backup-investigation |
--regions |
STRING | ['ap-southeast-2'] |
AWS regions to analyze |
--export-format |
CHOICE(json | csv | markdown) |
runbooks finops sprint1¶
Run Sprint 1 cost optimization analysis.
All Parameters (6)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--nat-gateways |
BOOL | True |
Include NAT Gateway optimization |
--snapshots |
BOOL | True |
Include EC2 snapshot cleanup |
--elastic-ips |
BOOL | True |
Include Elastic IP optimization |
runbooks finops validate¶
4-Way Validation: HTML vs CSV vs MCP vs AWS API
All Parameters (8)
| Parameter | Type | Default | Description |
|---|---|---|---|
--html/-h |
STRING | - | HTML report file for validation |
--csv/-c |
STRING | - | CSV cost data file for validation |
--profile/-p |
STRING | default |
AWS profile for validation |
--validation-level/-v |
CHOICE(basic | mcp | strict) |
--deep-dive-bucket/-b |
STRING | - | S3 bucket for deep-dive validation |
--output-format/-o |
CHOICE(json | table | yaml) |
--export-report/-e |
STRING | - | Export validation report to file |
--automated |
BOOL | False |
Run automated L1 CLI vs L2 boto3 cross-validation (no CSV/HTML required) |
runbooks finops validate-with-mcp¶
Validate runbooks cost projections against MCP Cost Explorer (Feature 1).
| Parameter | Type | Default | Description |
|---|---|---|---|
--input/-i |
STRING | - | Input Excel file with cost projections |
--resource-type/-t |
CHOICE(ec2 | workspaces | lambda |
--tolerance/-tol |
FLOAT | 0.05 |
Variance tolerance (default: 5%) |
--billing-profile |
STRING | - | AWS billing profile for MCP Cost Explorer |
runbooks finops vizro¶
Launch interactive Vizro FinOps dashboard (port 8050).
| Parameter | Type | Default | Description |
|---|---|---|---|
--data-file |
PATH | - | Pre-exported JSON file |
--profile |
STRING | - | AWS billing profile for live data (falls back to $AWS_BILLING_PROFILE) |
--port |
INT | 8050 |
Dashboard server port |
--mode |
CHOICE(executive | architect | sre) |
runbooks finops workspaces-decommission-analysis¶
WorkSpaces decommission analysis with W1-W6 scoring framework.
| Parameter | Type | Default | Description |
|---|---|---|---|
--input/-i |
PATH | - | Input WorkSpaces inventory Excel file (with Identifier, AWS Account, Region columns) |
--output/-o |
PATH | - | Output enriched Excel file with decommission analysis |
--output-dir |
PATH | . |
Output directory for exported files |
--profile |
STRING | - | AWS profile (KISS: auto-resolves management/billing/ops from AWS_MANAGEMENT_PROFILE, AWS_BILLING_PROFILE env vars) |
--all-profile |
STRING | - | Multi-Account: management profile for Organizations + Cost Explorer across all accounts. |
Usage Examples¶
graph LR
A[":material-magnify: dashboard"] -->|"cost overview"| B[":material-alert: detect-orphans"]
B -->|"savings targets"| C[":material-chart-line: optimize"]
C -->|"export"| D[":material-file-export: export --format xlsx"]
style A fill:#4CAF50,color:#fff
style D fill:#2196F3,color:#fffDaily FinOps Workflow
# 1. Review dashboard
runbooks finops dashboard --profile $AWS_BILLING_PROFILE --format table
# 2. Find waste
runbooks finops detect-orphans --profile $AWS_BILLING_PROFILE
# 3. Analyze optimization
runbooks finops optimize --profile $AWS_BILLING_PROFILE --savings-target 0.2
# 4. Export for stakeholders
runbooks finops dashboard --profile $AWS_BILLING_PROFILE --format xlsx --output-dir /tmp/reports
# Cost dashboard for one account
runbooks finops dashboard \
--profile $AWS_BILLING_PROFILE \
--output-format table
# Detect orphaned resources (EBS volumes, EIPs, ENIs)
runbooks finops detect-orphans \
--profile $AWS_PROFILE \
--dry-run
# Infrastructure optimization analysis
runbooks finops infrastructure analyze \
--profile $AWS_BILLING_PROFILE