awsam 0.0.1

data/.gitignore

@@ -0,0 +1,43 @@
+# rcov generated
+coverage
+
+# rdoc generated
+rdoc
+
+# yard generated
+doc
+.yardoc
+
+# bundler
+.bundle
+
+# jeweler generated
+pkg
+
+# Have editor/IDE/OS specific files you need to ignore? Consider using a global gitignore: 
+#
+# * Create a file at ~/.gitignore
+# * Include files you want ignored
+# * Run: git config --global core.excludesfile ~/.gitignore
+#
+# After doing this, these files will be ignored in all your git projects,
+# saving you from having to 'pollute' every project you touch with them
+#
+# Not sure what to needs to be ignored for particular editors/OSes? Here's some ideas to get you started. (Remember, remove the leading # of the line)
+#
+# For MacOS:
+#
+#.DS_Store
+#
+# For TextMate
+#*.tmproj
+#tmtags
+#
+# For emacs:
+#*~
+#\#*
+#.\#*
+#
+# For vim:
+#*.swp
+/Gemfile.lock

data/Gemfile

@@ -0,0 +1,3 @@
+source "https://rubygems.org"
+
+gemspec

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Mike Heffner
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,292 @@
+AWSAM (Amazon Web Services Account Manager) allows you to easily manage multiple sets of AWS credentials. It has support for multiple accounts and multiple key-pairs per account.
+
+Account switching auto-populates ENV vars used by AWS' command line tools and AWSAM additionally gives you intelligent wrappers for `ssh` and `scp` which can be used like:
+
+    # ssh by AWS instance id
+    $ assh ubuntu@i-123456
+    
+    # ssh by AWS tag name
+    $ assh ubuntu@web-node-01
+    
+    # ssh by AWS tag name to an arbitrary node using a substring
+    #
+    # This example assumes you have the following nodes and that 
+    # you're indifferent to which node you connect to:
+    # web-node-01, web-node-02, web-node-3
+    $ assh -f ubuntu@web-node-
+
+    # scp by instance id
+    $ ascp local-file ubuntu@i-123456:remote-file
+
+AWSAM supports both AWS' legacy [Java-based CLI tools](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SettingUp_CommandLine.html) and their newer [python-based CLI](http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-welcome.html).
+
+# Installation
+
+1. Install the gem.
+
+        $ gem install awsam
+
+2. Install BASH rc file
+
+        $ raem --init
+        Initialized AWS Account Manager
+
+        Add the following to your .bashrc:
+
+          if [ -s $HOME/.awsam/bash.rc ]; then
+              source $HOME/.awsam/bash.rc
+          fi
+
+3. Open a new bash environment.
+
+### Environment variables
+
+*AWS Account Manager* sets a variety of environment variables when
+selecting accounts and SSH keypairs. Some of these environment
+variables match the ones used by the Amazon EC2 CLI tools and some our
+unique to AWSAM. It is often convenient to use these environment
+variables in DevOPs scripts in place of hard-coded values -- allowing
+your scripts to be seamlessly used for staging and production
+environments simply by switching the active account with `aem`.
+
+The environment variables set when selecting an account are:
+
+* `AMAZON_ACCESS_KEY_ID` and `AWS_ACCESS_KEY_ID` and `AWS_ACCESS_KEY` - API access key
+
+* `AMAZON_SECRET_ACCESS_KEY` and `AWS_SECRET_ACCESS_KEY` and `AWS_SECRET_KEY` - Secret API access key
+
+* `AMAZON_AWS_ID` - The integer ID of this AWS account
+
+When selecting an SSH key, the following environment variables are
+set:
+
+* `AMAZON_SSH_KEY_NAME` - Name of the keypair.
+* `AMAZON_SSH_KEY_FILE` - Full path to the public key PEM file
+
+### Updating
+
+1. Update repo (fetch && merge) or `gem update awsam`
+
+2. Run `raem --init`. Ignore instructions to setup .bashrc if
+   you've already done so.
+
+3. Close and reopen your shell or `source ~/.bashrc`.
+
+# General Usage
+
+### Add an account
+
+If the environment already contains AWS variables, these will be
+presented as defaults.
+
+    $ aem add
+    Creating a new AWS account...
+    Short name: staging
+    Description: Staging account
+    AWS Region [us-east-1]: us-east-1
+    Access key [12346]: 123 *from AWS credentials*
+    Secret key [secret123456]: 455 *from AWS credentials*
+    AWS ID: aws_account
+
+Note: if your shell can't find the `aem` command it is most likely because you haven't successfully sourced `.awsam/bash.rc` in the install steps.
+
+### Select the active account
+
+This will update the current environment with the appropriate AWS
+environment variables.
+
+    $ aem use staging
+
+When selecting an account you can mark it as the default account with
+the `--default` option:
+
+    $ aem use --default staging
+
+### List accounts
+
+The active account will be marked with an arrow. The default, if set,
+will be marked with an asterisk.
+
+    $ aem list
+
+    AWS Accounts:
+
+       prod [Librato Production] [1 key: my-prod-key]
+    => staging [Staging account]
+      *dev [Librato Development] [1 key: devel-key]
+
+
+### Import a key pair
+
+Add a key to the default account, or the specified account. Defaults
+chosen from current environment if set.
+
+    $ aem key add my-key-name /path/to/my-keypair.pem
+    Imported key pair my-key-name for account staging [Staging account]
+
+_The keypair *must* match the name of the keypair in AWS_
+
+### Select a key
+
+This will select an SSH keypair to use from your current account and
+set the environment variables `AMAZON_SSH_KEY_NAME` and
+`AMAZON_SSH_KEY_FILE` appropriately. It will also highlight the key in
+the list output with the '>' character.
+
+    $ aem key use my-key-name
+
+    $ aem list
+
+    AWS Accounts:
+
+       staging [Staging account]
+    => dev [Librato Development] [1 key: >my-key-name]
+
+You can also define a default key for each account that will
+automatically be selected when the account is chosen. Just use the
+`--default` option when selecting a key to set a default key. Picking
+a default will place an asterisk next to the key name in the `aem
+list` output.
+
+    $ aem key use --default my-key-name
+
+### assh utility: SSH by instance ID
+
+Instance IDs will be looked up using the current account details. If
+the instance's keypair name exists, that keyfile will be used as the
+identity file to ssh.
+
+Usage:
+
+    $ assh [user@]<instance-id>
+
+Example:
+
+    $ assh ubuntu@i-123456
+    warning: peer certificate won't be verified in this SSL session
+    Loging in as ubuntu to ec2-1.2.3.4.compute-1.amazonaws.com
+
+    ...
+
+    ubuntu@host:~$
+
+### assh utility: SSH by tag name
+
+Instances will be looked up by their tag name.  This tag name can be found assigned to the "value" key when you run ec2-describe-tags, using the AWS CLI Tools.
+
+Usage:
+
+    $ assh [user@]<instance tag name>
+
+Example:
+
+    $ assh ubuntu@web-node-01
+    warning: peer certificate won't be verified in this SSL session
+    Loging in as ubuntu to ec2-1.2.3.4.compute-1.amazonaws.com
+
+    ...
+
+    ubuntu@web-node-01:~$
+
+If you use assh with a substringed tag name which matches against several nodes, you will have the option to choose a specific node.  For example, let's say you have 3 nginx nodes all running the same code and your nodes are named:
+
+    web-node-01, web-node-02, web-node-03
+
+Then you run the following from within your terminal:
+
+Usage:
+
+    $ assh ubuntu@web-node-
+    Please select which node you wish to use:
+    0) web-node-01 (i-43dfed45)
+    1) web-node-02 (i-789eft24)
+    2) web-node-03 (i-546fer56)
+    > 1
+
+You'll notice that you're given a list of the nodes in your account that match the "web-node-*" pattern.  The instance ID associated with each node is appended to each option as well.  You will then be given a prompt (>) where you enter the index of the node you want to connect to.
+
+Finally, if you use assh with a substringed tag name using the -f option, you can pass the base substring of a cluster of common nodes to connect to an **arbitrary** node within that cluster.  The -f option assumes you have 'n' number of machines using a shared base name, all running mirrored environments.  Once again, we will use the web-node-[01,02,03] scenario from our previous example:
+
+Usage:
+
+    $ assh -f [user@]web-node-
+
+In this example, you would automatically connect to one of the machines in your account which matches the "web-node-*" pattern without having to explicitly choose a node.
+
+#### assh utility: questions/help?
+Run the following from your terminal:
+
+    $ assh --help
+
+or:
+
+    $ assh -h
+
+### ascp utility: SCP by instance ID
+
+Instance IDs will be looked up using the current account details. If
+the instance's keypair name exists, that keyfile will be used as the
+identity file to scp.
+
+Usage:
+
+    $ ascp [user@]<instance ID>:remote-file local-file
+    $ ascp local-file [user@]<instance ID>:remote-file
+
+### Default user
+
+You can specify a default user to *assh* by setting
+`AWS_DEFAULT_USER`:
+
+```
+$ AWS_DEFAULT_USER=ubuntu assh datanode
+Please select which node you wish to use:
+
+0) metrics_facing-stg-v2-datanode-11 (i-30XXXXX, m1.large, 2014-02-12T20:46:29.000Z)
+1) metrics_facing-stg-v2-datanode-12 (i-91XXXXX, m1.large, 2014-02-13T04:20:32.000Z)
+2) metrics_facing-stg-v2-datanode-13 (i-64XXXXX, m1.large, 2014-03-04T18:59:26.000Z)
+q) Quit
+
+> 2
+
+Logging in as ubuntu to ec2-XXXX.compute-1.amazonaws.com
+```
+
+### Remove a key
+
+You can remove ah SSH key from an account (defaults to the current
+account).
+
+    $ aem key remove --acct prod my-prod-key
+
+### Remove an account
+
+You can remove an account as long as it is not the active one.
+
+    $ aem remove staging
+
+## Contributing to awsam
+
+* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet
+* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it
+* Fork the project
+* Start a feature/bugfix branch
+* Commit and push until you are happy with your contribution
+* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
+
+### TODO List
+
+assh utility:
+
+ * ssh to a tag name (multiple?)
+ * caches instance id => hostname for fast lookup
+ * determines user?
+ * supports complete SSH CLI options
+ * inline commands, eg: `ssh user@instance sudo tail /var/log/messages`
+ 
+## Copyright
+
+Copyright (c) 2011 Mike Heffner. See LICENSE.txt for
+further details.
+

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/awsam.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'awsam/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "awsam"
+  spec.version       = Awsam::VERSION
+  spec.authors       = ["Mike Heffner"]
+  spec.email         = ["mikeh@fesnel.com"]
+  spec.summary       = %q{Amazon Web Services Account Manager}
+  spec.description   = %q{Amazon Web Services Account Manager (modeled after 'rvm')}
+  spec.homepage      = ""
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency 'right_aws', '3.1.0'
+  spec.add_dependency 'trollop', '2.0'
+
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "rake", "~> 10.0"
+end

data/bashrc/rc.scr

@@ -0,0 +1,370 @@
+function __aem_active()
+{
+	echo "$AWSAM_ACTIVE_ACCOUNT"
+}
+
+function __aem_active_key()
+{
+	echo "$AWSAM_ACTIVE_KEY"
+}
+
+function __aem_usage()
+{
+	echo "Usage: aem <command> [<args>]"
+	echo
+	echo "Possible commands:"
+	echo
+	echo "  add               Add a new AWS account"
+	echo
+	echo "  remove NAME       Remove the NAME account"
+	echo
+	echo "  key <cmd>"
+	echo "        +->  add [--acct <ACCT>] KEYNAME KEYFILE"
+	echo "        |           Add key to ACCT or default to active one"
+	echo "        +->  remove [--acct <ACCT>] KEYNAME"
+	echo "        |           Remove key from ACCT or default"
+	echo "        +->  use [--default] KEYNAME"
+	echo "                    Use the KEYNAME from the current account"
+	echo "                    Will set the key as the default for the"
+	echo "                    account if the --default option is set"
+	echo
+	echo "  list              List AWS accounts"
+	echo
+	echo "  use [--default] NAME"
+        echo "                    Use the NAME account. Set as default if"
+	echo "                    the option --default is specified"
+	echo
+}
+
+# Fail with error message and print usage
+function __aem_fusage()
+{
+	local MSG="$*"
+
+	if [ -n "$MSG" ]; then
+		printf "ERROR: $MSG\n" >&2
+		# Add a blank between error and usage
+		echo
+	fi
+
+	__aem_usage
+}
+
+# Just print message to standard output
+function __aem_fail()
+{
+	local MSG="$*"
+
+	if [ -n "$MSG" ]; then
+		printf "ERROR: $MSG\n" >&2
+	fi
+}
+
+function __aem_add()
+{
+
+	raem --add
+}
+
+function __aem_remove()
+{
+	if [ $# -ne 1 ]; then
+		__aem_fusage "Remove requires an argument"
+		return 1
+	fi
+
+	local ACCT="$1"
+	if [ "$ACCT" = "$(__aem_active)" ]; then
+		__aem_fail "Can not remove the active account"
+		return 1
+	fi
+
+	raem --remove --account "$ACCT"
+}
+
+function __aem_key_add()
+{
+	local KEYNAME=""
+	local KEYFILE=""
+	local ACCT=""
+
+	while [ $# -gt 0 ]; do
+		if [ "$1" = "--acct" ]; then
+			shift
+			if [ $# -lt 1 ]; then
+				__aem_fusage "--acct requires argument"
+				return 1
+			fi
+
+			ACCT="$1"
+			shift
+			continue
+		fi
+
+		if [ -z "$KEYNAME" ]; then
+			KEYNAME="$1"
+		else
+			KEYFILE="$1"
+		fi
+		shift
+	done
+
+	if [ -z "$KEYNAME" -o -z "$KEYFILE" ]; then
+		__aem_fusage "Insufficient arguments"
+		return 1
+	fi
+
+	if [ -z "$ACCT" ]; then
+		ACCT=$(__aem_active)
+		if [ -z "$ACCT" ]; then
+			__aem_fail "No account specified and none active."
+			return 1
+		fi
+	fi
+
+	raem --import-key --account "$ACCT" --keyname "$KEYNAME" \
+	    --keyfile "$KEYFILE"
+}
+
+function __aem_key_remove()
+{
+	local KEYNAME=""
+	local ACCT=""
+
+	while [ $# -gt 0 ]; do
+		if [ "$1" = "--acct" ]; then
+			shift
+			if [ $# -lt 1 ]; then
+				__aem_fusage "--acct requires argument"
+				return 1
+			fi
+
+			ACCT="$1"
+			shift
+			continue
+		fi
+
+		KEYNAME="$1"
+		shift
+	done
+
+	if [ -z "$KEYNAME" ]; then
+		__aem_fusage "Must specify key to remove"
+		return 1
+	fi
+
+	if [ -z "$ACCT" ]; then
+		ACCT=$(__aem_active)
+		if [ -z "$ACCT" ]; then
+			__aem_fail "No account specified and none active."
+			return 1
+		fi
+	fi
+
+	# Unset active key
+	if [ "$KEYNAME" = "$(__aem_active_key)" ]; then
+		unset AWSAM_ACTIVE_KEY
+	fi
+
+	raem --remove-key --account "$ACCT" --keyname "$KEYNAME"
+}
+
+function __aem_key_use()
+{
+	if [ $# -lt 1 ]; then
+		__aem_fusage "Must specify keyname"
+		return 1
+	fi
+
+	local ACCT
+	local SETDEFAULT=0
+	local KEYNAME=""
+
+	while [ $# -gt 0 ]; do
+		if [ "$1" == "--default" ]; then
+			SETDEFAULT=1
+			shift
+			continue
+		fi
+
+		if [ -n "$KEYNAME" ]; then
+			__aem_fusage "Invalid argument to key use command"
+			return 1
+		fi
+
+		KEYNAME="$1"
+		shift
+	done
+
+	if [ -z "$KEYNAME" ]; then
+		__aem_fusage "Must specify key name"
+		return 1
+	fi
+
+	ACCT=$(__aem_active)
+	if [ -z "$ACCT" ]; then
+		__aem_fail "Must select an account first"
+		return 1
+	fi
+
+	local ENV
+	if [ $SETDEFAULT -ne 0 ]; then
+		# Will set the key as the default
+		ENV=$(raem --environ-key --account $ACCT --default --keyname $KEYNAME)
+	else
+		ENV=$(raem --environ-key --account $ACCT --keyname $KEYNAME)
+	fi
+	if [ $? -ne 0 ]; then
+		__aem_fail "Failed to select key $KEYNAME"
+		return 1
+	fi
+
+	eval $ENV
+	export AWSAM_ACTIVE_KEY=$KEYNAME
+}
+
+function __aem_key()
+{
+	 if [ $# -lt 1 ]; then
+		 __aem_fusage "Key cmd requires an argument"
+		 return 1
+	 fi
+
+	 local key_cmd="$1"
+	 shift
+
+	 case "$key_cmd" in
+	 add)
+		 __aem_key_add "$@"
+		 return $?
+		 ;;
+	 remove)
+		 __aem_key_remove "$@"
+		 return $?
+		 ;;
+	 use)
+		 __aem_key_use "$@"
+		 return $?
+		 ;;
+	 *)
+		 echo "Unknown key command: $key_cmd"
+		 return 1;
+		 ;;
+	 esac
+}
+
+function __aem_list()
+{
+	raem --list
+}
+
+function __aem_use()
+{
+	local ACCT
+	local ENV
+	local SETDEFAULT=0
+
+	while [ $# -gt 0 ]; do
+		if [[ "$1" == "--default" ]]; then
+			SETDEFAULT=1
+			shift
+			continue
+		fi
+
+		if [ -n "$ACCT" ]; then
+			__aem_fusage "Invalid arguments to use command"
+			return 1
+		fi
+
+		ACCT="$1"
+		shift
+	done
+
+	if [ -z "$ACCT" ]; then
+		__aem_fusage "use command requires account name"
+		return 1
+	fi
+
+	if [ $SETDEFAULT -eq 0 ]; then
+		ENV=$(raem --environ --account $ACCT)
+	else
+		ENV=$(raem --environ --default --account $ACCT)
+	fi
+	if [ $? -ne 0 ]; then
+		__aem_fail "No such account: $ACCT"
+		return 1
+	fi
+
+	eval $ENV
+	export AWSAM_ACTIVE_ACCOUNT=$ACCT
+
+	# Clear active key
+	unset AWSAM_ACTIVE_KEY
+
+	# Check if there is a default key
+	DEFAULT=$(raem --account $ACCT --print-default-key)
+	if [ $? -eq 0 ]; then
+		aem key use "$DEFAULT"
+	fi
+
+	# Create IAM credential file that is required by AWS IAM CLI tools
+	CREDENTIALS_FILE="${HOME}/.awsam/credentials.txt"
+
+	touch ${CREDENTIALS_FILE}
+	chmod 0600 ${CREDENTIALS_FILE}
+
+	echo "AWSAccessKeyId=${AWS_ACCESS_KEY_ID}"    > ${CREDENTIALS_FILE}
+	echo "AWSSecretKey=${AWS_SECRET_ACCESS_KEY}" >> ${CREDENTIALS_FILE}
+
+	return 0
+}
+
+function aem()
+{
+
+         if [ $# -lt 1 ]; then
+		 __aem_usage
+		 return 0
+	 fi
+
+	 if ! `which raem > /dev/null 2>&1`; then
+		 __aem_fail "Unable to find 'raem' binary in PATH";
+		 return 1
+	 fi
+
+	 local aem_cmd="$1"
+	 shift
+
+	 case "$aem_cmd" in
+	 add)
+		 __aem_add
+		 ;;
+	 remove)
+		 __aem_remove "$@"
+		 ;;
+	 key)
+		 __aem_key "$@"
+		 ;;
+	 list)
+		 __aem_list
+		 ;;
+	 use)
+		 __aem_use "$@"
+		 ;;
+	 *)
+		 __aem_fusage "Unknown command: $aem_cmd"
+		 return 1
+	 esac
+
+	 return $?
+}
+
+# Check for default account
+DEFAULT=$(raem --print-default-acct)
+if [ $? -eq 0 ]; then
+	__aem_use "$DEFAULT"
+fi
+
+# Local Variables:
+# mode: shell-script
+# End: