Skip to content

AWS Tools

🛠️ Tools · ⬅ Home 

   ▄▄    ▄▄      ▄▄   ▄▄▄▄
  ████   ██      ██ ▄█▀▀▀▀█
  ████   ▀█▄ ██ ▄█▀ ██▄
 ██  ██   ██ ██ ██   ▀████▄
 ██████   ███▀▀███       ▀██
▄██  ██▄  ███  ███  █▄▄▄▄▄█▀
▀▀    ▀▀  ▀▀▀  ▀▀▀   ▀▀▀▀▀

AWS stands for Amazon Web Services and tools related to interacting with the aws binary.

awsInstall

aws Command-Line install

Usage

awsInstall

aws Command-Line install Installs x86 or aarch64 binary based on HOSTTYPE.

Arguments

  • none

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

Requires

packageInstall urlFetch

AWS Security Groups

awsIPAccess

Grant access to AWS security group for this IP only using Amazon IAM credentials

Usage

awsIPAccess [ --profile profileName ] --services service0,service1,... [ --id developerId ] --group securityGroup [ --ip ip ] [ --revoke ] [ --help ]

Register current IP address in listed security groups to allow for access to deployment systems from a specific IP. Use this during deployment to grant temporary access to your systems during deployment only. Build scripts should have a awsIPAccess --revoke step afterward, always. services are looked up in /etc/services and match /tcp services only for port selection If no /etc/services matches the default values are supported within the script: mysql,postgres,ssh,http,https You can also simply supply a list of port numbers, and mix and match: --services ssh,http,3306,12345 is valid

Arguments

  • --profile profileName - String. Optional. Use this AWS profile when connecting using ~/.aws/credentials --services service0,service1,- ... - List. Required. List of services to add or remove (service names or port numbers)
  • --id developerId - String. Optional. Specify an developer id manually (uses DEVELOPER_ID from environment by default)
  • --group securityGroup - String. String. Required. Specify one or more security groups to modify. Format: sg- followed by hexadecimal characters.
  • --ip ip - IP. Optional. Specify bn IP manually (uses ipLookup tool from tools.sh by default)
  • --revoke - Flag. Optional. Remove permissions
  • --help - Flag. Optional. Show this help

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

Environment

awsSecurityGroupIPModify

Modify an EC2 Security Group

Usage

awsSecurityGroupIPModify --remove [ --add ] [ --register ] --group group [ --region region ] --port port --description description --ip ip [ --help ]

Usages can be awsSecurityGroupIPModify --add --group group [ --region region ] --port port --description description --ip ip awsSecurityGroupIPModify --remove --group group [ --region region ] --description description Modify an EC2 Security Group and add or remove an IP/port combination to the group.

Arguments

  • --remove - Flag. Optional. Remove instead of add - only group, and description required.
  • --add - Flag. Optional. Add to security group (default).
  • --register - Flag. Optional. Add it if not already added.
  • --group group - String. Required. Security Group ID
  • --region region - String. Optional. AWS region, defaults to AWS_REGION. Must be supplied.
  • --port port - Required. for --add only. Integer. service port
  • --description description - String. Required. Description to identify this record.
  • --ip ip - Required. for --add only. String. IP Address to add or remove.
  • --help - Flag. Optional. Display this help.

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

AWS Tools

awsIsKeyUpToDate

Test whether the AWS keys do not need to be updated

Usage

awsIsKeyUpToDate [ upToDateDays ]

For security we gotta update our keys every 90 days This value would be better encrypted and tied to the AWS_ACCESS_KEY_ID so developers can not just update the value to avoid the security issue. This tool checks the environment AWS_ACCESS_KEY_DATE and ensures it's within upToDateDays of today; if not this fails. It will also fail if: - upToDateDays is less than zero or greater than 366 - AWS_ACCESS_KEY_DATE is empty or has an invalid value Otherwise, the tool may output a message to the console warning of pending days, and returns exit code 0 if the AWS_ACCESS_KEY_DATE has not exceeded the number of days.

Arguments

  • upToDateDays - PositiveInteger.

Examples

if ! awsIsKeyUpToDate 90; then
    bigText Failed, update key and reset date
    exit 99
fi

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

Environment

  • AWS_ACCESS_KEY_DATE - Date. Date of key expiration which can be checked in pipelines. Not part of the Amazon specification but a good idea to track expiration of keys.
  • Variable used to test
  • AWS_ACCESS_KEY_DATE - Date. Date of key expiration which can be checked in pipelines. Not part of the Amazon specification but a good idea to track expiration of keys.
  • Read-only. Date. A YYYY-MM-DD formatted date which represents the date that the key was generated.

awsRegionValid

Check an AWS region code for validity

Usage

awsRegionValid region ... [ --help ]

Checks an AWS region identifier for validity as of September 2024. Note that passing no parameters returns success.

Arguments

  • region ... - String. Required. The AWS Region to validate.
  • --help - Flag. Optional. Display this help.

Return codes

  • 0 - All regions are valid AWS region
  • 1 - One or more regions are NOT a valid AWS region

AWS Credentials

awsCredentialsFile

Get the path to the AWS credentials file

Usage

awsCredentialsFile [ --help ] [ --verbose ] [ --create ] [ --home homeDirectory ]

Get the credentials file path, optionally outputting errors Pass a true-ish value to output warnings to stderr on failure Pass any value to output warnings if the environment or file is not found; otherwise output the credentials file path. If not found, returns with exit code 1.

Arguments

  • --help - Flag. Optional. Display this help.
  • --verbose - Flag. Optional. Verbose mode
  • --create - Flag. Optional. Create the directory and file if it does not exist
  • --home homeDirectory - Directory. Optional. Home directory to use instead of $HOME.

Examples

credentials=$(awsCredentialsFile) || throwEnvironment "$handler" "No credentials file found" || return $?

Return codes

  • 1 - If $HOME is not a directory or credentials file does not exist
  • 0 - If credentials file is found and output to stdout

awsHasEnvironment

Test whether the AWS environment variables are set or not

Usage

awsHasEnvironment [ --help ]

This tests AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY and if both are non-empty, returns exit code 0 (success), otherwise returns exit code 1. Fails if either AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY is blank

Arguments

  • --help - Flag. Optional. Display this help.

Examples

if awsHasEnvironment; then
...
fi

Return codes

  • 0 - If environment needs to be updated
  • 1 - If the environment seems to be set already

Environment

  • AWS_ACCESS_KEY_ID - String. Amazon Web Services IAM Identity
  • Read-only. If blank, this function succeeds (environment needs to be updated)
  • AWS_SECRET_ACCESS_KEY - Secret. Private Secret Password for AWS
  • Read-only. If blank, this function succeeds (environment needs to be updated)

awsCredentialsAdd

Write an AWS profile to the AWS credentials file

Usage

awsCredentialsAdd [ --profile profileName ] [ --force ] [ --comments ] [ --help ] [ key ] [ secret ]

Write the credentials to the AWS credentials file. If the AWS credentials file is not found, it is created

Arguments

  • --profile profileName - String. Optional. The credentials profile to write (default value is default)
  • --force - Flag. Optional. Write the credentials file even if the profile already exists
  • --comments - Flag. Optional. Write comments to the credentials file (in addition to updating the record).
  • --help - Flag. Optional. Display this help.
  • key - The AWS_ACCESS_KEY_ID to write
  • secret - The AWS_SECRET_ACCESS_KEY to write

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

awsCredentialsRemove

Remove credentials from the AWS credentials file

Usage

awsCredentialsRemove [ --profile profileName ] [ --comments ] [ profileName ] [ --help ]

Remove credentials from the AWS credentials file If the AWS credentials file is not found, succeeds. You can supply the profile using the --profile or directly, but just one.

Arguments

  • --profile profileName - String. Optional. The credentials profile to remove.
  • --comments - Flag. Optional. Write comments to the credentials file (in addition to updating the record).
  • profileName - String. Optional. The credentials profile to remove.
  • --help - Flag. Optional. Display this help.

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

awsEnvironmentFromCredentials

Get credentials and output environment variables for AWS authentication

Usage

awsEnvironmentFromCredentials [ profileName ] [ --profile profileName ] [ --comments ] [ --help ]

Load the credentials supplied from the AWS credentials file and output shell commands to set the appropriate AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY values. If the AWS credentials file is not found, returns exit code 1 and outputs nothing. If the AWS credentials file is incomplete, returns exit code 1 and outputs nothing. Both forms can be used, but the profile should be supplied once and only once.

Arguments

  • profileName - String. Optional. The credentials profile to load (default value is default and loads section identified by [default] in ~/.aws/credentials)
  • --profile profileName - String. Optional. The credentials profile to load (default value is default and loads section identified by [default] in ~/.aws/credentials)
  • --comments - Flag. Optional. Write comments to the credentials file (in addition to updating the record).
  • --help - Flag. Optional. Display this help.

Examples

setFile=$(fileTemporaryName "$handler") || return $?
if awsEnvironment "$profile" > "$setFile"; then
eval $(cat "$setFile")
rm "$setFile"
else
decorate error "Need $profile profile in aws credentials file"`
exit 1
fi

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

awsCredentialsFromEnvironment

Write an AWS profile to the AWS credentials file

Usage

awsCredentialsFromEnvironment [ --profile profileName ] [ --force ] [ --help ]

Write the credentials to the AWS credentials file. If the AWS credentials file is not found, returns exit code 1 and outputs nothing. If the AWS credentials file is incomplete, returns exit code 1 and outputs nothing.

Arguments

  • --profile profileName - String. Optional. The credentials profile to write (default value is default)
  • --force - Flag. Optional. Write the credentials file even if the profile already exists
  • --help - Flag. Optional. Display this help.

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

awsCredentialsHasProfile

Get credentials and output environment variables for AWS authentication

Usage

awsCredentialsHasProfile [ profileName ] [ --help ]

Extract a profile from a credentials file If the AWS credentials file is not found, returns exit code 1 and outputs nothing. If the AWS credentials file is incomplete, returns exit code 1 and outputs nothing.

Arguments

  • profileName - The credentials profile to load (default value is default and loads section identified by [default] in ~/.aws/credentials)
  • --help - Flag. Optional. Display this help.

Examples

setFile=$(fileTemporaryName "$handler") || return $?
if awsEnvironment "$profile" > "$setFile"; then
eval $(cat "$setFile")
rm "$setFile"
else
decorate error "Need $profile profile in aws credentials file"`
exit 1
fi

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

awsProfilesList

List AWS profiles available in the credentials file

Usage

awsProfilesList [ --help ]

List AWS profiles available in the credentials file

Arguments

  • --help - Flag. Optional. Display this help.

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

S3 Tools

isS3URL

Is the URL passed in a S3 URL?

Usage

isS3URL [ value ]

Is the URL passed in a S3 URL? Without arguments, displays help.

Arguments

  • value - EmptyString. Value to check.

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

awsS3Upload

Upload a set of files or directories to S3.

Usage

awsS3Upload [ --help ] [ --handler handler ] --target target item [ --profile profileName ]

Upload a set of files or directories to S3. Creates a manifest.json file at target with structure: - hostname - host name which sent results - created - Milliseconds creation time - createdString - Milliseconds creation time in current locale language - arguments - arguments to this function Creates a files.json with a list of files as well at target

Arguments

  • --help - Flag. Optional. Display this help.
  • --handler handler - Function. Optional. Use this error handler instead of the default error handler.
  • --target target - Required. S3 URL. S3 URL to upload to (with path)
  • item - Required. A file or directory to upload to S3. All files and directories are uploaded as the same name in the top-level directory target.
  • --profile profileName - String. Optional. S3 Profile to use when using S3

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error

awsS3DirectoryDelete

Delete a directory remotely on S3

Usage

awsS3DirectoryDelete [ --help ] [ --handler handler ] [ --show ] url ...

Delete a directory remotely on S3

Arguments

  • --help - Flag. Optional. Display this help.
  • --handler handler - Function. Optional. Use this error handler instead of the default error handler.
  • --show - Flag. Optional. Show what would change, do not change anything.
  • url ... - URL. Required. AWS S3 URL to delete

Return codes

  • 0 - Success
  • 1 - Environment error
  • 2 - Argument error