ssm-cli 0.0.1__tar.gz

ssm_cli-0.0.1/LICENCE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Simon Fletcher
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

ssm_cli-0.0.1/PKG-INFO

@@ -0,0 +1,143 @@
+Metadata-Version: 2.4
+Name: ssm-cli
+Version: 0.0.1
+Summary: CLI tool to help with SSM functionality, aimed at adminstrators
+Author-email: Simon Fletcher <simon.fletcher@lexisnexisrisk.com>
+License: MIT License
+        
+        Copyright (c) 2025 Simon Fletcher
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+        
+Project-URL: Homepage, https://github.com/simonfletcher-ln/ssm-cli
+Project-URL: Issues, https://github.com/simonfletcher-ln/ssm-cli/issues
+Classifier: Programming Language :: Python :: 3
+Classifier: Operating System :: OS Independent
+Classifier: License :: OSI Approved :: MIT License
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENCE
+Requires-Dist: boto3
+Requires-Dist: paramiko
+Requires-Dist: rich-argparse
+Requires-Dist: rich
+Requires-Dist: confclasses>=0.3.2
+Requires-Dist: xdg_base_dirs
+Dynamic: license-file
+
+# SSM CLI
+
+A tool to make common tasks with SSM easier. The goal of this project is to help with the Session Manager, the tool tries to keep
+the access it requires to a minimum.
+
+## Installation & Setup
+
+It can be installed with `pip install ssm-cli`, however most features rely on the session-manager-plugin being installed as well,
+this is the standard way to make SSM connections. So a quick few steps here should be followed to avoid any issues.
+
+### Step 1. Install Session Manager Plugin
+You should be able to install it following the AWS documentation. Please see AWS documentation, to install it.
+[Install the Session Manager plugin for the AWS CLI](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html).
+
+### Step 2 (Optional). Install tkinter
+ssm-cli makes use of tkinter for the UI selector, on windows this usualy comes pre built with the python binary. On WSL/Linux/MacOS
+you may need to install it using the package manager for your distro, (for example with ubuntu `sudo apt install python3-tk`), further UI 
+issues may occur with WSL, please see WSLg documentation on this [gui-apps](https://learn.microsoft.com/en-us/windows/wsl/tutorials/gui-apps)
+
+### Step 3. Install ssm-cli
+
+You can install this tool to a venv and it will work perfectly fine as well. However I recommend using the global or user space to
+install it as it makes the ssm command available in default path.
+
+```bash
+pip install ssm-cli
+```
+
+### Step 4. run setup
+
+> [!IMPORTANT]
+> Do not skip this step!
+
+The tool installs without any default config and will cause errors when it cannot find the config. To configure the tool
+you must run the setup action. It will prompt asking for your grouping tag, more infomation on this [below](#grouping-tag).
+```bash
+ssm setup
+# or
+python -m ssm_cli setup
+```
+
+## AWS permissions
+
+The tool uses boto3, so any standard `AWS_` environment variables can be used. Also the `--profile` option can be used similarly to aws cli.
+
+You will need access to a few aws actions, below is a policy which should cover all features used by the tool. However
+I recommend using conditions in some way to control fine grained access.
+```json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+        "Sid": "FirstStatement",
+        "Effect": "Allow",
+        "Action": [
+            "resourcegroupstaggingapi:GetResources",
+            "ssm:DescribeInstanceInformation",
+            "ssm:StartSession"
+        ],
+        "Resource": "*"
+        }
+    ]
+}
+```
+
+# Config
+This tool uses XDG standards on where to store its configuration. Typically this is `~/.confg/ssm-cli/` but when running setup it will output the location.
+
+## Grouping tag
+The selecting of instances revolves around a tag on the instance, the tag key can be configured using `group_tag_key`. The easiest way to test this is setup
+properly is to use the `list` command:
+```bash
+# first list all groups
+ssm list
+# then list instances in those groups
+ssm list my-group
+```
+
+# SSH Proxy
+
+One advanced feature of ssm-cli is to use it to emulate an ssh tunnel to a remote. It does this by using the document [AWS-StartPortForwardingSessionToRemoteHost](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-sessions-start.html#sessions-remote-port-forwarding) and a [paramiko server](https://docs.paramiko.org/en/stable/api/server.html).
+
+## Example Setup
+
+In this example we are forwarding connections to database.host via the instance with group=bastion_group. This same forwarding logic works with most tooling like dbeaver/datagrip/workbench. 
+Adding to the ssh config (typically `~/.ssh/config`) and using ssh client as an example
+```bash
+cat >> ~/.ssh/config << EOL
+Host bastion
+    ProxyCommand ssm proxycommand bastion_group
+EOL
+
+ssh bastion -L 3306:database.host:3306 
+
+# in another shell
+
+mysql -h 127.0.0.1:3306 
+```
+
+

ssm_cli-0.0.1/README.md

@@ -0,0 +1,100 @@
+# SSM CLI
+
+A tool to make common tasks with SSM easier. The goal of this project is to help with the Session Manager, the tool tries to keep
+the access it requires to a minimum.
+
+## Installation & Setup
+
+It can be installed with `pip install ssm-cli`, however most features rely on the session-manager-plugin being installed as well,
+this is the standard way to make SSM connections. So a quick few steps here should be followed to avoid any issues.
+
+### Step 1. Install Session Manager Plugin
+You should be able to install it following the AWS documentation. Please see AWS documentation, to install it.
+[Install the Session Manager plugin for the AWS CLI](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html).
+
+### Step 2 (Optional). Install tkinter
+ssm-cli makes use of tkinter for the UI selector, on windows this usualy comes pre built with the python binary. On WSL/Linux/MacOS
+you may need to install it using the package manager for your distro, (for example with ubuntu `sudo apt install python3-tk`), further UI 
+issues may occur with WSL, please see WSLg documentation on this [gui-apps](https://learn.microsoft.com/en-us/windows/wsl/tutorials/gui-apps)
+
+### Step 3. Install ssm-cli
+
+You can install this tool to a venv and it will work perfectly fine as well. However I recommend using the global or user space to
+install it as it makes the ssm command available in default path.
+
+```bash
+pip install ssm-cli
+```
+
+### Step 4. run setup
+
+> [!IMPORTANT]
+> Do not skip this step!
+
+The tool installs without any default config and will cause errors when it cannot find the config. To configure the tool
+you must run the setup action. It will prompt asking for your grouping tag, more infomation on this [below](#grouping-tag).
+```bash
+ssm setup
+# or
+python -m ssm_cli setup
+```
+
+## AWS permissions
+
+The tool uses boto3, so any standard `AWS_` environment variables can be used. Also the `--profile` option can be used similarly to aws cli.
+
+You will need access to a few aws actions, below is a policy which should cover all features used by the tool. However
+I recommend using conditions in some way to control fine grained access.
+```json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+        "Sid": "FirstStatement",
+        "Effect": "Allow",
+        "Action": [
+            "resourcegroupstaggingapi:GetResources",
+            "ssm:DescribeInstanceInformation",
+            "ssm:StartSession"
+        ],
+        "Resource": "*"
+        }
+    ]
+}
+```
+
+# Config
+This tool uses XDG standards on where to store its configuration. Typically this is `~/.confg/ssm-cli/` but when running setup it will output the location.
+
+## Grouping tag
+The selecting of instances revolves around a tag on the instance, the tag key can be configured using `group_tag_key`. The easiest way to test this is setup
+properly is to use the `list` command:
+```bash
+# first list all groups
+ssm list
+# then list instances in those groups
+ssm list my-group
+```
+
+# SSH Proxy
+
+One advanced feature of ssm-cli is to use it to emulate an ssh tunnel to a remote. It does this by using the document [AWS-StartPortForwardingSessionToRemoteHost](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-sessions-start.html#sessions-remote-port-forwarding) and a [paramiko server](https://docs.paramiko.org/en/stable/api/server.html).
+
+## Example Setup
+
+In this example we are forwarding connections to database.host via the instance with group=bastion_group. This same forwarding logic works with most tooling like dbeaver/datagrip/workbench. 
+Adding to the ssh config (typically `~/.ssh/config`) and using ssh client as an example
+```bash
+cat >> ~/.ssh/config << EOL
+Host bastion
+    ProxyCommand ssm proxycommand bastion_group
+EOL
+
+ssh bastion -L 3306:database.host:3306 
+
+# in another shell
+
+mysql -h 127.0.0.1:3306 
+```
+
+

ssm_cli-0.0.1/pyproject.toml

@@ -0,0 +1,43 @@
+[build-system]
+requires = ["setuptools >= 61.0", "setuptools-git-versioning>=2.1"]
+build-backend = "setuptools.build_meta"
+
+
+[project]
+name = "ssm-cli"
+authors = [
+  { name="Simon Fletcher", email="simon.fletcher@lexisnexisrisk.com" },
+]
+description = "CLI tool to help with SSM functionality, aimed at adminstrators"
+readme = "README.md"
+requires-python = ">=3.8"
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "Operating System :: OS Independent",
+    "License :: OSI Approved :: MIT License",
+]
+dependencies = [
+    "boto3",
+    "paramiko",
+    "rich-argparse",
+    "rich",
+    "confclasses>=0.3.2",
+    "xdg_base_dirs"
+]
+dynamic = ["version"]
+
+
+[project.scripts]
+ssm = "ssm_cli.cli:cli"
+
+
+[project.license]
+file = "LICENCE"
+
+
+[project.urls]
+Homepage = "https://github.com/simonfletcher-ln/ssm-cli"
+Issues = "https://github.com/simonfletcher-ln/ssm-cli/issues"
+
+[tool.setuptools-git-versioning]
+enabled = true

ssm_cli-0.0.1/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

ssm_cli-0.0.1/ssm_cli/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.0.9"

ssm_cli-0.0.1/ssm_cli/__main__.py

@@ -0,0 +1,9 @@
+import sys
+from ssm_cli.cli import cli
+
+
+"""
+This is the entry point for the CLI when called as a module. (python -m ssm_cli)
+"""
+if __name__ == "__main__":
+    sys.exit(cli())

ssm_cli-0.0.1/ssm_cli/aws.py

@@ -0,0 +1,44 @@
+import boto3
+import botocore
+import contextlib
+from ssm_cli.cli_args import ARGS
+
+class AWSAuthError(Exception):
+    """ A generic exception for any AWS authentication errors """
+    pass
+
+_session_cache = []
+_client_cache = {}
+
+@contextlib.contextmanager
+def aws_session():
+    """ A context manager for creating a boto3 session with caching built in """
+    try:
+        if len(_session_cache) > 0:
+            yield _session_cache[0]
+            return
+        
+        session = boto3.Session(profile_name=ARGS.global_args.profile)
+        if session.region_name is None:
+            raise AWSAuthError(f"AWS config missing region for profile {session.profile_name}")
+        
+        _session_cache.append(session)
+        yield session
+    except botocore.exceptions.ProfileNotFound as e:
+        raise AWSAuthError(f"profile invalid") from e
+    except botocore.exceptions.ClientError as e:
+        if e.response['Error']['Code'] == 'ExpiredTokenException':
+            raise AWSAuthError(f"AWS credentials expired") from e
+        raise e
+
+@contextlib.contextmanager
+def aws_client(service_name):
+    """ A context manager for creating a boto3 client with caching built in """
+    with aws_session() as session:
+        if service_name in _client_cache:
+            yield _client_cache[service_name]
+            return
+        
+        client = session.client(service_name)
+        _client_cache[service_name] = client
+        yield client

ssm_cli-0.0.1/ssm_cli/cli.py

@@ -0,0 +1,92 @@
+import sys
+
+from rich_argparse import ArgumentDefaultsRichHelpFormatter
+
+import confclasses
+from ssm_cli.config import CONFIG
+from ssm_cli.xdg import get_log_file, get_conf_file
+from ssm_cli.commands import COMMANDS
+from ssm_cli.cli_args import CliArgumentParser, ARGS
+from ssm_cli.aws import AWSAuthError
+from rich.traceback import install
+from rich.console import Console
+
+# Setup rich
+install()
+console = Console()
+
+# Setup logging
+import logging
+logging.basicConfig(
+    level=logging.WARNING,
+    filename=get_log_file(),
+    filemode='+wt',
+    format='%(asctime)s - %(name)s - %(levelname)s - %(message)s',
+    datefmt='%Y-%m-%d %H:%M:%S'
+)
+logger = logging.getLogger(__name__)
+
+def cli(argv: list = None) -> int:
+    if argv is None:
+        argv = sys.argv[1:]
+
+    # Manually set the log level now, so we get accurate logging during argument parsing
+    for i, arg in enumerate(argv):
+        if arg == '--log-level':
+            logging.getLogger().setLevel(argv[i+1].upper())
+        if arg.startswith('--log-level='):
+            logging.getLogger().setLevel(arg.split('=')[1].upper())
+
+    logger.debug(f"CLI called with {argv}")
+
+    # Build the actual parser
+    parser = CliArgumentParser(
+        prog="ssm",
+        description="tool to manage AWS SSM",
+        formatter_class=ArgumentDefaultsRichHelpFormatter,
+    )
+    parser.add_global_argument("--profile", type=str, help="Which AWS profile to use")
+
+    for name, command in COMMANDS.items():
+        command_parser = parser.add_command_parser(name, command.HELP)
+        command.add_arguments(command_parser)
+
+    parser.parse_args(argv)
+
+    logger.debug(f"Arguments: {ARGS}")
+
+    if not ARGS.command:
+        parser.print_help()
+        return 1
+    
+    # Setup is a special case, we cannot load config if we dont have any.
+    if ARGS.command == "setup":
+        COMMANDS['setup'].run(ARGS)
+        return 0
+    
+    try:
+        with open(get_conf_file(), 'r') as file:
+            confclasses.load(CONFIG, file)
+            ARGS.update_config()
+            logger.debug(f"Config: {CONFIG}")
+    except EnvironmentError as e:
+        console.print(f"[red]Invalid config: {e}[/red]")
+        return 1
+    
+    logging.getLogger().setLevel(CONFIG.log.level.upper())
+
+    
+    for logger_name, level in CONFIG.log.loggers.items():
+        logger.debug(f"setting logger {logger_name} to {level}")
+        logging.getLogger(logger_name).setLevel(level.upper())
+
+    try:
+        if ARGS.command not in COMMANDS:
+            console.print(f"[red]failed to find action {ARGS.action}[/red]")
+            return 3
+        COMMANDS[ARGS.command].run()
+    except AWSAuthError as e:
+        console.print(f"[red]AWS Authentication error: {e}[/red]")
+        return 2
+    
+    return 0

ssm_cli-0.0.1/ssm_cli/cli_args.py

@@ -0,0 +1,111 @@
+import argparse
+import sys
+from confclasses import fields, is_confclass
+from ssm_cli.config import CONFIG
+
+# The long term aim is to move this module into the config module and "bind" config to cli arguments
+# This will need a rethink of where some of the arguments/config come from because right now they are in the commands modules
+
+class CliNamespace(argparse.Namespace):
+    def update_config(self):
+        self._do_update_config(CONFIG, vars(self.global_args))
+    
+    def _do_update_config(self, config, data: dict):
+        for field in fields(config):
+            name = field.name
+            if is_confclass(field.type):
+                # If default value in the confclass
+                if not hasattr(config, name):
+                    raise RuntimeError("Config not loaded before injecting arg overrides")
+
+                prefix = f"{name}_"
+                data = {k.replace(prefix, ""): v for k, v in data.items() if k.startswith(prefix)}
+                self._do_update_config(getattr(config, name), data)
+            elif name in data and data[name] is not None:
+                setattr(config, name, data[name])
+
+ARGS = CliNamespace()
+
+class CliArgumentParser(argparse.ArgumentParser):
+    def __init__(self, *args, help_as_global=True, **kwargs):
+        self.global_args_parser = argparse.ArgumentParser(add_help=False)
+        self.global_args_parser_group = self.global_args_parser.add_argument_group("Global Options")
+        
+        self.help_as_global = help_as_global
+        if help_as_global:
+            kwargs['add_help'] = False
+            # we cannot use help action here because it will just return the global arguments
+            self.global_args_parser_group.add_argument('--help', '-h', action="store_true", help="show this help message and exit")
+
+        self.global_args_parser_group.add_argument('--version', '-v', action=VersionAction)
+
+        super().__init__(*args, **kwargs)
+        self._command_subparsers = self.add_subparsers(title="Commands", dest="command", metavar="<command>", parser_class=argparse.ArgumentParser)
+        self._command_subparsers_map = {}
+
+        self.add_config_args(CONFIG)
+
+    def parse_args(self, argv=None):
+        """
+        This injects the arguments into the pre-existing "global" args object
+        """
+        # we have to manually do the parents logic here because arguments are added after init
+        self._add_container_actions(self.global_args_parser)
+        defaults = self.global_args_parser._defaults
+        self._defaults.update(defaults)
+
+        if argv is None:
+            argv = sys.argv[1:]
+        global_args, unknown = self.global_args_parser.parse_known_args(argv, CliNamespace())
+        
+        super().parse_args(unknown, ARGS)
+        ARGS.global_args = global_args
+
+        if self.help_as_global and global_args.help:
+            if ARGS.command and ARGS.command in self._command_subparsers_map:
+                self._command_subparsers_map[ARGS.command].print_help()
+                self.exit()
+            self.print_help()
+            self.exit()
+
+        # Clean up from parents and help
+        for arg in vars(global_args):
+            if hasattr(ARGS, arg):
+                delattr(ARGS, arg)
+        if hasattr(global_args, 'help'):
+            delattr(global_args, 'help')
+        
+        return ARGS
+
+    def add_global_argument(self, *args, **kwargs):
+        self.global_args_parser_group.add_argument(*args, **kwargs)
+    
+    def add_command_parser(self, name, help):
+        parser = self._command_subparsers.add_parser(name, help=help, formatter_class=self.formatter_class, parents=[self.global_args_parser], add_help=not self.help_as_global)
+        self._command_subparsers_map[name] = parser
+        return parser
+
+    def add_config_args(self, config, prefix=""):
+        for field in fields(config):
+            if is_confclass(field.type):
+                self.add_config_args(field.type, f"{field.name}-")
+            else:
+                self.global_args_parser.add_argument(f"--{prefix}{field.name.replace('_','-')}", type=field.type, help=field.metadata.get('help', None))
+
+
+class VersionAction(argparse._VersionAction):
+    def __call__(self, parser, namespace, values, option_string = None):
+        from subprocess import run
+        from importlib.metadata import version
+
+        try:
+            results = run(["session-manager-plugin", "--version"], capture_output=True, text=True)
+        except FileNotFoundError:
+            print("session-manager-plugin not found", file=sys.stderr)
+            parser.exit(1)
+        
+        v = sys.version_info
+        print(f"ssm-cli {version('ssm-cli')}")
+        print(f"python {v.major}.{v.minor}.{v.micro}")
+        print(f"session-manager-plugin {results.stdout.strip()}")
+        parser.exit()

ssm_cli-0.0.1/ssm_cli/commands/__init__.py

@@ -0,0 +1,14 @@
+from typing import Dict
+from ssm_cli.commands.base import BaseCommand
+from ssm_cli.commands.list import ListCommand
+from ssm_cli.commands.shell import ShellCommand
+from ssm_cli.commands.ssh_proxy import SshProxyCommand
+from ssm_cli.commands.setup import SetupCommand
+
+
+COMMANDS : Dict[str, BaseCommand] = {
+    'list': ListCommand,
+    'shell': ShellCommand,
+    'sshproxy': SshProxyCommand,
+    'setup': SetupCommand
+}

ssm_cli-0.0.1/ssm_cli/commands/base.py

@@ -0,0 +1,15 @@
+from abc import ABC, abstractmethod
+import argparse
+
+import boto3
+
+class BaseCommand(ABC):
+    HELP: str = None
+    CONFIG: type = None
+    
+    @abstractmethod
+    def add_arguments(parser: argparse.ArgumentParser):
+        pass
+    @abstractmethod
+    def run(args: list, session: boto3.Session):
+        pass

ssm_cli-0.0.1/ssm_cli/commands/list.py

@@ -0,0 +1,38 @@
+from ssm_cli.instances import Instances
+from ssm_cli.commands.base import BaseCommand
+from ssm_cli.cli_args import ARGS
+import logging
+from rich.console import Console
+from rich.table import Table
+
+console = Console()
+logger = logging.getLogger(__name__)
+
+class ListCommand(BaseCommand):
+    HELP = """List all instances in a group, if no group provided, will list all available groups"""
+
+    def add_arguments(parser):
+        parser.add_argument("group", type=str, nargs="?", help="group to run against")
+    
+    def run():
+        logger.info("running list action")
+        
+        instances = Instances()
+
+        if ARGS.group:
+            table = Table()
+            table.add_column("ID")
+            table.add_column("Name")
+            table.add_column("IP")
+            table.add_column("Ping")
+            for instance in instances.list_instances(ARGS.group, True):
+                table.add_row(instance.id, instance.name, instance.ip, instance.ping)
+            console.print(table)
+        else:
+            table = Table()
+            table.add_column("Group")
+            table.add_column("Total")
+            table.add_column("Online")
+            for group in sorted(instances.list_groups(), key=lambda x: x['name']):
+                table.add_row(group['name'], str(group['total']), str(group['online']))
+            console.print(table)

ssm_cli-0.0.1/ssm_cli/commands/setup/__init__.py

@@ -0,0 +1,28 @@
+import argparse
+from ssm_cli.commands.base import BaseCommand
+from ssm_cli.commands.setup.definition import SetupDefinitions
+from confclasses import load
+
+import logging
+logger = logging.getLogger(__name__)
+
+class SetupCommand(BaseCommand):
+    HELP = "Setups up ssm-cli"
+    
+    def add_arguments(parser):
+        parser.add_argument("--replace", action=argparse.BooleanOptionalAction, default=False, help="if we should replace existing")
+        parser.add_argument("--definitions", type=str, help="Path to the definitions file")
+
+    def run(args):
+        logger.info("running setup action")
+
+        definitions = SetupDefinitions()
+        if args.definitions:
+            with open(args.definitions) as f:
+                load(definitions, f)
+            logger.info(f"Loaded definitions from {args.definitions}")
+        else:
+            logger.info("Using default definitions")
+            load(definitions, "")
+
+        definitions.run()