awsam 0.1.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +28 -7
  3. data/bashrc/rc.scr +5 -0
  4. data/bin/aenv +20 -0
  5. data/bin/raem +13 -1
  6. data/lib/awsam/account.rb +9 -3
  7. data/lib/awsam/utils.rb +9 -2
  8. data/lib/awsam/version.rb +1 -1
  9. metadata +16 -30
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 9c70666399bda74e53eb0616fc92b3155abad02f
4
+ data.tar.gz: 027737d11502c2278b1b0543625077a8b131119f
5
+ SHA512:
6
+ metadata.gz: 3da93fc42c7ce5ad720d635d1fdfd552df0b69f43492462eaa876923c73fbb08b1b0ffbc35dbedf5f963e2d8be17a5c312b254f6729c28a4a835fb3d6d299625
7
+ data.tar.gz: c7e1d3cca1aff03500a5417673d9a9b3565305f2721acdfc9d849b0868356b86e2f521f981638cab55d385ad0fd14f29709a266fcb666f587fe0e707788cdd67
data/README.md CHANGED
@@ -41,13 +41,20 @@ AWSAM supports both AWS' legacy [Java-based CLI tools](http://docs.aws.amazon.co
41
41
 
42
42
  ### Environment variables
43
43
 
44
- *AWS Account Manager* sets a variety of environment variables when
45
- selecting accounts and SSH keypairs. Some of these environment
46
- variables match the ones used by the Amazon EC2 CLI tools and some our
47
- unique to AWSAM. It is often convenient to use these environment
48
- variables in DevOPs scripts in place of hard-coded values -- allowing
49
- your scripts to be seamlessly used for staging and production
50
- environments simply by switching the active account with `aem`.
44
+ *AWS Account Manager* will set a variety of environment variables when
45
+ you execute the `aenv` shell wrapper:
46
+
47
+ $ env | grep AMAZON_ACCESS
48
+ Exit 1
49
+ $ aenv env | grep AMAZON_ACCESS
50
+ AMAZON_ACCESS_KEY_ID=AK....
51
+
52
+ Some of these environment variables match the ones used by the Amazon
53
+ EC2 CLI tools and some our unique to AWSAM. It is often convenient to
54
+ use these environment variables in DevOPs scripts in place of
55
+ hard-coded values -- allowing your scripts to be seamlessly used for
56
+ staging and production environments simply by switching the active
57
+ account with `aem` and wrapping execution of the command with `aenv`.
51
58
 
52
59
  The environment variables set when selecting an account are:
53
60
 
@@ -63,6 +70,10 @@ set:
63
70
  * `AMAZON_SSH_KEY_NAME` - Name of the keypair.
64
71
  * `AMAZON_SSH_KEY_FILE` - Full path to the public key PEM file
65
72
 
73
+ **NOTE:** As of version 0.2.0, these are no longer set in the shell
74
+ environment by default. You must run any command that requires AWS
75
+ access with the `aenv` wrapper.
76
+
66
77
  ### Updating
67
78
 
68
79
  1. Update repo (fetch && merge) or `gem update awsam`
@@ -151,6 +162,16 @@ list` output.
151
162
 
152
163
  $ aem key use --default my-key-name
153
164
 
165
+ ### aenv utility: wrap command execution with AWS environment
166
+
167
+ The `aenv` utility will wrap execution of any command with the AWS
168
+ environment variables matching the currently selected account. This
169
+ allows you to securely propagate environment variables only to
170
+ commands that should have access to the current environment. Just
171
+ prefix your command execution with `aenv` like:
172
+
173
+ $ aenv aws s3 ls
174
+
154
175
  ### assh utility: SSH by instance ID
155
176
 
156
177
  Instance IDs will be looked up using the current account details. If
data/bashrc/rc.scr CHANGED
@@ -316,6 +316,11 @@ function __aem_use()
316
316
  echo "AWSAccessKeyId=${AWS_ACCESS_KEY_ID}" >| ${CREDENTIALS_FILE}
317
317
  echo "AWSSecretKey=${AWS_SECRET_ACCESS_KEY}" >> ${CREDENTIALS_FILE}
318
318
 
319
+ # We're done, so clear the environment. This protects against
320
+ # leaking AWS creds to other apps.
321
+ UNSET_ENV=$(raem --environ --account $ACCT --unset)
322
+ eval $UNSET_ENV
323
+
319
324
  return 0
320
325
  }
321
326
 
data/bin/aenv ADDED
@@ -0,0 +1,20 @@
1
+ #!/bin/bash
2
+
3
+ # Local Variables:
4
+ # mode: sh
5
+ # End:
6
+
7
+ if [ $# -lt 1 ]; then
8
+ echo "Usage: aenv cmd [arg1 arg2 ...]"
9
+ exit 1
10
+ fi
11
+
12
+ if [ -z "$AWSAM_ACTIVE_ACCOUNT" ]; then
13
+ echo "Must pick an account first with `aem use <>`"
14
+ exit 1
15
+ fi
16
+
17
+ ENV=$(raem --environ --account $AWSAM_ACTIVE_ACCOUNT --export)
18
+ eval $ENV
19
+
20
+ exec "$@"
data/bin/raem CHANGED
@@ -103,6 +103,14 @@ optparse = OptionParser.new do|opts|
103
103
  $cmd = :environ_key
104
104
  end
105
105
 
106
+ opts.on('--export') do
107
+ $options[:set_export] = true
108
+ end
109
+
110
+ opts.on('--unset') do
111
+ $options[:unset_environ] = true
112
+ end
113
+
106
114
  opts.on('--init') do
107
115
  $cmd = :init
108
116
  end
@@ -176,7 +184,11 @@ when :environ
176
184
  end
177
185
  end
178
186
 
179
- acct.print_environ
187
+ if $options[:unset_environ]
188
+ acct.print_unset_environ
189
+ else
190
+ acct.print_environ(!$options[:set_export].nil?)
191
+ end
180
192
 
181
193
  when :environ_key
182
194
  unless $options[:keyname]
data/lib/awsam/account.rb CHANGED
@@ -45,7 +45,15 @@ module Awsam
45
45
  end
46
46
  end
47
47
 
48
- def print_environ
48
+ def print_unset_environ
49
+ Utils::bash_unset_environ(get_environ)
50
+ end
51
+
52
+ def print_environ(set_export)
53
+ Utils::bash_environ(get_environ, set_export)
54
+ end
55
+
56
+ def get_environ
49
57
  envs = {
50
58
  "AMAZON_ACCESS_KEY_ID" => @params[:access_key],
51
59
  "AWS_ACCESS_KEY_ID" => @params[:access_key],
@@ -60,8 +68,6 @@ module Awsam
60
68
 
61
69
  "EC2_URL" => ec2_url
62
70
  }
63
-
64
- Utils::bash_environ(envs)
65
71
  end
66
72
 
67
73
  def find_key(name)
data/lib/awsam/utils.rb CHANGED
@@ -9,10 +9,17 @@ module Awsam
9
9
  end
10
10
  end
11
11
 
12
+ # Unset each of the environ settings to clear the environ
13
+ def self.bash_unset_environ(envs)
14
+ envs.each_pair do |k, v|
15
+ puts "unset #{k}"
16
+ end
17
+ end
18
+
12
19
  # Print the appropriate environment variables set commands for bash
13
- def self::bash_environ(envs)
20
+ def self::bash_environ(envs, set_export = true)
14
21
  envs.each_pair do |k, v|
15
- puts "export #{k}=\"#{v}\""
22
+ puts "%s#{k}=\"#{v}\"" % [set_export ? "export " : ""]
16
23
  end
17
24
  end
18
25
 
data/lib/awsam/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Awsam
2
- VERSION = "0.1.1"
2
+ VERSION = "0.2.0"
3
3
  end
metadata CHANGED
@@ -1,36 +1,32 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: awsam
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
5
- prerelease:
4
+ version: 0.2.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - Mike Heffner
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2017-01-14 00:00:00.000000000 Z
11
+ date: 2017-09-23 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: aws-sdk
16
15
  requirement: !ruby/object:Gem::Requirement
17
- none: false
18
16
  requirements:
19
- - - ~>
17
+ - - "~>"
20
18
  - !ruby/object:Gem::Version
21
19
  version: 2.3.22
22
20
  type: :runtime
23
21
  prerelease: false
24
22
  version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
23
  requirements:
27
- - - ~>
24
+ - - "~>"
28
25
  - !ruby/object:Gem::Version
29
26
  version: 2.3.22
30
27
  - !ruby/object:Gem::Dependency
31
28
  name: trollop
32
29
  requirement: !ruby/object:Gem::Requirement
33
- none: false
34
30
  requirements:
35
31
  - - '='
36
32
  - !ruby/object:Gem::Version
@@ -38,7 +34,6 @@ dependencies:
38
34
  type: :runtime
39
35
  prerelease: false
40
36
  version_requirements: !ruby/object:Gem::Requirement
41
- none: false
42
37
  requirements:
43
38
  - - '='
44
39
  - !ruby/object:Gem::Version
@@ -46,52 +41,50 @@ dependencies:
46
41
  - !ruby/object:Gem::Dependency
47
42
  name: bundler
48
43
  requirement: !ruby/object:Gem::Requirement
49
- none: false
50
44
  requirements:
51
- - - ~>
45
+ - - "~>"
52
46
  - !ruby/object:Gem::Version
53
47
  version: '1.7'
54
48
  type: :development
55
49
  prerelease: false
56
50
  version_requirements: !ruby/object:Gem::Requirement
57
- none: false
58
51
  requirements:
59
- - - ~>
52
+ - - "~>"
60
53
  - !ruby/object:Gem::Version
61
54
  version: '1.7'
62
55
  - !ruby/object:Gem::Dependency
63
56
  name: rake
64
57
  requirement: !ruby/object:Gem::Requirement
65
- none: false
66
58
  requirements:
67
- - - ~>
59
+ - - "~>"
68
60
  - !ruby/object:Gem::Version
69
61
  version: '10.0'
70
62
  type: :development
71
63
  prerelease: false
72
64
  version_requirements: !ruby/object:Gem::Requirement
73
- none: false
74
65
  requirements:
75
- - - ~>
66
+ - - "~>"
76
67
  - !ruby/object:Gem::Version
77
68
  version: '10.0'
78
69
  description: Amazon Web Services Account Manager (modeled after 'rvm')
79
70
  email:
80
71
  - mikeh@fesnel.com
81
72
  executables:
73
+ - aenv
82
74
  - ascp
83
75
  - assh
84
76
  - raem
85
77
  extensions: []
86
78
  extra_rdoc_files: []
87
79
  files:
88
- - .gitignore
80
+ - ".gitignore"
89
81
  - Gemfile
90
82
  - LICENSE.txt
91
83
  - README.md
92
84
  - Rakefile
93
85
  - awsam.gemspec
94
86
  - bashrc/rc.scr
87
+ - bin/aenv
95
88
  - bin/ascp
96
89
  - bin/assh
97
90
  - bin/raem
@@ -107,33 +100,26 @@ files:
107
100
  homepage: ''
108
101
  licenses:
109
102
  - MIT
103
+ metadata: {}
110
104
  post_install_message:
111
105
  rdoc_options: []
112
106
  require_paths:
113
107
  - lib
114
108
  required_ruby_version: !ruby/object:Gem::Requirement
115
- none: false
116
109
  requirements:
117
- - - ! '>='
110
+ - - ">="
118
111
  - !ruby/object:Gem::Version
119
112
  version: '0'
120
- segments:
121
- - 0
122
- hash: 1925284677082289227
123
113
  required_rubygems_version: !ruby/object:Gem::Requirement
124
- none: false
125
114
  requirements:
126
- - - ! '>='
115
+ - - ">="
127
116
  - !ruby/object:Gem::Version
128
117
  version: '0'
129
- segments:
130
- - 0
131
- hash: 1925284677082289227
132
118
  requirements: []
133
119
  rubyforge_project:
134
- rubygems_version: 1.8.23.2
120
+ rubygems_version: 2.4.5.1
135
121
  signing_key:
136
- specification_version: 3
122
+ specification_version: 4
137
123
  summary: Amazon Web Services Account Manager
138
124
  test_files:
139
125
  - test/helper.rb