AwsEc2Helper:

This repository contains a helper class that creates per region wrappers around commonly used AWS SDK functions.

Table of Contents

• Configuration File
  • dry_run
  • log_path
  • AWS Integration:
    • use_cli_config
    • cli_profile_name
    • access_key_id
    • secret_key
  • Cluster Information:
    • region_name
    • vpc_id
    • instance_ids

Configuration File

The configuration of this script is controlled via its config.json file. In this section, we'll breakdown the various configuration options, and where to find the information you need to complete the provided template.

"dry_run": false,
"log_path": "./logs"

dry_run

• Type: Boolean
• Function: Controls the AWS API's DryRun feature. If true, then all AWS API operations will check to see if you have correct permissions. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation.

log_path

• Type: String
• Function: Controls where the script outputs files to. If the directory doesn't exist, it will attempt to make it. However, the script is currently unable to make additional sub-directories.

"aws": {
  "use_cli_config": true,
  "cli_profile_name": false,
  "access_key_id": false,
  "secret_key": false
}

AWS Integration:

use_cli_config

• Type: Boolean
• Function: This flag configures the script to tell boto3 to utilize your existing AWS CLI configuration for it's credentials.
• Note: For more information on how boto3 handles credential/configuration detection, please see Configuring Credentials

cli_profile_name

• Type: String
• Depends On: "use_cli_config": true
• Function: If provided, boto3 will load the AWS CLI configuration for the given AWS CLI profile.
• Default Value: false - Any other string value will be treated as a profile name. To disable this flag, leave it as false.
• Note: For more information on AWS CLI Named Profiles, please see their documentation.

NOTE: The below options should be avoided, as they store the credentials in plain text. To retrieve these credentials, see AWS' Understanding and Getting Your Security Credentials

access_key_id

• Type: String
• Depends On: "use_cli_config": false - Otherwise the AWS CLI configuration will be used.
• Function: Allows for AWS Integration without having the AWS CLI configured.

secret_key

• Type: String
• Depends On: "use_cli_config": false - Otherwise the AWS CLI configuration will be used.
• Function: Allows for AWS Integration without having the AWS CLI configured.

Cluster Information:

"clusters": {
  "r1": {
    "region_name": "us-east-1",
    "vpc_id": "vpc-f408c1e0946602185",
    "instance_ids": [
      "i-3f5635430734aaae7",
      "i-57f353e04346a73aa",
      "i-5440aaa65e33f7337"
    ]
  },
  "r2": {
    "region_name": "us-west-1",
    "vpc_id": "vpc-9c08e46025416f810",
    "instance_ids": [
      "i-5075673344aa3fea3",
      "i-4a4657e5033af73a3",
      "i-57033f343a57e4a6a"
    ]
  }
}

Each region/cluster requires the following information:

region_name

• Type: String
• Function: Allows the AwsEc2Helper object to be target the exact region of the given cluster. It is used by the embedded boto3 client, when the AwsEc2Helper object is initialized.
• Note: For more information on AWS Regions, please see their documentation.

vpc_id

• Type: String
• Function: Allows the AwsEc2Helper object to be target the exact vpc of the given cluster. It is used by the embedded boto3 client, when the AwsEc2Helper object is initialized.
• Note: This information can be retrieved via the AWS Managment Console, or the AWS CLI's describe-vpcs command.
• Screenshot:

instance_ids

• Type: String
• Function: Allows the AwsEc2Helper object to be target the exact instances of the given cluster. It is used by the embedded boto3 client, when the AwsEc2Helper object is initialized. This information is required for each instance in the Auth0 PSaaS appliance deployed in the given region.
• Note: For more information on AWS Instance Metadata, please see their documentation.