├── Route53 ├── hzalias.json └── route53create-hz-and-modify.sh ├── ec2 ├── describe-instances-by-tag.sh └── keyloop.sh ├── readme.md └── s3 └── s3bucketACLChecker.sh /Route53/hzalias.json: -------------------------------------------------------------------------------- 1 | { 2 | "Comment": "creating alias for naked domain", 3 | "Changes": [ 4 | { 5 | "Action": "CREATE", 6 | "ResourceRecordSet": { 7 | "Name": "gabeslide.com", 8 | "Type": "A", 9 | "AliasTarget": { 10 | "HostedZoneId": "Z33MT2383RN6UU", 11 | "DNSName": "web-prd-123456789.us-west-2.elb.amazonaws.com", 12 | "EvaluateTargetHealth": false 13 | } 14 | } 15 | } 16 | ] 17 | } 18 | -------------------------------------------------------------------------------- /Route53/route53create-hz-and-modify.sh: -------------------------------------------------------------------------------- 1 | # A function to quickly generate and modify Route 53 records from the command line. 2 | 3 | route53create() { 4 | random=$(date +%s | md5 | base64 | head -c 32 ; echo) 5 | zone=$1 6 | echo "Creating Hosted Zone..." 7 | aws route53 create-hosted-zone --name $zone --caller-reference $random | tee /dev/tty | grep "\"Id\": \"/hostedzone/" | while read line 8 | do 9 | echo "Waiting for Hosted Zone to finish creating..." 10 | sleep 15 11 | echo "Adding alias record(s)..." 12 | zoneid=$(echo $line | awk '{print $2}' | awk -F'/' '{print $3}' | awk -F'"' '{print $1}') 13 | aws route53 change-resource-record-sets --hosted-zone-id $zoneid --change-batch file://~/Documents/route53create-hzalias.json 14 | done 15 | } 16 | -------------------------------------------------------------------------------- /ec2/describe-instances-by-tag.sh: -------------------------------------------------------------------------------- 1 | # Credit to Calvin Wong (cwong47), who wrote the first version of this script. 2 | # Main use for this is to quickly and easily pull information about your ec2 instances based on environment and role. It's designed as a function you can put in your bash profile. 3 | # This check assumes you have tags for your ec2 which separate services and environments. Change filters accordingly. 4 | 5 | ec2check() { 6 | regions="us-east-1 us-west-1 us-west-2" 7 | query='Reservations[*].Instances[*].[InstanceId,Placement.AvailabilityZone,LaunchTime,State.Name,PrivateIpAddress,PublicIpAddress,InstanceType,ImageId,SubnetId,Architecture]' 8 | env=$1 9 | service=$2 10 | 11 | [ "$#" -ne 2 -a "$#" ] && echo "Usage: ec2check2 " && return 100 12 | [ "$env" == "prd" -o "$env" == "stg" ] && profile="prd" 13 | [ "$env" == "tst" -o "$env" == "int" ] && profile="dev" 14 | 15 | printf "| %-20s | %-18s | %-25s | %-10s | %-18s | %-18s | %-17s | %-17s | %-17s | %-15s |\n" "InstanceID" "Availability Zone" "Launch Time" "State" "Private IP" "Public IP" "Instance Type" "Image" "SubnetID" "Architecture" 16 | for region in $regions 17 | do 18 | aws ec2 describe-instances \ 19 | --profile $profile \ 20 | --region $region \ 21 | --filters Name=tag:service,Values=${service} Name=tag:environment,Values=${env} \ 22 | --output text \ 23 | --query $query 24 | done | while read line; 25 | do 26 | set -- $line; 27 | printf "| %-20s | %-18s | %-25s | %-10s | %-18s | %-18s | %-17s | %-17s | %-17s | %-15s |\n" $*; 28 | done 29 | } 30 | -------------------------------------------------------------------------------- /ec2/keyloop.sh: -------------------------------------------------------------------------------- 1 | #A bash function to loop through all of your keys and users, in a desperate attempt to ssh to that instance you've never logged into before. 2 | keyloop() { 3 | me=`whoami` 4 | sshdir="/Users/$me/.ssh" 5 | users="centos ec2-user root ubuntu" 6 | host=$1 7 | [ "$#" -ne 1 -a "$#" ] && echo "Usage: keyloop " && return 100 8 | echo "Trying all the keys, this might take a minute..." 9 | for dir in $sshdir 10 | do 11 | find $sshdir -type f -name "*.pem" 12 | done > /tmp/keylist.txt 13 | for line in `cat /tmp/keylist.txt`; 14 | do 15 | for user in $users 16 | do 17 | ssh -ttX -i $line $user@$1 2> /dev/null 18 | done 19 | done 20 | } 21 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | This is a collection of tools (mostly bash functions) the goal of which is to make the default AWS CLI functions: 2 | Easier to use 3 | Easily repeatable 4 | Simpler 5 | Generate output that is easily parsed by humans and/or scripts 6 | 7 | # Example Output of commands 8 | 9 | ## describe-instances-by-tag 10 | uses the describe-instances command to search for your instances by tag (service, environment) and generate human readable output. 11 | ``` 12 | gabinante ~ $ ec2check prd web 13 | InstanceID | Availability Zone | Launch Time | State | Private IP | Public IP | Instance Type | Image | SubnetID | Architecture | 14 | "i-0e727d1c2a7532458 | us-west-2b | 2017-02-17T03:32:08.000Z | running | 10.128.101.249 | 54.224.127.17 | c4.2xlarge | ami-5erd573e | subnet-42dbd82b | x86_64" | 15 | "i-0017acb7124c23817 | us-west-2b | 2017-02-17T03:32:08.000Z | running | 10.128.101.118 | 54.224.207.116 | c4.2xlarge | ami-5erd573e | subnet-42dbd82b | x86_64" | 16 | "i-02b9b155e1d7128cf | us-west-2a | 2017-02-17T03:32:08.000Z | running | 10.128.100.242 | 54.224.35.183 | c4.2xlarge | ami-5erd573e | subnet-7ecbd814 | x86_64" | 17 | "i-081ec436237rd3b33 | us-west-2a | 2017-02-17T03:32:08.000Z | running | 10.128.100.137 | 54.224.111.145 | c4.2xlarge | ami-5erd573e | subnet-7ecbd814 | x86_64" | 18 | ``` 19 | 20 | ## route53create-hz-and-modify 21 | Creates a hosted zone and then creates/modifies records on that hosted zone. 22 | ``` 23 | gabinante ~ $ route53create gabeslide.com 24 | Creating Hosted Zone... 25 | { 26 | "HostedZone": { 27 | "ResourceRecordSetCount": 2, 28 | "CallerReference": "NDE1YzNjOTgwNRExFjhlNWZlY2FiN2Iy", 29 | "Config": { 30 | "PrivateZone": false 31 | }, 32 | "Id": "/hostedzone/ZO97A9E23H7DR", 33 | "Name": "gabeslide.com." 34 | }, 35 | "DelegationSet": { 36 | "NameServers": [ 37 | "ns-125.awsdns-12.com", 38 | "ns-1335.awsdns-28.org", 39 | "ns-1827.awsdns-16.co.uk", 40 | "ns-952.awsdns-25.net" 41 | ] 42 | }, 43 | "Location": "https://route53.amazonaws.com/2013-04-01/hostedzone/ZO97A9E23H7DR", 44 | "ChangeInfo": { 45 | "Status": "PENDING", 46 | "SubmittedAt": "2017-02-17T20:49:04.859Z", 47 | "Id": "/change/C1KFTZ79245TKX" 48 | } 49 | } 50 | Waiting for Hosted Zone to finish creating... 51 | Adding alias records... 52 | { 53 | "ChangeInfo": { 54 | "Status": "PENDING", 55 | "Comment": "creating alias for naked domain", 56 | "SubmittedAt": "2017-02-17T20:49:20.737Z", 57 | "Id": "/change/C251UZ8BSWO1WE" 58 | } 59 | } 60 | ``` 61 | -------------------------------------------------------------------------------- /s3/s3bucketACLChecker.sh: -------------------------------------------------------------------------------- 1 | for a in $(cat ~/.aws/credentials | grep "\[" | tr -d "[" | tr -d "]") 2 | do 3 | for i in $(aws s3api --profile $a list-buckets | grep Name | awk {'print $2'} | tr -d \" | tail -n +2) 4 | do 5 | echo "checking $i for AllUsers access..." 6 | aws s3api --profile $a get-bucket-acl --bucket $i | grep -A 3 "http://acs.amazonaws.com/groups/global/AllUsers" | grep --color=auto Permission 7 | echo 8 | done 9 | done 10 | --------------------------------------------------------------------------------