awful 0.1.0.alpha.1 → 0.1.0.alpha.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/awful.gemspec +1 -0
- data/bin/{param → secret} +2 -2
- data/lib/awful/ec2.rb +0 -7
- data/lib/awful/secret.rb +56 -0
- data/lib/awful/ssm.rb +67 -8
- data/lib/awful/version.rb +1 -1
- data/lib/awful/vpc.rb +33 -8
- metadata +19 -5
- data/lib/awful/param.rb +0 -103
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a6d920e5f1bbc5756ffe4eb9bccfde37f6203454ff1e8ab6f2c9fc05a464eb4c
|
|
4
|
+
data.tar.gz: 39315ee5a3569c65a329828158a8f38611db2dac2e3f62d02e2d3610a8dcf12f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ce7775521074720421fe220028e0dad577aff399b0239585ced2126056dc469f3f64e431b90f9ffbb6cc012b3bfde40c37082879296d6530179db322ccc43a5f
|
|
7
|
+
data.tar.gz: 970509127de9063ec007ca57488c933158f7a4a08f4919d7540da5538da0d544e502c3a09d95e39d26a48c1500dbd4e65226bc2127b69fdb0a30358027c0d8be
|
data/awful.gemspec
CHANGED
data/bin/{param → secret}
RENAMED
data/lib/awful/ec2.rb
CHANGED
data/lib/awful/secret.rb
ADDED
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
require 'aws-sdk-secretsmanager'
|
|
2
|
+
|
|
3
|
+
module Awful
|
|
4
|
+
class Secret < Cli
|
|
5
|
+
COLORS = {
|
|
6
|
+
AWSCURRENT: :green
|
|
7
|
+
}
|
|
8
|
+
|
|
9
|
+
no_commands do
|
|
10
|
+
def client
|
|
11
|
+
@_client ||= Aws::SecretsManager::Client.new
|
|
12
|
+
end
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
desc 'ls', 'list secrets'
|
|
16
|
+
def ls(prefix = nil)
|
|
17
|
+
client.list_secrets.map(&:secret_list).flatten.tap do |secrets|
|
|
18
|
+
secrets.select! { |s| s.name.start_with?(prefix) } if prefix
|
|
19
|
+
end.map do |s|
|
|
20
|
+
[ s.name, s.created_date, s.primary_region ]
|
|
21
|
+
end.tap do |list|
|
|
22
|
+
print_table list.sort
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
desc 'get SECRET', 'get secret value'
|
|
27
|
+
method_option :show, aliases: '-s', type: :boolean, default: false, desc: 'show secret values'
|
|
28
|
+
method_option :previous, aliases: '-p', type: :boolean, default: false, desc: 'show previous value'
|
|
29
|
+
def get(id)
|
|
30
|
+
string = client.get_secret_value(secret_id: id).secret_string
|
|
31
|
+
begin
|
|
32
|
+
hash = JSON.parse(string)
|
|
33
|
+
hash.each { |k,v| hash[k] = "#{v.bytesize} bytes" } unless options[:show]
|
|
34
|
+
print_table hash.sort
|
|
35
|
+
rescue JSON::ParserError
|
|
36
|
+
puts string
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
desc 'history SECRET', 'get secret versions'
|
|
41
|
+
def history(id)
|
|
42
|
+
print_table client.list_secret_version_ids(secret_id: id).versions.map { |v|
|
|
43
|
+
[ v.version_id, color(v.version_stages.join(',')), v.created_date ]
|
|
44
|
+
}
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
desc 'delete SECRET', 'delete secret'
|
|
48
|
+
method_option :window, aliases: '-w', type: :numeric, default: 7, desc: 'recovery window in days'
|
|
49
|
+
def delete(id)
|
|
50
|
+
if yes?("Really delete secret #{id}?", :yellow)
|
|
51
|
+
puts client.delete_secret(secret_id: id, recovery_window_in_days: options[:window]).deletion_date
|
|
52
|
+
end
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
end
|
|
56
|
+
end
|
data/lib/awful/ssm.rb
CHANGED
|
@@ -1,12 +1,6 @@
|
|
|
1
1
|
require 'aws-sdk-ssm'
|
|
2
2
|
|
|
3
3
|
module Awful
|
|
4
|
-
module Short
|
|
5
|
-
def ssm(*args)
|
|
6
|
-
Awful::Ssm.new.invoke(*args)
|
|
7
|
-
end
|
|
8
|
-
end
|
|
9
|
-
|
|
10
4
|
class Ssm < Cli
|
|
11
5
|
COLORS = {
|
|
12
6
|
Success: :green,
|
|
@@ -21,9 +15,74 @@ module Awful
|
|
|
21
15
|
end
|
|
22
16
|
end
|
|
23
17
|
|
|
24
|
-
desc 'ls', 'list
|
|
18
|
+
desc 'ls [PREFIX]', 'list parameters'
|
|
19
|
+
def ls(prefix = '/')
|
|
20
|
+
filters = [ { key: :Name, option: :BeginsWith, values: [ prefix.sub(/^(\w)/, '/\1') ] } ]
|
|
21
|
+
ssm.describe_parameters(parameter_filters: filters).each do |response|
|
|
22
|
+
response.parameters.each { |p| puts p.name }
|
|
23
|
+
sleep 0.1 # this api will throttle easily
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
desc 'get NAME', 'get parameter value'
|
|
28
|
+
method_option :decrypt, aliases: '-d', type: :boolean, default: false, desc: 'decrypt SecureString'
|
|
29
|
+
def get(name)
|
|
30
|
+
puts ssm.get_parameter(name: name, with_decryption: options[:decrypt]).parameter.value
|
|
31
|
+
rescue Aws::SSM::Errors::ParameterNotFound => e
|
|
32
|
+
error(e.message)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
desc 'path NAME', 'get parameters by path'
|
|
36
|
+
method_option :decrypt, aliases: '-d', type: :boolean, default: false, desc: 'decrypt SecureString'
|
|
37
|
+
method_option :recursive, aliases: '-r', type: :boolean, default: false, desc: 'recurse hierarchy'
|
|
38
|
+
method_option :show, aliases: '-s', type: :boolean, default: false, desc: 'show values'
|
|
39
|
+
def path(path)
|
|
40
|
+
cmd = options[:show] ? ->(p) { puts "#{p.name} #{p.value}" } : ->(p) { puts p.name }
|
|
41
|
+
ssm.get_parameters_by_path(path: path, with_decryption: options[:decrypt], recursive: options[:recursive]).each do |response|
|
|
42
|
+
response.parameters.each(&cmd.method(:call))
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
desc 'put NAME VALUE', 'put parameter'
|
|
47
|
+
method_option :description, aliases: '-d', type: :string, default: nil, desc: 'description for params'
|
|
48
|
+
method_option :key_id, aliases: '-k', type: :string, default: nil, desc: 'KMS key for SecureString params'
|
|
49
|
+
method_option :overwrite, aliases: '-o', type: :boolean, default: false, desc: 'overwrite existing params'
|
|
50
|
+
method_option :type, aliases: '-t', type: :string, default: :String, desc: 'String, StringList, SecureString'
|
|
51
|
+
def put(name, value)
|
|
52
|
+
ssm.put_parameter(
|
|
53
|
+
name: name,
|
|
54
|
+
value: value,
|
|
55
|
+
description: options[:description],
|
|
56
|
+
type: options[:type],
|
|
57
|
+
key_id: options[:key_id],
|
|
58
|
+
overwrite: options[:overwrite],
|
|
59
|
+
)
|
|
60
|
+
rescue Aws::SSM::Errors::ParameterAlreadyExists => e
|
|
61
|
+
error(e.message)
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
desc 'delete NAME', 'delete parameter'
|
|
65
|
+
def delete(name)
|
|
66
|
+
if yes?("Really delete parameter #{name}?", :yellow)
|
|
67
|
+
ssm.delete_parameter(name: name)
|
|
68
|
+
end
|
|
69
|
+
rescue Aws::SSM::Errors::ParameterNotFound => e
|
|
70
|
+
error(e.message)
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
desc 'history NAME', 'get parameter history'
|
|
74
|
+
method_option :decrypt, aliases: '-d', type: :boolean, default: false, desc: 'decrypt SecureString'
|
|
75
|
+
def history(name)
|
|
76
|
+
ssm.get_parameter_history(name: name, with_decryption: options[:decrypt]).each do |p|
|
|
77
|
+
print_table p.parameters.map { |h|
|
|
78
|
+
[ h.version, h.last_modified_date, h.value ]
|
|
79
|
+
}
|
|
80
|
+
end
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
desc 'commands', 'list commands'
|
|
25
84
|
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'Long listing'
|
|
26
|
-
def
|
|
85
|
+
def commands
|
|
27
86
|
ssm.list_commands.commands.output do |cmds|
|
|
28
87
|
if options[:long]
|
|
29
88
|
print_table cmds.map { |c|
|
data/lib/awful/version.rb
CHANGED
data/lib/awful/vpc.rb
CHANGED
|
@@ -1,17 +1,19 @@
|
|
|
1
1
|
module Awful
|
|
2
|
-
module Short
|
|
3
|
-
def vpc(*args)
|
|
4
|
-
Awful::Vpc.new.invoke(*args)
|
|
5
|
-
end
|
|
6
|
-
end
|
|
7
|
-
|
|
8
2
|
class Vpc < Cli
|
|
3
|
+
COLORS = {
|
|
4
|
+
active: :green,
|
|
5
|
+
available: :green,
|
|
6
|
+
deleted: :red,
|
|
7
|
+
expired: :red,
|
|
8
|
+
failed: :red,
|
|
9
|
+
rejected: :red,
|
|
10
|
+
}
|
|
9
11
|
|
|
10
12
|
desc 'ls [PATTERN]', 'list vpcs [with any tags matching PATTERN]'
|
|
11
13
|
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'Long listing'
|
|
12
14
|
def ls(name = /./)
|
|
13
15
|
fields = options[:long] ?
|
|
14
|
-
->(v) { [tag_name(v), v.vpc_id, v.state, v.cidr_block] } :
|
|
16
|
+
->(v) { [tag_name(v), v.vpc_id, color(v.state), v.cidr_block] } :
|
|
15
17
|
->(v) { [v.vpc_id] }
|
|
16
18
|
ec2.describe_vpcs.map(&:vpcs).flatten.select do |vpc|
|
|
17
19
|
vpc.tags.any? { |tag| tag.value.match(name) }
|
|
@@ -31,6 +33,29 @@ module Awful
|
|
|
31
33
|
end
|
|
32
34
|
end
|
|
33
35
|
|
|
34
|
-
|
|
36
|
+
desc 'delete VPC', 'delete vpc'
|
|
37
|
+
def delete(vpc_id)
|
|
38
|
+
if yes?("Really delete vpc #{vpc_id}?", :yellow)
|
|
39
|
+
p ec2.delete_vpc(vpc_id: vpc_id)
|
|
40
|
+
end
|
|
41
|
+
rescue Aws::EC2::Errors::DependencyViolation => e
|
|
42
|
+
error(e.message)
|
|
43
|
+
rescue Aws::EC2::Errors::InvalidVpcIDNotFound => e
|
|
44
|
+
error(e.message)
|
|
45
|
+
end
|
|
35
46
|
|
|
47
|
+
desc 'peers', 'list vpc peers'
|
|
48
|
+
def peers
|
|
49
|
+
ec2.describe_vpc_peering_connections.map(&:vpc_peering_connections).flatten.map do |p|
|
|
50
|
+
[
|
|
51
|
+
tag_name(p, '-'), p.vpc_peering_connection_id, color(p.status.code),
|
|
52
|
+
p.requester_vpc_info.vpc_id, p.accepter_vpc_info.vpc_id,
|
|
53
|
+
p.requester_vpc_info.cidr_block, p.accepter_vpc_info.cidr_block,
|
|
54
|
+
]
|
|
55
|
+
end.tap do |list|
|
|
56
|
+
print_table list.sort
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
end
|
|
36
61
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: awful
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.0.alpha.
|
|
4
|
+
version: 0.1.0.alpha.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ric Lister
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-02-
|
|
11
|
+
date: 2022-02-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -178,6 +178,20 @@ dependencies:
|
|
|
178
178
|
- - ">="
|
|
179
179
|
- !ruby/object:Gem::Version
|
|
180
180
|
version: '0'
|
|
181
|
+
- !ruby/object:Gem::Dependency
|
|
182
|
+
name: aws-sdk-secretsmanager
|
|
183
|
+
requirement: !ruby/object:Gem::Requirement
|
|
184
|
+
requirements:
|
|
185
|
+
- - ">="
|
|
186
|
+
- !ruby/object:Gem::Version
|
|
187
|
+
version: '0'
|
|
188
|
+
type: :runtime
|
|
189
|
+
prerelease: false
|
|
190
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
191
|
+
requirements:
|
|
192
|
+
- - ">="
|
|
193
|
+
- !ruby/object:Gem::Version
|
|
194
|
+
version: '0'
|
|
181
195
|
- !ruby/object:Gem::Dependency
|
|
182
196
|
name: aws-sdk-ssm
|
|
183
197
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -224,11 +238,11 @@ executables:
|
|
|
224
238
|
- kms
|
|
225
239
|
- lambda
|
|
226
240
|
- lc
|
|
227
|
-
- param
|
|
228
241
|
- r53
|
|
229
242
|
- rds
|
|
230
243
|
- route
|
|
231
244
|
- s3
|
|
245
|
+
- secret
|
|
232
246
|
- sg
|
|
233
247
|
- sqs
|
|
234
248
|
- ssm
|
|
@@ -275,11 +289,11 @@ files:
|
|
|
275
289
|
- bin/kms
|
|
276
290
|
- bin/lambda
|
|
277
291
|
- bin/lc
|
|
278
|
-
- bin/param
|
|
279
292
|
- bin/r53
|
|
280
293
|
- bin/rds
|
|
281
294
|
- bin/route
|
|
282
295
|
- bin/s3
|
|
296
|
+
- bin/secret
|
|
283
297
|
- bin/sg
|
|
284
298
|
- bin/sqs
|
|
285
299
|
- bin/ssm
|
|
@@ -325,11 +339,11 @@ files:
|
|
|
325
339
|
- lib/awful/lambda.rb
|
|
326
340
|
- lib/awful/lambda_events.rb
|
|
327
341
|
- lib/awful/launch_config.rb
|
|
328
|
-
- lib/awful/param.rb
|
|
329
342
|
- lib/awful/rds.rb
|
|
330
343
|
- lib/awful/route53.rb
|
|
331
344
|
- lib/awful/route_table.rb
|
|
332
345
|
- lib/awful/s3.rb
|
|
346
|
+
- lib/awful/secret.rb
|
|
333
347
|
- lib/awful/security_group.rb
|
|
334
348
|
- lib/awful/sqs.rb
|
|
335
349
|
- lib/awful/ssm.rb
|
data/lib/awful/param.rb
DELETED
|
@@ -1,103 +0,0 @@
|
|
|
1
|
-
require 'aws-sdk-ssm'
|
|
2
|
-
|
|
3
|
-
module Awful
|
|
4
|
-
module Short
|
|
5
|
-
def param(*args)
|
|
6
|
-
Awful::Param.new.invoke(*args)
|
|
7
|
-
end
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
class Param < Cli
|
|
11
|
-
no_commands do
|
|
12
|
-
def ssm
|
|
13
|
-
@ssm ||= Aws::SSM::Client.new
|
|
14
|
-
end
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
desc 'ls [NAMES]', 'list parameters'
|
|
18
|
-
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
19
|
-
method_option :type, aliases: '-t', type: :array, default: nil, desc: 'filter types: String, StringList, SecureString'
|
|
20
|
-
method_option :key_id, aliases: '-k', type: :array, default: nil, desc: 'filter key IDs'
|
|
21
|
-
def ls(*names)
|
|
22
|
-
filters = []
|
|
23
|
-
filters += [{key: 'Name', values: names}] unless names.empty?
|
|
24
|
-
filters += [{key: 'Type', values: options[:type]}] if options[:type]
|
|
25
|
-
filters += [{key: 'KeyId', values: options[:key_id]}] if options[:key_id]
|
|
26
|
-
paginate(:parameters) do |token|
|
|
27
|
-
ssm.describe_parameters(filters: filters, next_token: token)
|
|
28
|
-
end.output do |params|
|
|
29
|
-
if options[:long]
|
|
30
|
-
print_table params.map { |p|
|
|
31
|
-
[p.name, p.type, p.description, p.key_id, p.last_modified_date, p.last_modified_user.split('/').last]
|
|
32
|
-
}
|
|
33
|
-
else
|
|
34
|
-
puts params.map(&:name)
|
|
35
|
-
end
|
|
36
|
-
end
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
desc 'get NAMES', 'get parameter values'
|
|
40
|
-
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
41
|
-
method_option :decrypt, aliases: '-d', type: :boolean, default: false, desc: 'decrypt values for SecureString types'
|
|
42
|
-
def get(*names)
|
|
43
|
-
names.each_slice(10).map do |batch| # API allows only 10 at a time
|
|
44
|
-
ssm.get_parameters(names: batch, with_decryption: options[:decrypt]).parameters
|
|
45
|
-
end.flatten.output do |params|
|
|
46
|
-
if options[:long]
|
|
47
|
-
print_table params.map { |p|
|
|
48
|
-
[p.name, p.value]
|
|
49
|
-
}
|
|
50
|
-
else
|
|
51
|
-
puts params.map(&:value)
|
|
52
|
-
end
|
|
53
|
-
end
|
|
54
|
-
end
|
|
55
|
-
|
|
56
|
-
desc 'history NAME', 'get parameter history'
|
|
57
|
-
method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
|
|
58
|
-
def history(name)
|
|
59
|
-
paginate(:parameters) do |token|
|
|
60
|
-
ssm.get_parameter_history(
|
|
61
|
-
name: name,
|
|
62
|
-
with_decryption: options[:decrypt],
|
|
63
|
-
next_token: token,
|
|
64
|
-
)
|
|
65
|
-
end.output do |params|
|
|
66
|
-
if options[:long]
|
|
67
|
-
print_table params.map { |p|
|
|
68
|
-
[p.name, p.value, p.last_modified_date, p.last_modified_user]
|
|
69
|
-
}
|
|
70
|
-
else
|
|
71
|
-
puts params.map(&:value)
|
|
72
|
-
end
|
|
73
|
-
end
|
|
74
|
-
end
|
|
75
|
-
|
|
76
|
-
desc 'put NAME VALUE', 'put parameter into the store'
|
|
77
|
-
method_option :name, aliases: '-n', type: :string, default: nil, desc: 'give name as option instead of arg'
|
|
78
|
-
method_option :value, aliases: '-v', type: :string, default: nil, desc: 'give value as option instead of arg'
|
|
79
|
-
method_option :description, aliases: '-d', type: :string, default: nil, desc: 'description for params'
|
|
80
|
-
method_option :type, aliases: '-t', type: :string, default: 'String', desc: 'String, StringList, SecureString'
|
|
81
|
-
method_option :key_id, aliases: '-k', type: :string, default: nil, desc: 'KMS key for SecureString params'
|
|
82
|
-
method_option :overwrite, aliases: '-o', type: :boolean, default: false, desc: 'overwrite existing params'
|
|
83
|
-
def put(name = nil, value = nil)
|
|
84
|
-
ssm.put_parameter(
|
|
85
|
-
name: options[:name] || name,
|
|
86
|
-
value: options[:value] || value,
|
|
87
|
-
description: options[:description],
|
|
88
|
-
type: options[:type],
|
|
89
|
-
key_id: options[:key_id],
|
|
90
|
-
overwrite: options[:overwrite],
|
|
91
|
-
)
|
|
92
|
-
end
|
|
93
|
-
|
|
94
|
-
desc 'delete NAME', 'delete parameter from the store'
|
|
95
|
-
method_option :yes, aliases: '-y', type: :boolean, default: false, desc: 'delete without query'
|
|
96
|
-
def delete(name)
|
|
97
|
-
if options[:yes] || yes?("Really delete parameter #{name}?", :yellow)
|
|
98
|
-
ssm.delete_parameter(name: name)
|
|
99
|
-
end
|
|
100
|
-
end
|
|
101
|
-
|
|
102
|
-
end
|
|
103
|
-
end
|