awsutils 1.4.3

data/lib/awsutils/ec2lsgrp.rb

@@ -0,0 +1,91 @@
+require 'awsutils/ec2sg'
+require 'trollop'
+
+gem 'fog-aws', '>= 0.7.6'
+
+module AwsUtils
+  class GroupDoesNotExist < StandardError; end
+
+  class Ec2LsGrp < Ec2SecurityGroup
+    attr_reader :search, :opts, :owner_id
+
+    def msg_pair(key, value)
+      puts("#{key} #{value}")
+    end
+
+    def perms_out(direction, perms)
+      puts "#{direction.upcase} RULES"
+      perms.to_enum.with_index(1) do |perm, index|
+        print "  #{index} "
+        print "groups: #{group_perm_string(perm['groups'])}; " if perm['groups'].count > 0
+        print "ip_ranges: #{perm['ipRanges'].join(', ')}; " if perm['ipRanges'].count > 0
+        print "ipProtocol: #{perm['ipProtocol']}; "
+        print "fromPort: #{perm['fromPort']}; " if perm['fromPort']
+        print "toPort: #{perm['toPort']}" if perm['toPort']
+        print "\n"
+      end
+    end
+
+    def group_details(g)
+      @owner_id = g.owner_id
+
+      msg_pair('ID', g.group_id)
+      msg_pair('NAME', g.name)
+      msg_pair('OWNER_ID', owner_id)
+      msg_pair('DESCRIPTION', g.description)
+      msg_pair('VPC_ID', g.vpc_id) if g.vpc_id
+
+      perms_out('incoming', g.ip_permissions)
+      perms_out('egress', g.ip_permissions_egress) if g.vpc_id
+    end
+
+    def run
+      fail ArgumentError, 'Please specify a security group' unless search
+      unless group_o = group(search) # rubocop:disable Lint/AssignmentInCondition
+        fail GroupDoesNotExist
+      end
+      return group_details(group_o) unless opts[:list_refs]
+      refs = references(group_o.group_id)
+      if refs.empty?
+        puts 'No references'
+      else
+        puts "References: #{refs.keys.join(', ')}"
+        puts refs.to_yaml if opts[:verbose]
+      end
+    end
+
+    def initialize
+      @opts = parse_opts
+      @search = ARGV.last
+    end
+
+    private
+
+    def group_perm_string(group_perm)
+      group_perm.map do |g|
+        if g['userId'] == owner_id
+          "#{g['groupId']} (#{group(g['groupId']).name})"
+        else
+          "#{g['groupId']} (#{g['groupName']}, owner: #{g['userId']})"
+        end
+      end.join(', ')
+    end
+
+    def parse_opts
+      Trollop.options do
+        opt :list_refs,
+            'List groups referencing this group',
+            short: 'r',
+            default: false
+        opt :verbose,
+            'Verbose output (currently only used with -r output)',
+            short: 'v',
+            default: false
+      end
+    end
+
+    def group(search)
+      groups.find { |g| (search =~ /^sg-/ && g.group_id == search) || g.name == search }
+    end
+  end
+end

data/lib/awsutils/ec2sg.rb

@@ -0,0 +1,77 @@
+require 'rubygems'
+require 'fog/aws'
+
+module AwsUtils
+  class Ec2SecurityGroup
+    def connection
+      @connection ||= begin
+        options = {}
+
+        if ENV['AWS_ACCESS_KEY']
+          options = {
+            aws_access_key_id: ENV['AWS_ACCESS_KEY'],
+            aws_secret_access_key: ENV['AWS_SECRET_KEY']
+          }
+        end
+
+        Fog::Compute::AWS.new options
+      end
+    end
+
+    def references(search)
+      if search =~ /^sg-/
+        search_id = search
+      else
+        search_id = groups.find { |g| g.name == search }.group_id
+      end
+
+      groups.each_with_object({}) do |grp, m|
+        assoc_p = grp.ip_permissions.select do |ip_perm|
+          !ip_perm['groups'].select { |src_grp|
+            src_grp['groupName'] == search ||
+              src_grp['groupId'] == search_id
+          }.empty?
+        end
+        if assoc_p.empty?
+          next
+        else
+          m[grp.name] = {
+            'groupId' => grp.group_id,
+            'ipPermissions' => assoc_p.map do |ap|
+              ap.delete('ipRanges')
+              ap
+            end
+          }
+        end
+      end
+    end
+
+    def groups
+      @groups ||= connection.security_groups
+    end
+
+    def assigned?
+      servers_using_group = connection.servers.map do |server|
+        next unless server.state != 'terminated' &&
+                    server.groups.include?(@opts[:security_group])
+        server.tags['Name'] ? server.tags['Name'] : server.id
+      end.compact
+
+      return false unless servers_using_group.length > 0
+      print 'The following servers are still using this group: '
+      puts servers_using_group.join(',')
+
+      true
+    end
+
+    def exist?
+      current_groups.include?(@opts[:security_group])
+    end
+
+    def current_groups
+      @current_groups ||= begin
+        connection.security_groups.map { |g| [g.name, g.group_id] }.flatten.uniq
+      end
+    end
+  end
+end

data/lib/awsutils/elbls.rb

@@ -0,0 +1,51 @@
+require 'fog/aws/elb'
+require 'fog/core/parser'
+require 'facets/string/titlecase'
+require 'rainbow'
+
+module AwsUtils
+  class ElbLs
+    attr_reader :args
+
+    def run(args)
+      @args = args
+
+      if args.empty?
+        puts connection.load_balancers.map(&:id).sort
+      else
+        args.each do |lb|
+          puts colorize_yaml(attributes(lb).to_yaml)
+          puts '---' if args.count > 1
+        end
+      end
+    end
+
+    private
+
+    def colorize_yaml(yaml_string)
+      yaml_string.split("\n").map do |line|
+        if line =~ /:/
+          key, val = line.split(':', 2)
+          [Rainbow(key).bright, val].join(':')
+        else
+          line
+        end
+      end.join("\n")
+    end
+
+    def attributes(lb)
+      Hash[connection.load_balancers.get(lb).attributes.map do |key, val|
+        case key
+        when Symbol
+          [key.to_s.titlecase, val]
+        when String
+          [key.split(/(?=[A-Z])/).join(' '), val]
+        end
+      end]
+    end
+
+    def connection
+      @connection ||= Fog::AWS::ELB.new
+    end
+  end
+end

data/lib/awsutils/r53addrr.rb

@@ -0,0 +1,28 @@
+require 'rubygems'
+require 'fog'
+require 'trollop'
+
+module AwsUtils
+
+  class Route53AddResourceRecord
+
+    def connection
+      @connection ||= Fog::DNS::AWS.new
+    end # def connection
+
+    def parse_opts
+      opts = Trollop::options do
+        opt :name, "The name", :short => 'n', :type => String, :required => true
+        opt :type, "Record type (e.g. CNAME or A)", :short => 'T', :type => String, :required => true
+        opt :ttl, "Time-to-live", :short => 't', :type => String, :default => "300"
+        opt :value, "Record Value", :short => 'v', :type => String, :required => true
+      end # opts = Trollop::options
+    end # def parse_opts
+
+    def initialize
+      @opts = parse_opts
+    end # def initialize
+
+  end # class Route53AddResourceRecord
+
+end # module AwsUtils

data/lib/awsutils/r53ls.rb

@@ -0,0 +1,92 @@
+require 'rubygems'
+require 'fog'
+require 'trollop'
+require 'json'
+
+module AwsUtils
+  class Route53ListResourceRecord
+    def connection
+      @connection ||= Fog::DNS::AWS.new
+    end # def connection
+
+    def parse_opts
+      opts = Trollop.options do
+        opt :format, 'Output format', default: 'table'
+      end
+      opts[:name] = ARGV.last
+      opts
+    end # def parse_opts( args )
+
+    def zone
+      @zone ||= connection.zones.all('domain' => zone_name).first
+    end
+
+    def zone_name
+      @zone_name ||= @opts[:name].split('.')[-2..-1].join('.') + '.'
+    end
+
+    def apex?
+      @opts[:name].split('.')[-3].nil? ? true : false
+    end
+
+    def initialize
+      @opts = parse_opts
+    end # def initialize( args )
+
+    def display_record(record)
+      if @opts[:format] == 'json'
+        puts JSON.pretty_generate(zone_to_json([record]).first)
+      else
+        puts 'Name: ' + record.name
+        puts 'Type: ' + record.type
+        puts 'TTL: ' + record.ttl
+        puts record.value.count < 2 ? 'Value:' : 'Values:'
+        record.value.each { |rr| puts "  #{rr}" }
+      end
+    end
+
+    def record_by_name
+      name = @opts[:name].split('.').join('.') + '.'
+      zone.records.find { |r| r.name == name }
+    end
+
+    def zone_to_json(zone_records)
+      zone_records.map do |r|
+        {
+          'name' => r.name,
+          'type' => r.type,
+          'ttl' => r.ttl,
+          'value' => r.value
+        }
+      end
+    end
+
+    def print_table
+      zone.records.each do |r|
+        printf(
+          "%-40s%-8s%-8s%-40s\n",
+          r.name,
+          r.type,
+          r.ttl,
+          r.value.join(' ')
+        )
+      end
+    end
+
+    def list_all
+      if @opts[:format] == 'json'
+        puts JSON.pretty_generate(zone_to_json(zone.records))
+      else
+        print_table
+      end
+    end
+
+    def run
+      if apex?
+        list_all
+      else
+        display_record(record_by_name)
+      end
+    end
+  end # class Route53AddResourceRecord
+end # module AwsUtils

data/lib/awsutils/version.rb

@@ -0,0 +1,3 @@
+module AwsUtils
+  VERSION = '1.4.3'
+end

data/spec/lib/awsutils/ec2addsg_spec.rb

@@ -0,0 +1,11 @@
+require "spec_helper"
+require 'awsutils/ec2addsg'
+
+describe AwsUtils::Ec2AddSecurityGroup do
+  it "takes security_group name" do
+    group_name = 'rspec_test_group'
+    ARGV = ['-N', group_name, '-d', 'rspec test group description']
+    sg = AwsUtils::Ec2AddSecurityGroup.new
+    expect(sg.name).to eq(group_name)
+  end
+end

data/spec/lib/awsutils/ec2lsgrp_spec.rb

@@ -0,0 +1,178 @@
+require 'spec_helper'
+require 'awsutils/ec2lsgrp'
+require 'byebug'
+
+describe AwsUtils::Ec2LsGrp do
+  let(:ec2lsgrp) { AwsUtils::Ec2LsGrp.new }
+  let(:fog) { Fog::Compute::AWS.new }
+  let(:local_group_name) { 'test_group' }
+
+  before(:each) do
+    Fog.mock!
+    Fog::Mock.reset
+    allow(ec2lsgrp).to receive(:puts)
+  end
+
+  describe '#group' do
+    let(:group_set) do
+      [
+        object_double(
+          'security_groups',
+          name: 'test_group',
+          group_id: 'sg-a1b2c3d4'
+        )
+      ]
+    end
+
+    before { allow(ec2lsgrp).to receive(:groups).and_return group_set }
+
+    context 'search by valid name' do
+      it 'return the group object' do
+        expect(ec2lsgrp.send('group', 'test_group')).to eq group_set.first
+      end
+    end
+
+    context 'search by valid ID' do
+      it 'return the group object' do
+        expect(ec2lsgrp.send('group', 'sg-a1b2c3d4')).to eq group_set.first
+      end
+    end
+
+    context 'search by invalid name' do
+      it 'return nil' do
+        expect(ec2lsgrp.send('group', 'invalid_group')).to eq nil
+      end
+    end
+
+    context 'search by invalid ID' do
+      it 'return nil' do
+        expect(ec2lsgrp.send('group', 'sg-00000000')).to eq nil
+      end
+    end
+  end
+
+  context 'specify no arguments' do
+    before do
+      allow(ec2lsgrp).to receive(:search).and_return nil
+    end
+
+    it 'raise ArgumentError' do
+      expect { ec2lsgrp.run }.to raise_error(
+        ArgumentError,
+        'Please specify a security group'
+      )
+    end
+  end
+
+  context 'search for a group' do
+    context 'by a name that does not exist' do
+      before do
+        allow(ec2lsgrp).to receive(:search).and_return 'bad-group-name'
+      end
+
+      it 'should raise GroupDoesNotExist exception' do
+        expect { ec2lsgrp.run }.to raise_error AwsUtils::GroupDoesNotExist
+      end
+    end
+
+    context 'by an id that does not exist' do
+      before do
+        allow(ec2lsgrp).to receive(:search).and_return 'sg-a1b2c3d4'
+      end
+
+      it 'should raise GroupDoesNotExist exception' do
+        expect { ec2lsgrp.run }.to raise_error AwsUtils::GroupDoesNotExist
+      end
+    end
+
+    context 'with no permissions' do
+      let(:local_group_obj) do
+        group_obj = fog.security_groups.create(
+          'description' => '',
+          'name' => local_group_name)
+        fog.security_groups.get_by_id(group_obj.group_id)
+      end
+
+      before do
+        allow(ec2lsgrp).to receive(:search).and_return local_group_name
+      end
+
+      it 'searches for the group by id' do
+        expect(ec2lsgrp).to receive(:group).with(local_group_name)
+          .and_return(local_group_obj)
+        ec2lsgrp.run
+      end
+    end
+
+    context 'with source group belonging to same userid' do
+      let(:dummy_group_name) { 'dummy_group' }
+
+      let(:dummy_group_obj) do
+        group_obj = fog.security_groups.create(
+          'description' => 'Dummy Group',
+          'name' => dummy_group_name
+        )
+        fog.security_groups.get_by_id(group_obj.group_id)
+      end
+
+      let(:local_group_obj) do
+        group_obj = fog.security_groups.create(
+          'description' => '',
+          'name' => local_group_name
+        )
+        group_obj.authorize_port_range(
+          8080..8080,
+          group: { dummy_group_obj.owner_id => dummy_group_obj.group_id }
+        )
+        fog.security_groups.get_by_id(group_obj.group_id)
+      end
+
+      before do
+        allow(ec2lsgrp).to receive(:search).and_return local_group_name
+      end
+
+      it 'prints a source group list containing only groupName' do
+        allow(ec2lsgrp).to receive(:owner_id).and_return local_group_obj.owner_id
+        expect do
+          ec2lsgrp.perms_out('incoming', local_group_obj.ip_permissions)
+        end.to output(/  \d+ groups: #{dummy_group_obj.group_id} \(#{dummy_group_name}\); /).to_stdout
+      end
+    end
+
+    context 'with source group belonging to another userid' do
+      let(:dummy_group_obj) do
+        group_obj = fog.security_groups.create(
+          'description' => 'Dummy Group',
+          'name' => 'dummy_group'
+        )
+        fog.security_groups.get_by_id(group_obj.group_id)
+      end
+
+      let(:dummy_group_name) do
+        fog.security_groups.get_by_id(dummy_group_obj.group_id).name
+      end
+
+      let(:local_group_obj) do
+        group_obj = fog.security_groups.create(
+          'description' => '',
+          'name' => local_group_name
+        )
+        group_obj.authorize_port_range(
+          8080..8080,
+          group: { 'amazon-elb' => dummy_group_obj.group_id }
+        )
+        fog.security_groups.get_by_id(group_obj.group_id)
+      end
+
+      before do
+        allow(ec2lsgrp).to receive(:search).and_return local_group_name
+      end
+
+      it 'prints a source group list containing userId and groupName' do
+        expect do
+          ec2lsgrp.perms_out('incoming', local_group_obj.ip_permissions)
+        end.to output(/  \d+ groups: #{dummy_group_obj.group_id} \(#{dummy_group_name}, owner: amazon-elb\); /).to_stdout
+      end
+    end
+  end
+end