Initial checkin

Author: tchia04

README.md

@@ -1 +1,62 @@
-# awscli_helper
+# awscli_helper
+
+This directory contains some scripts I created to bridge the gap that the aws-cli left behind.
+
+## General
+### ec2-describe-instance-attributes-all.sh
+I don't understand why the aws-cli doesn't display all the instance attributes by default and have to list one at a time as desribed at https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instance-attribute.html so I came up with this script to display all the attributes listed below on an instance_id. The full list of attributes is listed below
+
+* instanceType
+* kernel
+* ramdisk
+* userData
+* disableApiTermination
+* instanceInitiatedShutdownBehavior
+* rootDeviceName
+* blockDeviceMapping
+* productCodes
+* sourceDestCheck
+* groupSet
+* ebsOptimized
+* sriovNetSupport
+* enaSupport  
+
+example: ec2-describe-instance-attributes-all.sh instance-id region
+
+## Long Resource ID testing and migration
+
+The scripts in this section help with the testing and migration to the long resource id format as described here
+https://aws.amazon.com/blogs/aws/theyre-here-longer-ec2-resource-ids-now-available/
+
+### check_role_id_format.sh
+This script let you check to see if the IAM role is opted in or opted out of the long resource id.
+
+example: check_role_id_format.sh role regions-separated-by-comma
+
+### check_user_id_format.sh
+This script let you check to see if the IAM user is opted in or opted out of the long resource id.
+
+example: check_user_id_format.sh user regions-separated-by-comma
+
+### switch_user_id_format.sh
+This script let you switch to the long or the short resource id of an IAM user including root user
+
+Syntax: switch_user_id_format.sh regions-separated-by-comma [long|short]
+
+Example:
+To switch an IAM user to use long id format in the us-west-1 region
+switch_user_id_format.sh <iam-user> us-west-1 long
+
+To switch an IAM user to use short id format in the us-west-1 (avaiable until Dec 2016)
+switch_user_id_format.sh <iam-user> us-west-1 short
+
+To switch an IAM user to use long id format in the us-west-1 and us-west-2
+switch_user_id_format.sh <iam-user> us-west-1,us-west-2 long
+
+To switch the root user(for ASG) to use long id format in the us-west-1
+
+switch_user_id_format.sh root us-west-1 long
+
+After you have finished your testing and you would like to check or optIn/optOut all the users/roles etc in one shot use the migratelongerids.py script at
+
+https://github.com/awslabs/ec2-migrate-longer-id

check_role_id_format.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+
+set -e
+usage() {
+  echo "Syntax: $0 role regions-separated-by-comma"
+  echo "For example, $0 root us-east-1,us-west-1"
+}
+
+AWS_ACCOUNT_NUMBER=$(aws sts get-caller-identity --output text --query 'Account')
+
+if [ "$1" == "" ]; then
+  echo "Missing role id."
+  usage
+  exit 1
+elif [ "$1" != "root" ]; then
+  ROLE="role/$1"
+fi
+
+DEFAULT_REGIONS="eu-west-1 ap-southeast-2 us-east-1 us-west-1"
+if [ "$2" == "" ]; then
+  echo "Missing AWS region. Using the following default regions $DEFAULT_REGIONS"
+  REGIONS=$DEFAULT_REGIONS
+else
+  REGIONS=$(echo $2 | sed s'/,/ /g')
+fi
+
+echo "Checking the id format for root "
+echo "----------------------------------------------------"
+echo "AWS_ACCOUNT_NUMBER=$AWS_ACCOUNT_NUMBER"
+echo "REGIONS=$REGIONS"
+echo "ROLE=$ROLE"
+echo "----------------------------------------------------"
+for REGION in ${REGIONS}; do
+    echo "REGION=$REGION"
+		aws --region $REGION ec2 describe-identity-id-format --principal-arn arn:aws:iam::${AWS_ACCOUNT_NUMBER}:${ROLE} --output table
+done

check_user_id_format.sh

@@ -0,0 +1,38 @@
+#!/bin/bash
+
+set -e
+usage() {
+  echo "Syntax: $0 user regions-separated-by-comma"
+  echo "For example, $0 root us-east-1,us-west-1"
+}
+
+AWS_ACCOUNT_NUMBER=$(aws sts get-caller-identity --output text --query 'Account')
+
+if [ "$1" == "" ]; then
+  echo "Missing user id."
+  usage
+  exit 1
+elif [ "$1" == "root" ]; then
+  USER="root"
+elif [ "$1" != "root" ]; then
+  USER="user/$1"
+fi
+
+DEFAULT_REGIONS="eu-west-1 ap-southeast-2 us-east-1 us-west-1"
+if [ "$2" == "" ]; then
+  echo "Missing AWS region. Using the following default regions $DEFAULT_REGIONS"
+  REGIONS=$DEFAULT_REGIONS
+else
+  REGIONS=$(echo $2 | sed s'/,/ /g')
+fi
+
+echo "Checking the id format for root "
+echo "----------------------------------------------------"
+echo "AWS_ACCOUNT_NUMBER=$AWS_ACCOUNT_NUMBER"
+echo "REGIONS=$REGIONS"
+echo "USER=$USER"
+echo "----------------------------------------------------"
+for REGION in ${REGIONS}; do
+    echo "REGION=$REGION"
+		aws --region $REGION ec2 describe-identity-id-format --principal-arn arn:aws:iam::${AWS_ACCOUNT_NUMBER}:${USER} --output table
+done

ec2-describe-instance-attributes-all.sh

@@ -0,0 +1,41 @@
+#!/bin/sh
+
+ATTRIBUTES="
+instanceType
+kernel
+ramdisk
+userData
+disableApiTermination
+instanceInitiatedShutdownBehavior
+rootDeviceName
+blockDeviceMapping
+productCodes
+sourceDestCheck
+groupSet
+ebsOptimized
+sriovNetSupport
+enaSupport
+"
+
+if [ "$1" == "" ]; then
+  echo "Please provide an instance id"
+	exit 1
+else
+  INSTANCE_ID=$1
+fi
+
+if [ "$2" == "" ]; then
+  echo "Please provide a REGION such as us-west-1 "
+	exit 1
+else
+  REGION=$2
+fi
+
+echo "Instance ID=$1" > $INSTANCE_ID.log
+for a in $ATTRIBUTES; do
+  echo ATTRIBUTE=$a>> $INSTANCE_ID.log
+  aws --region $REGION ec2 describe-instance-attribute --instance-id $INSTANCE_ID --attribute $a --output text >> $INSTANCE_ID.log 2>&1
+	echo "------------------------------" >> $INSTANCE_ID.log
+done
+
+cat $INSTANCE_ID.log | grep -v $INSTANCE_ID

switch_user_id_format.sh

@@ -0,0 +1,63 @@
+#!/bin/sh
+
+set -e
+
+usage() {
+  echo "Syntax: $0 user regions-separated-by-comma ID_FORMAT"
+  echo "For example, to switch the root user in us-west-1 to long format"
+  echo "  $0 root us-west-1 long"
+  echo "For example, to switch the root user in us-west-1 to short format"
+  echo "  $0 root us-west-1 short"
+}
+
+AWS_ACCOUNT_NUMBER=$(aws sts get-caller-identity --output text --query 'Account')
+
+if [ "$1" == "" ]; then
+  echo "Missing user id."
+  usage
+  exit 1
+elif [ "$1" == "root" ]; then
+  USER="root"
+elif [ "$1" != "root" ]; then
+  USER="user/$1"
+fi
+
+DEFAULT_REGIONS="eu-west-1 ap-southeast-2 us-east-1 us-west-1"
+if [ "$2" == "" ]; then
+  echo "Missing AWS region."
+  usage
+  exit 1
+else
+  REGIONS=$(echo $2 | sed s'/,/ /g')
+fi
+
+if [ "$3" == "long" ]; then
+  ID_FORMAT="--use-long-ids"
+elif [ "$3" == "short" ]; then
+  ID_FORMAT="--no-use-long-ids"
+else
+  echo "Invalid id format"
+  usage
+  exit 1
+fi
+
+echo "Switch to the $ID_FORMAT id format for $USER"
+echo "----------------------------------------------------"
+echo "AWS_ACCOUNT_NUMBER=$AWS_ACCOUNT_NUMBER"
+echo "REGIONS=$REGIONS"
+echo "USER=$USER"
+echo "ID_FORMAT=$ID_FORMAT"
+echo "----------------------------------------------------"
+
+RESOURCES="instance reservation snapshot volume"
+ARN="arn:aws:iam::$AWS_ACCOUNT_NUMBER:$USER"
+
+for REGION in ${REGIONS}; do
+    echo "REGION=$REGION"
+    for r in ${RESOURCES}; do
+			echo "Changing the id format for resource=$r"
+        aws ec2 modify-identity-id-format --principal-arn $ARN --region $REGION --resource $r $ID_FORMAT
+    done
+done
+
+./check_user_id_format.sh $1 $2