AWS EC2 tool
Project description
aws-ec2-tool | |
A small toolbox for working with EC2. Including: hop: a CLI for SSHing to EC2 using SSM-backed keys |
Overview
(Placeholder)
See setup.cfg to find the latest info about required versions of boto.
See the Usage section for more details
Installation
See pypi for available releases.
pip install aws-ec2-tool
Usage
After installation, you can invoke this tool as either hop
or python -m hop
.
Usage info follows:
$ hop --help
Usage: hop [OPTIONS] IDENTIFIER [COMMAND]...
Tool for SSH'ing in to EC2 with SSM-backed keys.
Example usage:
hop <instance_id> hop <reservation_id> hop <instance_name>
hop <ip_address>
Options:
-s, --ssm-prefix TEXT default SSM prefix to use for key-search
-l, --list-only list instances
--profile TEXT AWS profile to use
-s, --script TEXT Script to run
--user TEXT username (default will attempt auto-detect)
--help Show this message and exit.
Using hop with IaC
It's most convenient and powerful if you're using hop
under circumstances that guarantee that your SSH keys are already stored in SSM according to strong conventions. In other words.. it's a good idea to manage this stuff with infrastructure-as-code.
Here's some quick information and examples about how to get started doing that with terraform. Here's some of the resources involved:
Let's get keys stored in SSM first. The commands below use the ssm
command via the aws-ssm-tool. (This tool is an explicit dependency of this project; it's already installed if you ran pip
for this project.)
# generate a new keypair
$ ssh-keygen -b 2048 -t rsa -f test.key -q -N ""
$ ls test.key*
test.key test.key.pub
# put keypairs into SSM at a predictable location.
$ ssm put /your_org/keypairs/test/pub --file test.key.pub
$ ssm put /your_org/keypairs/test/pem --file test.key
# optional: get the value you set, if you want to test
$ ssm get /your_org/keypairs/test/pub
The keypair is in SSM now, but there's no actual keypair that we can use with EC2 yet. Create the keypair from what's stored in SSM with terraform like this:
data "aws_ssm_parameter" "pub_key" {
name = "/org_name/keypairs/key_name/pub"
}
resource "aws_key_pair" "appservers" {
key_name = "appservers-key"
public_key = data.aws_ssm_parameter.pub_key.value
}
Now you can use this keypair with EC2.
data "aws_ami" "ubuntu" {
most_recent = true
filter {
name = "name"
values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
owners = ["099720109477"] # Canonical
}
resource "aws_instance" "appserver-test" {
ami = data.aws_ami.ubuntu
instance_type = "t3.micro"
key_name = aws_key_pair.appservers.key_name
tags = {
Name = "my-appserver-name"
}
subnet_id = ".."
vpc_security_group_ids=[".."]
}
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for aws-ec2-tool-2024.3.13.1.54.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | c5cccf777ca4149f3ee4bed3efb0ef904925f24282f3bc71320ac10cd11d5c7e |
|
MD5 | 6f862c9e7ef98bbd47656eaf917cca43 |
|
BLAKE2b-256 | e4d1586fb51d7b4d4ef865acfb5e24b48f453a3d915cc15edcd6ad9545f7a691 |
Hashes for aws_ec2_tool-2024.3.13.1.54-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 782fe8e00e6297b17ec4f8777235804a23ba6023ecb54886ae71ad96f92462c3 |
|
MD5 | 1fd82cb9564f0f2af2a1c951414906eb |
|
BLAKE2b-256 | 7c109b44dd61f0ddcd99c585d2c033793c08f0acdd69a4448bb92d94555f5972 |