Sample Scripts
Admin Scripts
The following scripts are useful for StackFlow administration tasks. All scripts require AWS CLI configuration with appropriate permissions and a StackFlow admin API token. Store tokens in environment variables or AWS Secrets Manager — never hardcode them in scripts.
⚙️ Minimum Requirements
- AWS CLI v2: Configured with profile for account
373544523367inus-east-1 - Python 3.11+: With
boto3,psycopg2-binary,redispackages installed - Bastion/VPN: Scripts requiring Aurora or Neptune access must run within VPC or via bastion host
- IAM Permissions: Script execution role must have specific permissions per script (detailed in each script header)
#!/bin/bash
# bulk-disable-users.sh — Disable multiple Cognito users from a CSV file
# CSV format: email,reason
# Usage: ./bulk-disable-users.sh users-to-disable.csv
POOL_ID="us-east-1_WKK1AVJ2m"
INPUT_FILE="$1"
while IFS=, read -r email reason; do
echo "Disabling: $email (Reason: $reason)"
aws cognito-idp admin-disable-user --user-pool-id "$POOL_ID" --username "$email" --region us-east-1 && echo " ✓ Disabled" || echo " ✗ Failed"
done < <(tail -n +2 "$INPUT_FILE")
echo "Done."Bulk Operations
#!/usr/bin/env python3
# bulk_close_incidents.py — Close all resolved incidents older than N days
import requests
import sys
from datetime import datetime, timedelta
BASE_URL = "https://your-instance.stackflow-tech.com/prod/api"
TOKEN = os.environ["STACKFLOW_TOKEN"]
HEADERS = {"Authorization": f"Bearer {TOKEN}", "Content-Type": "application/json"}
DAYS_OLD = int(sys.argv[1]) if len(sys.argv) > 1 else 7
cutoff = (datetime.utcnow() - timedelta(days=DAYS_OLD)).isoformat() + "Z"
r = requests.get(f"{BASE_URL}/incidents",
headers=HEADERS,
params={"state": "resolved", "resolved_before": cutoff, "limit": 200})
incidents = r.json()["data"]
for inc in incidents:
requests.patch(f"{BASE_URL}/incidents/{inc['number']}",
headers=HEADERS,
json={"state": "closed", "close_notes": f"Auto-closed: resolved for {DAYS_OLD}+ days"})
print(f"Closed {inc['number']}")
print(f"Closed {len(incidents)} incidents.")CMDB Scripts
#!/usr/bin/env python3
# find_orphaned_cis.py — Find CIs with no relationships in Neptune
from gremlin_python.driver import client, serializer
neptune = client.Client(
"wss://stackflow-knowledge-graph.cluster-c6pq0smgmlri.us-east-1.neptune.amazonaws.com:8182/gremlin",
"g",
message_serializer=serializer.GraphSONSerializersV2d0()
)
query = "g.V().hasLabel('ci').has('tenant_id', TENANT_ID).where(not(bothE())).values('ci_id', 'name')"
results = neptune.submit(query.replace("TENANT_ID", repr(TENANT_ID))).all().result()
for r in results:
print(r)
neptune.close()Monitoring Scripts
#!/bin/bash
# check-stackflow-health.sh — Quick health check of all StackFlow components
echo "=== StackFlow Health Check ==="
echo ""
echo "API Health:"
curl -s https://your-instance.stackflow-tech.com/prod/api/health | jq .
echo ""
echo "Lambda Errors (last 1h):"
aws cloudwatch get-metric-statistics --namespace AWS/Lambda --metric-name Errors --dimensions Name=FunctionName,Value=StackFlowAPI --start-time $(date -u -d '1 hour ago' +%Y-%m-%dT%H:%M:%SZ) --end-time $(date -u +%Y-%m-%dT%H:%M:%SZ) --period 3600 --statistics Sum --region us-east-1 | jq '.Datapoints[0].Sum'
echo ""
echo "Aurora Connections:"
aws rds describe-db-clusters --db-cluster-identifier stackflow-main-prod --region us-east-1 | jq '.DBClusters[0].Status'Cleanup Scripts
#!/bin/bash
# cleanup-redis-cache.sh — Clear all StackFlow cache entries for a tenant
REDIS_HOST="master.stackflow-redis-prod.mnzfvx.use1.cache.amazonaws.com"
REDIS_PORT=6379
TENANT_ID="$1"
if [ -z "$TENANT_ID" ]; then
echo "Usage: ./cleanup-redis-cache.sh <tenant_id>"
exit 1
fi
echo "Clearing cache for tenant: $TENANT_ID"
redis-cli -h "$REDIS_HOST" -p "$REDIS_PORT" -a "$REDIS_AUTH_TOKEN" --tls --scan --pattern "t:${TENANT_ID}:*" | xargs redis-cli -h "$REDIS_HOST" -p "$REDIS_PORT" -a "$REDIS_AUTH_TOKEN" --tls DEL
echo "Cache cleared."