[go: up one dir, main page]

Skip to content
/ ec2cli Public

Utility for managing Amazon Web Services' EC2 Service from the Linux command line

License

Notifications You must be signed in to change notification settings

fstab50/ec2cli

Repository files navigation


EC2cli - Utility for Managing Amazon EC2


Contents

--

back to the top


About this repository

--

back to the top


Summary

EC2cli was developed to make life easier when working with AWS services in a cli environment. EC2cli utilizes AWS' cli tools to enable you to send signed requests to Amazon's API to perform uses cases typically accomplished using the console interface. EC2cli will save time and effort to perform operations such as taking a snapshot or querying the state of EC2 instances to determine which are running.

While it is clear that accomplishing the ec1cli's functionality with the AWS ruby or python SDK's may be cleaner, ec2cli was developed in bash to make it easy for system administrators and solution architects to modify ec2cli for each's respective use cases.

Dependency Note: ec2cli was developed and tested under bash. Some functionality may work with other shells; however, your mileage may vary.

instances

(See Screenshots section below)

--

back to the top


Dependencies

ec2cli requires the following to function correctly:

Important: For proper operation, at a minimum this program requires the default awscli user account should have read-only IAM permissions to all EC2 describe functions.

  • Configuration of Amazon Web Services CLI tools (awscli). After installation, follow this configuration guide to set up the awscli for Bash.
  • jq, a json parser generally available from your distribution repo
  • Standard linux utilities:
    • grep
    • awk
    • sed
    • cat
    • hostname

--

back to the top


Program Options

	$ ec2cli --help

help

Notes:

  • RESOURCE is required. Represents a disparate AWS resource. Only 1 resource at a time is supported.

  • COMMAND is optional. If omitted, ec2cli defaults to the list command and lists details of the EC2 resource specified by the OPTION parameter.

  • REGIONCODE is optional. If omitted, ec2cli defaults to the AWS default region defined in the AWS_DEFAULT_REGION environment variable (if present); or alternately, the awscli config file.

  • create and run commands currently have support for limited resource types. Update your local repo frequently to enable additional resource types as additional types are added.

--

back to the top


Installation


Ubuntu, Linux Mint, Debian variants (Python 3.6+)

The easiest way to install ec2cli on debian-based Linux distributions is via the debian-tools package repository:

  1. Open a command line terminal.

    deb-install0

  2. Download and install the repository definition file

    $ sudo apt install wget
    $ wget http://awscloud.center/deb/debian-tools.list

    deb-install1

    $ sudo chown 0:0 debian-tools.list && sudo mv debian-tools.list /etc/apt/sources.list.d/
  3. Install the package repository public key on your local machine

    $ wget -qO - http://awscloud.center/keys/public.key | sudo apt-key add -

    deb-install2

  4. Update the local package repository cache

    $ sudo apt update
  5. Install ec2cli os package

    $ sudo apt install ec2cli

    deb-install3a

    Answer "y":

    deb-install3b

  6. Verify Installation

    $ apt show ec2cli

    apt-show

--

back to the top


Redhat, CentOS (Python 3.6+), Fedora (Python 3.7+)

The easiest way to install ec2cli on redhat-based Linux distributions is via the developer-tools package repository:

  1. Open a command line terminal.

    rpm-install0

  2. Install the official epel package repository

    $ sudo yum install epel-release
  3. Download and install the repo definition file

    $ sudo yum install wget

    rpm-install1

    $ wget http://awscloud.center/rpm/developer-tools.repo

    rpm-install2

    $ sudo chown 0:0 developer-tools.repo && sudo mv developer-tools.repo /etc/yum.repos.d/

    rpm-install2b

  4. Delete the local repository cache, then Update the cache with new package references

    $ sudo rm -fr /var/cache/yum
    $ sudo yum update -y
  5. Install the ec2cli os package

    $ sudo yum install ec2cli

    rpm-install3

    Answer "y":

    rpm-install4

  6. Verify Installation

    $ yum info ec2cli

    rpm-install5

--

back to the top


Amazon Linux 2

Redhat Package Manager (RPM) format used by Amazon Linux under development. Check amzn2.awscloud.center page for updates.

--

back to the top


Configuration

  1. You will have to configure the Amazon Web Servies comand line interface before attempting to use ec2cli:

a. Run the aws configure command:

$ aws configure
   AWS Access Key ID: foo
   AWS Secret Access Key: bar
   Default region name [us-west-2]: us-west-2
   Default output format [None]: json

b. Optionally, define a profile for a specific user:

  $ aws configure --profile testuser
    AWS Access Key ID: footestuser
    AWS Secret Access Key: bartestuser
    Default region name [us-west-2]: us-west-2
    Default output format [None]: json

c. Configure bash command completion: You'll want to enable command completion to make awscli commands easy to type and recall. After installing awscli, add the following to your .bashrc or .bash_profile:

  # .bashrc
	complete -C aws_completer aws
  1. Next, configure IAM policy permissions for the user profile which will generally be used with ec2cli.

--

back to the top


Verify Your Configuration

After completing the above Installation and Configuration sections, verify your configuration:

$ aws --version

Output:

$  aws-cli/1.19.44 Python/3.8.5 Linux/5.6.0-1052-oem botocore/1.20.44

Note: Python and Kernel versions will depend upon your system parameters

--

back to the top


IAM Permissions

ec2cli Required Permissions

You'll need appropriate IAM permissions to execute ec2cli.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "ec2:Describe*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "elasticloadbalancing:Describe*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "cloudwatch:ListMetrics",
                "cloudwatch:GetMetricStatistics",
                "cloudwatch:Describe*"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "autoscaling:Describe*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "ec2:AttachVolume",
                "ec2:CreateKeyPair",
                "ec2:CreateSecurityGroup",
                "ec2:CreateSnapshot",
                "ec2:DeleteSnapshot",
                "ec2:DetachVolume",
                "ec2:RunInstances",
                "ec2:StartInstances",
                "ec2:StopInstances"
            ],
            "Resource": [
                "*"
        ]
        }
    ]
}

You can grab a read-only version of the policy here or the full IAM policy which allows changes to resources here.

--

back to the top


Build options

GNU Make Targets. If you wish to use this project to compile your own Linux installation pa kages, type the following to display the available make targets from the root of the project:

    $  make help

--

back to the top


Screenshots


Screenshots / ec2cli list command

List command displays AWS resource details for your AWS default region if no region specified. If an alternate region given as a parameter, displays resource details for the specified region.

$ ec2cli --instances  --region us-west-2    # list ec2 instances

instances

$ ec2cli --volumes    # list ebs volume details, AWS default region (us-west-2)

volumes

$ ec2cli --snapshots  --region us-west-2     # list snapshots

snapshots

$ ec2cli --secgroups    # list security group details, AWS default region (us-west-2)

securitygroups

--

back to the top


Screenshots / ec2cli list + --all command

List command displays AWS resource details for your AWS default region if no region specified. If the --all option is used in conjunction with the list command, ec2cli audits all the regions to which your AWS account has access, identifying the resources specified by the RESOURCES parameter. Examples:

$ ec2cli --secgroups list --all    # list all security groups across all AWS regions

secgroups

$ ec2cli --vpcs list --all   # list all VPC's in all AWS regions

vpcs

--

back to the top


Screenshots / ec2cli run command

Note: this utility may also be used to automate login to a running EC2 instance as well as starting a stopped instance. See step 2. (below)

$ ec2cli --instances run    # run/ log on to EC2 instances in default region

1.Select from list of instance choices:

instances

2.After instance is chosen, ec2cli performs a network access check:

  • Access check sources the security group and validates IPs listed in the group against your local IP.
  • Note: if the instance you chose is already running, the ec2cli moves immediately to authentication (Step 4).

instances

3.If network access check succeeds, the ec2 wait function is called to prevent login until the instance starts.

instances

4.Authentication start:

  • Public IP and ssh key name are sourced from instance json data via api call.
  • The ssh key is then located on your local machine in the dir specified by the $SSH_KEYS env variable.

instances

5.Login established (entire start sequence shown)

instances

--

back to the top


Screenshots / ec2cli --tags

Display all tags attached to an EC2 resource by following the steps below:

  1. Enter the --tags parameter after the main executable:
$  ec2cli --tags
  1. Hit the key twice to display a list of available EC2 resource Ids:
$ ec2cli --tags <tab><tab>

tags1

  1. Choose a resource id by typing the first few characters. Then hit the key.
  • Example 1: Tags associated with a specific EC2 machine instance:

tags2

  • Example 2: Tags associated with an EC2 snapshot:

tags3

--

back to the top


Screenshots / Spot Price Utility

Screenshots (continued)

--

back to the top


Author & Copyright

All works contained herein copyrighted via below author unless work is explicitly noted by an alternate author.

  • Copyright Blake Huber, All Rights Reserved.

--

back to the top


License

  • Software contained in this repo is licensed under the license agreement. You may display the license and copyright information by issuing the following command:
$ ec2cli --version

version

--

back to the top


Disclaimer

Code is provided "as is". No liability is assumed by either the code's originating author nor this repo's owner for their use at AWS or any other facility. Furthermore, running function code at AWS may incur monetary charges; in some cases, charges may be substantial. Charges are the sole responsibility of the account holder executing code obtained from this library.

Additional terms may be found in the complete license agreement.

--

back to the top