awsutils 1.4.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 7e9c0c5ccbb5b28296e0ea15174e5ef48fda9e06
+  data.tar.gz: 919e54bb3529d58f2bab3a667a697be25709e1d6
+SHA512:
+  metadata.gz: aab47d2180061d775aa6308b97716ffe6d2aede604660cc3930d2b52f0a1df9078a718ab6b5b68006b5a512caebd8e9d1ae641e004bc4c3b5a4ed0d4d092d97c
+  data.tar.gz: c777d93d7359b11ecfc214f99f2dacdc494d5ec069fd993ce31ec625e3e5d77788c41fdc61003d5111b5bd2576fc6fa7468de5907c2f31a22f91d275fa0ad894

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.DS_Store

data/Gemfile

@@ -0,0 +1,7 @@
+source 'http://rubygems.org'
+
+gemspec
+
+group :development do
+  gem 'gemfury'
+end

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2013 TODO: Write your name
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,58 @@
+# Awsutils
+
+A set of useful tools for interacting with Amazon Web Services (AWS)
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'awsutils'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install awsutils
+
+## Usage
+
+ec2listmachines
+---------------
+Show a list of all EC2 instances in your account.
+
+ec2info
+-------
+Display very detailed info about a single instance (-s/--short for a concise version).
+
+ec2addsg
+--------
+Create an EC2 security group with a set of pre-defined (from a YAML file) rules.  Here's an example YAML file:
+
+```YAML
+  ---
+  - source: 1.2.3.4/32
+    proto: tcp
+    port: !ruby/range
+      begin: 22
+      end: 22
+    source: sample_group
+    proto: tcp
+    port: !ruby/range
+      begin: 22
+      end: 22
+  - dest: eherot_test
+    proto: tcp
+    port: !ruby/range
+      begin: 22
+      end: 22
+```
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,11 @@
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+require 'rubocop/rake_task'
+
+Bundler::GemHelper.install_tasks
+
+RuboCop::RakeTask.new
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: [:rubocop, :spec]

data/awsutils.gemspec

@@ -0,0 +1,33 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'awsutils/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'awsutils'
+  spec.version       = AwsUtils::VERSION
+  spec.authors       = ['Eric Herot']
+  spec.email         = ['eric.rubygems@herot.com']
+  spec.description   = %q{A set of tools for interacting with AWS}
+  spec.summary       = %q{A set of tools for interacting with AWS (summary)}
+  spec.homepage      = 'http://github.com/eherot'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($RS)
+  spec.executables    = spec.files.grep(/^bin\//) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(/^(test|spec|features)\//)
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rubocop'
+  spec.add_development_dependency 'simplecov'
+  spec.add_development_dependency 'byebug'
+
+  spec.add_dependency 'facets', '~> 2.9'
+  spec.add_dependency 'rainbow', '~> 2.0'
+  spec.add_dependency 'fog-aws', '~> 0.7.6'
+  spec.add_dependency 'trollop'
+end

data/bin/ec2addsg

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Eric.
+#
+# The application 'ec2listmachines' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'rubygems'
+require 'awsutils/version'
+require 'awsutils/ec2addsg'
+
+sg = AwsUtils::Ec2AddSecurityGroup.new
+sg.run

data/bin/ec2delsg

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Eric.
+#
+# The application 'ec2listmachines' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'rubygems'
+require 'awsutils/version'
+require 'awsutils/ec2delsg'
+
+sg = AwsUtils::Ec2DeleteSecurityGroup.new( ARGV )
+sg.run

data/bin/ec2info

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Eric.
+#
+# The application 'ec2listmachines' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'rubygems'
+require 'awsutils/version'
+require 'awsutils/ec2info'
+
+AwsUtils::Ec2Info.new

data/bin/ec2latestimage

@@ -0,0 +1,12 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Eric.
+#
+# The application 'ec2lsgrp' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'awsutils/version'
+require 'awsutils/ec2latestimage'
+
+AwsUtils::Ec2LatestImage.new.run

data/bin/ec2listmachines

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Eric.
+#
+# The application 'ec2listmachines' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'rubygems'
+require 'awsutils/version'
+require 'awsutils/ec2listmachines'
+
+AwsUtils::Ec2ListMachines.new

data/bin/ec2lsgrp

@@ -0,0 +1,25 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Eric.
+#
+# The application 'ec2lsgrp' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+begin
+  require 'rubygems'
+  require 'awsutils/version'
+  require 'awsutils/ec2lsgrp'
+
+  begin
+    AwsUtils::Ec2LsGrp.new.run
+  rescue AwsUtils::GroupDoesNotExist
+    puts 'No group found by that name/ID'
+    exit 2
+  rescue ArgumentError => e
+    puts "#{e.class}: #{e.message}"
+    exit 3
+  end
+rescue Interrupt
+  exit 1
+end

data/bin/elbls

@@ -0,0 +1,13 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Eric.
+#
+# The application 'r53ls' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'awsutils/version'
+require 'awsutils/elbls'
+
+elbls = AwsUtils::ElbLs.new
+elbls.run(ARGV)

data/bin/r53ls

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Eric.
+#
+# The application 'r53ls' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'rubygems'
+require 'awsutils/version'
+require 'awsutils/r53ls'
+
+r = AwsUtils::Route53ListResourceRecord.new
+r.run

data/lib/awsutils.rb

@@ -0,0 +1 @@
+require 'awsutils/version'

data/lib/awsutils/ec2addsg.rb

@@ -0,0 +1,200 @@
+#!/usr/bin/ruby
+
+require 'awsutils/ec2sg'
+require 'trollop'
+
+module AwsUtils
+  class Ec2AddSecurityGroup < Ec2SecurityGroup
+    def g_obj
+      @g_obj ||= begin
+        connection.security_groups.new(
+          name: @opts[:security_group],
+          description: "#{@opts[:description]}",
+          vpc_id: @opts[:vpc_id]
+        )
+      end
+    end
+
+    def generate_rule_hash(rule)
+      if rule['source']
+        if rule['dest']
+          fail 'One of the predefined rules has both a source ' \
+            'and a destination already defined: ' + rule.inspect
+        end
+        if rule['source'] !~ /\./ &&
+           !current_groups.include?(rule['source'])
+          fail "Group #{rule['source']} specified as part of rule: " \
+               "#{rule.inspect} does not exist"
+        end
+      end
+
+      if !rule['dest']
+        rule['dest'] = @new_group_id
+      elsif !current_groups.include?(rule['dest'])
+        fail "Group #{rule['dest']} specified as part of rule: " \
+             "#{rule.inspect} does not exist"
+      end
+
+      ip_permissions = {}
+
+      ip_permissions['IpProtocol'] = rule['proto'] if rule['proto']
+
+      if rule['port']
+        ip_permissions['FromPort'] = rule['port'].first.to_s
+        ip_permissions['ToPort'] = rule['port'].last.to_s
+      end
+
+      if rule['source'] =~ /\./
+        ip_permissions['Groups'] = []
+        ip_permissions['IpRanges'] = [ 'CidrIp' => rule['source'] ]
+      elsif rule['source']
+        ip_permissions['Groups'] = [
+          {
+            'GroupId' => rule['source'],
+            'UserId' => @opts[:owner_group_id]
+          }
+        ]
+        ip_permissions['IpRanges'] = []
+      end
+
+      rule['IpPermissions'] = [ip_permissions]
+
+      rule
+    end
+
+    def add_rule_to_other_group(rule)
+      rule['IpPermissions'].each do |r|
+        r['Groups'] = [
+          {
+            'GroupId' => g_obj.group_id,
+            'UserId' => @opts[:owner_group_id]
+          }
+        ]
+      end
+
+      puts 'Adding Outbound Rule: ' + rule.inspect
+
+      connection.authorize_security_group_ingress(
+        nil,
+        'GroupId' => rule['dest'],
+        'IpPermissions' => rule['IpPermissions']
+      )
+    end
+
+    def add_rule_to_this_group(rule)
+      rule['IpPermissions'].each do |r|
+        r['Groups'] = [
+          {
+            'GroupId' => rule['source'],
+            'UserId' => @opts[:owner_group_id]
+          }
+        ]
+        r['dest'] = g_obj.group_id
+      end
+
+      puts 'Adding Inbound Rule: ' + rule.inspect
+
+      connection.authorize_security_group_ingress(
+        nil,
+        'GroupId' => g_obj.group_id,
+        'IpPermissions' => rule['IpPermissions']
+      )
+    end
+
+    def save(rules)
+      g_obj.save
+      puts "New group ID: #{g_obj.group_id}"
+
+      begin
+        rules.reject { |rule| rule['dest'] }.each do |rule|
+          add_rule_to_this_group(rule)
+        end
+
+        # Then process the outbound rules now that we have a group_id
+        rules.select { |rule| rule['dest'] }.each do |rule|
+          add_rule_to_other_group(rule)
+        end
+      rescue => e
+        connection.delete_security_group(nil, g_obj.group_id)
+        raise e
+      end
+    end
+
+    def initialize
+      @opts = parse_opts
+    end
+
+    def name
+      @opts[:security_group]
+    end
+
+    def compile_rules
+      rules_data = YAML.load_file(@opts[:base_rules_file])
+
+      if @opts[:environment]
+        if !rules_data['env']
+          fail "Environment #{@opts[:environment]} not present in rules file" \
+               " (#{@opts[:base_rules_file]})."
+        else
+          rules_env_data = rules_data['env'][@opts[:environment]]
+        end
+      elsif rules_data.class != Array
+        fail 'base_rules_file is an environment-keyed file but you did ' \
+          'not specify an environment.'
+      else
+        rules_env_data = rules_data
+      end
+
+      rules_env_data.map do |rule|
+        generate_rule_hash(rule)
+      end
+    end
+
+    def run
+      unless File.exist?(@opts[:base_rules_file])
+        puts "File #{@opts[:base_rules_file]} does not exist!"
+        exit 1
+      end
+
+      if exist?
+        puts "Group #{@opts[:security_group]} already exists!"
+        exit 1
+      end
+
+      save(compile_rules)
+    end
+
+    def parse_opts
+      fail 'AWS_OWNER_ID is not set!' unless ENV['AWS_OWNER_ID']
+
+      @opts = Trollop.options do
+        opt :security_group,
+            'New Security Group Name',
+            short: 'N',
+            type: String,
+            required: true
+        opt :vpc_id,
+            'New Group VPC ID',
+            short: 'v',
+            type: String
+        opt :base_rules_file,
+            'Base rules YAML file',
+            short: 'r',
+            default: ENV['EC2_BASE_RULES'] || "#{ENV['HOME']}/.ec2baserules.yml"
+        opt :description,
+            'New Group Description',
+            short: 'd',
+            type: String,
+            required: true
+        opt :environment,
+            'New Group Environment (e.g. stage/prod)',
+            short: 'E',
+            type: String
+        opt :owner_group_id,
+            'Owner Group ID',
+            short: 'o',
+            default: ENV['AWS_OWNER_ID']
+      end
+    end
+  end
+end