runbooks validationΒΆ
Assess | 7 commands | Management. Auto-generated from Click registry on 2026-04-01.
QA/QC: 7/7 commands PASSED (v1.3.17)
L1 --help: 7/7 | L2 params: PASS | L4 cross-validation: N/A
First time? Set up your AWS profiles
Before running any command, configure your AWS SSO profiles. See the Single Account or Multi-Account Landing Zone tabs below for copy-paste setup blocks.
AWS Profile ConfigurationΒΆ
All runbooks commands support these common options for AWS authentication:
| Option | Scope | When to Use |
|---|---|---|
--profile PROFILE |
Single account | Developer/operator targeting one AWS account |
--all-profiles |
All accounts (Landing Zone) | Platform team β discovers across all SSO profiles |
--region REGION |
Override region | Non-default region (default: ap-southeast-2) |
--dry-run |
Safe mode | Analysis only, no mutations (recommended for first run) |
--output-dir DIR |
Output path | Directory for generated reports (default: output/) |
--format FORMAT |
Output format | table, json, csv, markdown (varies by command) |
Copy and configure:
# =============================================================
# AWS Single Account Configuration
# =============================================================
export AWS_REGION="ap-southeast-2"
export AWS_PROFILE="your-account-profile"
# Authenticate via SSO
aws sso login --profile $AWS_PROFILE
# Verify
aws sts get-caller-identity --profile $AWS_PROFILE
# Run any command
runbooks finops dashboard --profile $AWS_PROFILE
Copy and configure all 4 environment variables:
# =============================================================
# AWS Multi-Account Landing Zone Configuration
# =============================================================
export AWS_REGION="ap-southeast-2"
## Single account (default fallback)
export AWS_PROFILE="your-default-profile"
## FinOps/Billing profile (READ-ONLY access to Cost Explorer)
export AWS_BILLING_PROFILE="your-billing-readonly-profile"
## Management account profile (Organizations, Control Tower)
export AWS_MANAGEMENT_PROFILE="your-management-readonly-profile"
## Centralized Operations account profile (for shared resources)
export AWS_OPERATIONS_PROFILE="your-operations-readonly-profile"
# =============================================================
# Authenticate all profiles
# =============================================================
aws sso login --profile $AWS_BILLING_PROFILE
aws sso login --profile $AWS_MANAGEMENT_PROFILE
aws sso login --profile $AWS_OPERATIONS_PROFILE
# =============================================================
# Verify connectivity
# =============================================================
aws sts get-caller-identity --profile $AWS_BILLING_PROFILE
aws sts get-caller-identity --profile $AWS_MANAGEMENT_PROFILE
# =============================================================
# Run org-wide commands
# =============================================================
runbooks inventory collect --all-profiles --region $AWS_REGION
runbooks finops dashboard --all-profiles --format table
Environment Variables ReferenceΒΆ
| Variable | Required | Purpose |
|---|---|---|
AWS_REGION |
Yes | Target AWS region (default: ap-southeast-2) |
AWS_PROFILE |
Yes | Default profile when --profile is omitted |
AWS_BILLING_PROFILE |
LZ only | Cost Explorer data enrichment |
AWS_MANAGEMENT_PROFILE |
LZ only | Organizations metadata enrichment |
AWS_OPERATIONS_PROFILE |
LZ only | Centralized Operations shared resources |
RUNBOOKS_TEST_MODE |
No | Set to 1 for offline/mock mode (no AWS calls) |
CommandsΒΆ
| Command | Description | Params | API Type |
|---|---|---|---|
benchmark |
Run performance benchmark for MCP validation framework with universal profile support. | 7 | read-only |
costs |
Validate Cost Explorer data accuracy with universal profile support. | 5 | read-only |
organizations |
Validate Organizations API data accuracy with universal profile support. | 4 | read-only |
single |
Validate a single operation with universal profile support. | 6 | read-only |
status |
Show MCP validation framework status with universal profile support. | 4 | read-only |
test |
Comprehensive test command integration for Sprint 1 validation framework. | 10 | read-only |
validate-all |
Run comprehensive validation across all critical operations with universal profile support. | 7 | read-only |
Quick Start by RoleΒΆ
Cross-validation and benchmarking for data accuracy.
| Task | Command |
|---|---|
| Validation status | runbooks validation status --profile $AWS_BILLING_PROFILE |
| Task | Command |
|---|---|
| Cost validation | runbooks validation costs --profile $AWS_BILLING_PROFILE |
| Full benchmark | runbooks validation benchmark --profile $AWS_BILLING_PROFILE |
| Task | Command |
|---|---|
| Quick validate | runbooks validation single --profile $AWS_PROFILE |
Command DetailsΒΆ
runbooks validation benchmarkΒΆ
Run performance benchmark for MCP validation framework with universal profile support.
All Parameters (7)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--target-accuracy |
FLOAT | 99.5 |
Target accuracy percentage |
--iterations |
INT | 5 |
Number of benchmark iterations |
--performance-target |
FLOAT | 30.0 |
Performance target in seconds |
--all |
BOOL | False |
Use all available AWS profiles for multi-account benchmarking |
runbooks validation costsΒΆ
Validate Cost Explorer data accuracy with universal profile support.
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--tolerance |
FLOAT | 5.0 |
Cost variance tolerance percentage |
--all |
BOOL | False |
Use all available AWS profiles for multi-account cost validation |
runbooks validation organizationsΒΆ
Validate Organizations API data accuracy with universal profile support.
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--all |
BOOL | False |
Use all available AWS profiles for multi-account organizations validation |
runbooks validation singleΒΆ
Validate a single operation with universal profile support.
All Parameters (6)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--operation |
CHOICE(costs | organizations | ec2 |
--tolerance |
FLOAT | 5.0 |
Tolerance percentage |
--all |
BOOL | False |
Use all available AWS profiles for multi-account single operation validation |
runbooks validation statusΒΆ
Show MCP validation framework status with universal profile support.
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--all |
BOOL | False |
Check status for all available AWS profiles |
runbooks validation testΒΆ
Comprehensive test command integration for Sprint 1 validation framework.
All Parameters (10)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--module |
CHOICE(finops | inventory | security |
--component |
STRING | - | Specific component within module (e.g., 'ec2-snapshots' for finops module) |
--test-type |
CHOICE(basic | profile-tests | mcp-validation |
--performance-target |
FLOAT | 30.0 |
Performance target in seconds |
--accuracy-target |
FLOAT | 99.5 |
MCP validation accuracy target percentage |
--generate-evidence |
BOOL | False |
Generate comprehensive evidence reports for manager review |
--export-results |
BOOL | False |
Export test results to JSON file |
runbooks validation validate-allΒΆ
Run comprehensive validation across all critical operations with universal profile support.
All Parameters (7)
| Parameter | Type | Default | Description |
|---|---|---|---|
--profile |
STRING | - | AWS profile for single-account operations. |
--region |
STRING | ap-southeast-2 |
AWS region override (default: ap-southeast-2) |
--dry-run |
BOOL | True |
Safe analysis mode - no resource modifications (enterprise default) |
--tolerance |
FLOAT | 5.0 |
Tolerance percentage for variance detection |
--performance-target |
FLOAT | 30.0 |
Performance target in seconds |
--save-report |
BOOL | False |
Save detailed report to artifacts |
--all |
BOOL | False |
Use all available AWS profiles for multi-account validation |