Merge pull request #1 from lamhaison/develop

upgrade feature

Author: lamhaison

.gitignore

@@ -0,0 +1,2 @@
+aws_cli_results
+.DS_Store

README.md

@@ -5,23 +5,44 @@ This is the project to collect helpful aws cli commandline with complex options
 - Sometimes, you want to add more options on purpose and you want to have a place to collect and reuse it in the future. That is the reason I defined that structure to help me collect helpful commandlines and share on the github.
 
 
-
 ## Setup dependencies
+Notes: This document is for macos environment.
+
+## Setup aws-cli
+How to install aws cli - https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
+```
+aws --version
+aws-cli/2.8.1 Python/3.9.11 Darwin/22.1.0 exe/x86_64 prompt/off
+```
+
+### Install peco
+To allow searching by console.
+![image](./images/aws_help.png)
+
 ```
-brew install remind101/formulae/assume-role
 brew install peco
+peco --version
+peco version v0.5.10 (built with go1.19.2)
+```
 
+### Install assume-role
+To allow assume role to a target account
+```
+brew install remind101/formulae/assume-role
+```
+
+### Setup your password for compress the plantext your temporary credentail.
+```
 # This password is used to encrypt your tmp credential.
 echo "random_string" > ~/.password_assume_role_encrypted
 ```
 
 
-## Settings when open terminal
+## Settings when open terminal (I am using iterm)
 ```
 echo "source /opt/lamhaison-tools/aws-cli-utils/main.sh" >> ~/.bashrc
 ```
 
-
 ## Setting on ~/.aws/config
 
 ```

common/common.sh

@@ -0,0 +1,14 @@
+aws_run_commandline() {
+	aws_commandline=$1
+	log_file_path=${aws_cli_logs}/${ASSUME_ROLE}.log
+	if [ "$aws_show_commandline" = "true" ]; then
+		output="tee -a ${log_file_path}"
+	else
+		output=">> ${log_file_path}"
+	fi
+
+	echo "-------------------------------------START--$(date '+%Y-%m-%d-%H-%M-%S')------------------------------------------------" >>${log_file_path}
+	echo Running commandline \[ ${aws_commandline:?"Commandline is unset or empty"}\ ] | eval $output
+	eval $aws_commandline | tee -a ${aws_cli_logs}/${ASSUME_ROLE}.log
+	echo "-------------------------------------FINISH-$(date '+%Y-%m-%d-%H-%M-%S')------------------------------------------------" >>${log_file_path}
+}

common/hep_aws_rds.sh

@@ -0,0 +1,51 @@
+aws_help_install_mysql_client_5_7() {
+
+	echo \
+		"
+		sudo rpm -Uvh https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm
+		rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022
+		yum install -y mysql-community-client
+	"
+}
+
+aws_help_rds_list_bin_logs() {
+	echo \
+		"show binary logs;"
+}
+
+aws_help_start_stop_replication() {
+	echo "CALL mysql.rds_start_replication;"
+	echo "CALL mysql.rds_stop_replication;"
+}
+
+aws_help_rds_aurora_set_replication() {
+	echo \
+		"
+		aws_rds_list_events
+		CALL mysql.rds_set_external_master ('master_address', 3306, \
+			'repl_user', '123456', 'mysql-bin-changelog.000002', 1234, 0);
+	"
+}
+
+aws_help_rds_aurora_test_replication() {
+
+	echo \
+		"
+
+		# On master
+		CREATE TABLE IF NOT EXISTS tasks (
+    		task_id INT AUTO_INCREMENT PRIMARY KEY
+		)  ENGINE=INNODB;
+
+		DB_USER=xxx
+		DB_PASSWD=xxx
+		DB_NAME=xxx
+		DB_ADDRESS=xxx
+		mysql --user=$DB_USER --password=$DB_PASSWD $DB_NAME -h $DB_ADDRESS << EOF
+    		INSERT INTO tasks (\`task_id\`) VALUES (NULL);
+		EOF
+
+		# On slave
+		select * from tasks;
+	"
+}

common/peco.sh

@@ -0,0 +1,95 @@
+# brew install peco
+# PECO
+
+peco_assume_role_name() {
+	cat ~/.aws/config | grep -e "^\[profile.*\]$" | peco
+}
+
+peco_format_aws_output_text() {
+	peco_input=$1
+	echo "${peco_input}" | tr "\t" "\n"
+}
+
+peco_aws_acm_list() {
+	aws_acm_list | peco
+}
+
+peco_aws_input() {
+	aws_cli_commandline="${1} --output text"
+	result_cached=$2
+
+	md5_hash=$(echo $aws_cli_commandline | md5)
+	input_folder=${aws_cli_input_tmp}/${ASSUME_ROLE}
+	mkdir -p ${input_folder}
+	input_file_path="${input_folder}/${md5_hash}.txt"
+	empty_file=$(find ${input_folder} -name ${md5_hash}.txt -empty)
+
+	# The file is existed and not empty and the flag result_cached is not empty
+	if [ -f "${input_file_path}" ] && [ -z "${empty_file}" ] && [ -n "${result_cached}" ]; then
+		# Ignore the first line.
+		grep -Ev "\*\*\*\*\*\*\*\* \[.*\]" $input_file_path
+	else
+		aws_result=$(eval $aws_cli_commandline)
+		format_text=$(peco_format_aws_output_text $aws_result)
+
+		if [ -n "${format_text}" ]; then
+			echo "******** [ ${aws_cli_commandline} ] ********" >${input_file_path}
+			echo ${format_text} | tee -a ${input_file_path}
+		else
+			echo "Can not get the data"
+		fi
+
+	fi
+}
+
+# AWS Logs
+peco_aws_logs_list() {
+	peco_aws_input 'aws logs describe-log-groups --query "*[].logGroupName"' 'true'
+}
+
+# AWS ECS
+peco_aws_ecs_list_clusters() {
+	peco_aws_input 'aws ecs list-clusters --query "*[]"' 'true'
+}
+
+peco_aws_ecs_list_services() {
+	peco_aws_input 'aws ecs list-services --cluster $aws_ecs_cluster_arn --query "*[]"'
+}
+
+# AWS ECR
+
+peco_aws_list_repositorie_names() {
+	peco_aws_input 'aws ecr describe-repositories --query "*[].repositoryName"' 'true'
+}
+
+# AWS RDS
+peco_aws_list_db_parameter_groups() {
+	peco_aws_input 'aws rds describe-db-parameter-groups --query "*[].DBParameterGroupName"' 'true'
+}
+
+peco_aws_list_db_cluster_parameter_groups() {
+	peco_aws_input 'aws rds describe-db-cluster-parameter-groups --query "*[].DBClusterParameterGroupName"' 'true'
+}
+
+peco_aws_list_db_clusters() {
+	peco_aws_input 'aws rds describe-db-clusters --query "*[].DBClusterIdentifier"' 'true'
+}
+
+peco_aws_list_db_instances() {
+	peco_aws_input 'aws rds describe-db-instances --query "*[].DBInstanceIdentifier"' 'true'
+}
+
+# Lambda
+peco_aws_lambda_list() {
+	peco_aws_input 'aws lambda list-functions --query "*[].FunctionName"' 'true'
+}
+
+# S3
+peco_aws_s3_list() {
+	peco_aws_input 'aws s3api list-buckets --query "Buckets[].Name"' 'true'
+}
+
+# Codebuild
+peco_aws_codebuild_list() {
+	peco_aws_input 'aws codebuild list-projects --query "*[]"' 'true'
+}

images/aws_help.png

@@ -1,23 +1,32 @@
+# Get the current directory of the main.sh script.
+export AWS_CLI_SOURCE_SCRIPTS="$(dirname -- "$0")"
+
 export assume_role_password_encrypted="$(cat ~/.password_assume_role_encrypted)"
 export tmp_credentials="/tmp/aws_temporary_credentials"
-export aws_cli_results="$(echo ~/aws_cli_results)"
-export aws_cli_history="${aws_cli_results}/history.json"
+export aws_cli_results="${AWS_CLI_SOURCE_SCRIPTS}/aws_cli_results"
+export aws_cli_logs="${AWS_CLI_SOURCE_SCRIPTS}/aws_cli_results/logs"
+export aws_cli_input_tmp="${AWS_CLI_SOURCE_SCRIPTS}/aws_cli_results/inputs"
+export aws_tmp_input="/tmp/aws_tmp_input_23647494949484.txt"
+# max session 1h
+export aws_assume_role_duration=3600s
 export aws_assume_role_expired_time=55
-
-# Get the current directory of the main.sh script.
-export AWS_CLI_SOURCE_SCRIPTS="$(dirname -- "$0")"
+# To allow log detail of the aws cli [true|false]
+export aws_show_commandline=true
+export aws_log_tail_since=120m
 
 mkdir -p ${tmp_credentials}
 mkdir -p ${aws_cli_results}
+mkdir -p ${aws_cli_logs}
+mkdir -p ${aws_cli_input_tmp}
 
 # add some help aliases
 alias get-account-alias='aws iam list-account-aliases'
 alias get-account-id='echo AccountId $(aws sts get-caller-identity --query "Account" --output text)'
-alias aws-cli-save-commandline-to-history='history -1 >> ${aws_cli_history}'
-alias aws-cli-save-all-commandlines-to-history='history |grep aws | grep -v history >> ${aws_cli_history}'
-# alias assume-role='function(){eval $(command assume-role --duration 1h $@);}'
 
 # Import sub-commandline.
-for script in $(ls ${AWS_CLI_SOURCE_SCRIPTS}/services); do
-	source ${AWS_CLI_SOURCE_SCRIPTS}/services/$script
+
+for module in $(echo "common services"); do
+	for script in $(ls ${AWS_CLI_SOURCE_SCRIPTS}/${module}); do
+		source ${AWS_CLI_SOURCE_SCRIPTS}/${module}/$script
+	done
 done

main.sh

@@ -3,6 +3,11 @@
 
 aws_acm_list() {
 	for item in $(aws acm list-certificates --query "*[].CertificateArn" --output text); do
-		aws acm describe-certificate --certificate-arn $item --query "*[].{CertificateArn:CertificateArn,DomainName:DomainName,SubjectAlternativeNames:SubjectAlternativeNames,Type:Type}"
+		aws_run_commandline \
+			"
+		aws acm describe-certificate \
+			--certificate-arn $item \
+			--query \"*[].{CertificateArn:CertificateArn,DomainName:DomainName,SubjectAlternativeNames:SubjectAlternativeNames,Type:Type}\"
+		"
 	done
 }

services/acm.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+aws_alb_list() {
+	aws_run_commandline "aws elbv2 describe-load-balancers"
+}
+
+aws_alb_info() {
+
+	for alb_arn in $(aws elbv2 describe-load-balancers --query "*[].LoadBalancerArn" --output text); do
+		aws_run_commandline "aws elbv2 describe-listeners --load-balancer-arn $alb_arn"
+
+	done
+
+}

services/alb.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# Setting for ecs
+aws_application_autoscaling_ecs() {
+	aws application-autoscaling describe-scheduled-actions \
+		--service-namespace ecs
+}