runbooks vpc analyzeΒΆ
Auto-generated from
runbooks vpc analyze --helpon 2026-05-21. Source of truth: runbooks PyPI package v1.3.22
Usage: runbooks vpc analyze [OPTIONS]
Comprehensive VPC network analysis with cost optimization.
π ANALYSIS DIMENSIONS
βββ π Network Architecture
β βββ VPC configuration, subnets, route tables, NACLs
βββ π° Cost Optimization
β βββ NAT Gateways, VPC Endpoints, unused ENIs
βββ π Security Posture
β βββ Security groups, firewall bypass, public exposure
βββ π Utilization Metrics
βββ Traffic patterns, bandwidth, connection tracking
π‘ Epic 2 Focus: NAT Gateway optimization (25-50% network cost savings) π
Example: runbooks vpc analyze --profile ops --output-dir /tmp/ π Example:
runbooks vpc analyze --instance-ip 192.168.13.140 # Per-host traffic
Options:
--profile TEXT AWS profile for single-account operations.
π Profile Selection Guide: βββββββββββββββββ
ββββββββββββββββββββββββββββββ
Single Account β Use --profile YOUR_PROFILE
Example: --profile dev-account When:
Developer/operator working in one AWS
account
Multi-Account LZ β Use --all-profiles (see
inventory commands) Example: --all-
profiles When: Platform team discovering
across organization
π Enrichment Profiles (Automatic): β’
Organizations: MANAGEMENT_PROFILE β’ Costs:
BILLING_PROFILE Note: Separate from
discovery profile
Decision: Single account = --profile |
Multi-account = --all-profiles
--region TEXT AWS region override (default: ap-
southeast-2)
--dry-run Safe analysis mode - no resource
modifications (enterprise default)
-f, --format, --output-format [json|csv|table|pdf|markdown]
Output format for results display
(-f/--format preferred, --output-format
legacy)
--output-dir PATH Directory for generated files and evidence
packages
--all-outputs Generate all output formats (JSON, CSV, PDF,
Markdown) - use with --output-dir
--csv Export to CSV format (convenience flag,
activates --all-outputs)
--json Export to JSON format (convenience flag,
activates --all-outputs)
--markdown Export to Markdown format (convenience flag,
activates --all-outputs)
--cost-optimization Include cost optimization analysis
--topology-analysis Include network topology analysis
--security-assessment Include security configuration review
--savings-target FLOAT RANGE Target savings percentage for optimization
[0.1<=x<=0.8]
--all Use all available AWS profiles for multi-
account VPC analysis
--config PATH Path to YAML campaign configuration file
(config-driven analysis)
--instance-ip IP_ADDRESS Filter VPC flow log analysis to traffic
to/from a specific IP address. When
provided, runs per-host traffic analysis
instead of full VPC analysis. Example:
--instance-ip 192.168.13.140
--help Show this message and exit.