EC2cli - Amazon EC2 Utilities

• About
• License
• Introduction
• Installation
• Configuration
• Permissions
• Usage
• Screenshots
• Contribution Guidelines
• Contact

About this repository

• Purpose: CLI utilities for use with Amazon Web Services (AWS)
• Version: 2.4.7
• Repo: https://github.com/fstab50/ec2cli
• Mirror: https://blakeca00@bitbucket.org/blakeca00/ec2cli.git

License

• All utilities contained herein are copyrighted and made available under GPLv2
• See LICENSE

back to the top

Introduction

EC2cli was developed to make life easier when working with AWS services in a cli environment. EC2cli utilizes AWS' cli tools to enable you to send signed requests to Amazon's API to perform uses cases typically accomplished using the console interface. EC2cli will save time and effort to perform operations such as taking a snapshot or listing which EC2 instances are running.

That being said, ec2cli was designed for use with relatively low AWS resource counts. If you are operating at scale, these will prove cumbersome since are no embedded filtering capabilities (if you would like to contribute, please see "Contributing" below). The assumption is that if you are operating at scale, you have already developed your own tools for managing and operating AWS resources in a commercial environment.

While I realize that accomplishing the same functionality is easier with the AWS ruby or python SDK's, I developed these in bash to make them easy for system administrators and solution architects to modify for their particular use cases.

Dependency Note: ec2cli was developed and tested under bash. Some functionality may work with other shells; however, your mileage may vary.

(See Screenshots section below)

back to the top

Usage

	$ ec2cli --help     

Notes:

• RESOURCE is required. Represents a disparate AWS resource. Only 1 resource at a time is supported.

• COMMAND is optional. If omitted, ec2cli defaults to the list command and lists details of the EC2 resource specified by the OPTION parameter.

• REGIONCODE is optional. If omitted, ec2cli defaults to the AWS default region defined in the AWS_DEFAULT_REGION environment variable (if present); or alternately, the awscli config file.

• create and run commands currently have support for limited resource types. Update your local repo frequently to enable additional resource types as additional types are added.

back to the top

Installation

AUTOMATED INSTALLATION

• install.sh

  • The easiest way to install ec2cli is to download and run the installer. It will check for all dependencies, and if missing, prompt you to install them.

  • Run the following commands from the filesystem location where you wish to install ec2cli:

        $ cd < ec2cli install dir >
        $ wget https://bitbucket.org/blakeca00/ec2cli/downloads/install.sh
        $ sh install.sh

Alternatively, if you wish to do the installation yourself, please read on.

MANUAL INSTALLATION

• General Dependencies

  • Writable directory where utilities are located
  • One of the following python versions: 2.6.5, 2.7.X+, 3.3.X+, 3.4.X+
  • Installation Amazon CLI tools (awscli, see below this section)
  • awk, see your dist repo
  • sed, see your dist repo

• jq, JSON Parser. Install jq from your local distribution repository.

  $ sudo apt-get install jq    # Ubuntu, most Debian-based distributions

  $ sudo yum install jq        # RedHat, Fedora, CentOS

• Environment variables:

  • Setup the following global environment variables by adding each to your .bashrc or .bash_profile (substitute your respective values)

  	# .bashrc / .bash_profile
  
  	export EC2_REPO=~/git/ec2cli           # location of this README and utilities (writable)
  	export SSH_KEYS=~/AWS                  # location of ssh access keys (.pem files)
  	export AWS_DEFAULT_REGION=us-west-2    # your Primary AWS Region  
  

• Python Package Manager. If you do not currently have it, install pip.

  You can install pip from your distribution's package repo via one of the below
  commands according to your Linux distribution:

• Install the awscli

  Detailed instructions can be found in the README located at: https://github.com/aws/aws-cli/

  $ sudo pip install awscli

• If you have the aws-cli installed and want to upgrade to the latest version you can run:

  $ sudo pip install --upgrade awscli

• Clone this git repo in a writeable directory:

  $ git clone https://blakeca00@bitbucket.org/blakeca00/ec2cli.git

• Add ec2cli to your path. Add the following to your .bashrc, .bash_profile, or .profile:

  export PATH=$PATH:$EC2_REPO

back to the top

Configuration

• Configure awscli running the aws configure command:

  $ aws configure
  
  AWS Access Key ID: foo
  AWS Secret Access Key: bar
  Default region name [us-west-2]: us-west-2
  Default output format [None]: json

• Optionally, define a profile for a specific user:

  $ aws configure --profile testuser
  
  AWS Access Key ID: footestuser
  AWS Secret Access Key: bartestuser
  Default region name [us-west-2]: us-west-2
  Default output format [None]: json

• Command Completion

  You'll want to enable command completion to make awscli commands easy to type and recall. After installing awscli, add the following to your .bashrc or .bash_profile:

  # .bashrc
  complete -C aws_completer aws

back to the top

Verify Your Configuration

After completing the above Installation and Configuration sections, verify your configuration:

	$ ec2cli --version

Note: Python and Kernel versions will depend upon your system parameters

back to the top

IAM Permissions

ec2cli Required Permissions

You'll need appropriate IAM permissions to execute ec2cli.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "ec2:Describe*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "elasticloadbalancing:Describe*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "cloudwatch:ListMetrics",
                "cloudwatch:GetMetricStatistics",
                "cloudwatch:Describe*"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "autoscaling:Describe*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "ec2:AttachVolume",
                "ec2:CreateKeyPair",
                "ec2:CreateSecurityGroup",
                "ec2:CreateSnapshot",
                "ec2:DeleteSnapshot",
                "ec2:DetachVolume",
                "ec2:RunInstances",
                "ec2:StartInstances",
                "ec2:StopInstances"
            ],
            "Resource": [
                "*"
        ]
        }
    ]
}

You can grab a read-only version of the policy here or the full IAM policy which allows changes to resources here.

back to the top

Screenshots

ec2cli list command

List command displays AWS resource details for your AWS default region if no region specified. If an alternate region given as a parameter, displays resource details for the specified region.

$ ec2cli -i    # list ec2 instances, AWS default region (us-west-2)

$ ec2cli -v    # list ebs volume details, AWS default region (us-west-2)

$ ec2cli -s    # list snapshots, AWS default region (us-west-2)

$ ec2cli -g    # list security group details, AWS default region (us-west-2)

back to the top

Screenshots

ec2cli run command

Note: this utility may also be used to automate login to a running EC2 instance as well as starting a stopped instance. See step 2. (below)

$ ec2cli -i run    # run/ log on to EC2 instances in default region

1.Select from list of instance choices:

2.After instance is chosen, ec2cli performs a network access check:

• Access check sources the security group and validates IPs listed in the group against your local IP.
• Note: if the instance you chose is already running, the ec2cli moves immediately to authentication (Step 4).

3.If network access check succeeds, the ec2 wait function is called to prevent login until the instance starts.

4.Authentication start:

• Public IP and ssh key name are sourced from instance json data via api call.
• The ssh key is then located on your local machine in the dir specified by the $SSH_KEYS env variable.

5.Login established (entire start sequence shown)

back to the top

Screenshots

Spot Price Utility

Screenshots (continued)

back to the top

Contribution Guidelines

If you'd like to contribute, please fork and then send me a pull request.

back to the top

Contact

• Repo owner: Blake Huber // @B1akeHuber

back to the top