-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathaws_generic_list
executable file
·149 lines (128 loc) · 4.3 KB
/
aws_generic_list
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
#!/bin/bash
#
# aws_generic_list
#
# List AWS entities with caching and simple text formatting.
#
# Usage:
# aws_generic_list <apicategory> <apimethod> <comma separated field list> [ <filter pattern> [ <filter pattern> ... ] ]
#
# Example:
# aws_generic_list ec2 describe-vpcs VpcId,State,CidrBlock,IsDefault,Name vpc30 avail
#
#
set -o nounset
#set -o pipefail
set -o errexit
if [ ! "${3:-}" ]
then
echo "usage: aws_generic_list <apicategory> <apimethod> <fieldlist> [ <filter pattern> [ <filter pattern> ... ] ]"
exit 2
fi
api_category="$1"
api_method="$2"
fields="$3"
basename="$(basename "$0")"
shift
shift
shift
if [ \( ! "${AWS_SECRET_ACCESS_KEY:-}" -o ! "${AWS_ACCESS_KEY_ID:-}" \) -a ! "${AWS_PROFILE:-}" ]
then
echo "Must set either: \$AWS_PROFILE or \$AWS_SECRET_ACCESS_KEY and \$AWS_ACCESS_KEY_ID"
exit 2
fi
# default seconds to cache output
#
DEFAULT_TIMEOUT=-1
# allow overriding output cache timeout by specifying $AWSLIST_CACHE_TIMEOUT
#
if [ "${AWSLIST_CACHE_TIMEOUT:-}" ]
then
timeout=$AWSLIST_CACHE_TIMEOUT
else
timeout=$DEFAULT_TIMEOUT
fi
log() {
LOG="/tmp/$basename.log"
#date >> $LOG
#echo "$*" >> $LOG
}
log "timeout: $timeout"
# not exactly sure why this is necessary but otherwise the sts call fails with:
if [ -z "${AWS_PROFILE##*govcloud*}" ]
then
default_region="us-gov-east-1"
regionparm=" --region $default_region"
else
default_region="us-east-1"
regionparm=""
fi
# use the userid hitting aws as a cache subkey so instance lists from different accounts will be cached separately
#
CACHE_SUB_KEY="$(cache_run 99999999 "aws sts get-caller-identity$regionparm --query 'UserId' --output text" "${AWS_ACCESS_KEY_ID:-}-${AWS_PROFILE:-}" )"-${api_method}
if [ "$?" != 0 -o ! "$CACHE_SUB_KEY" ]
then
CACHE_SUB_KEY="$(cache_run 0 "aws sts get-caller-identity$regionparm --query 'UserId' --output text" "${AWS_ACCESS_KEY_ID:-}-${AWS_PROFILE:-}" )"-${api_method}
if [ "$?" != 0 -o ! "$CACHE_SUB_KEY" ]
then
echo "Can't get caller identity"
exit 5
fi
fi
tempfile=$(mktemp /tmp/$basename.XXXXXX)
tempfile2=$(mktemp /tmp/$basename.XXXXXX)
# For any category other than "organizations" iterate over every region unless $AWS_REGION is set. For organizations, just hardcode a region
#
if [ "$api_category" = "organizations" -o "$api_category" = "s3api" -o "$api_category" = "iam" -o \( "$api_category" = "ec2" -a "$api_method" = "describe-regions" \) ]
then
regions=$default_region
elif [ "${AWS_REGION:-}" ]
then
regions="$AWS_REGION"
else
regions="$(cache_run 9999999 "aws ec2 describe-regions$regionparm --query Regions[*].RegionName --output text" $CACHE_SUB_KEY | sed 's/ap-northeast-2//' | sed 's/ap-east-1//')"
if [ "$?" != 0 -o ! "$regions" ]
then
regions="$(cache_run 0 "aws ec2 describe-regions$regionparm --query Regions[*].RegionName --output text" $CACHE_SUB_KEY | sed 's/ap-northeast-2//' | sed 's/ap-east-1//')"
if [ "$?" != 0 -o ! "$regions" ]
then
echo "Can't get regions"
exit 6
fi
fi
fi
printed_header=""
files=""
for region in $regions
do
if [ ! "$printed_header" ]
then
echo -n "Region," >> $tempfile
cache_run $timeout "aws --region $region "${api_category}" "${api_method}" | format_generic_json.sh $fields" $CACHE_SUB_KEY | head -1 >> $tempfile
printed_header=1
fi
# full "dumb" async, causes corrupt output
#cache_run $timeout "aws --region $region "${api_category}" "${api_method}" | format_generic_json.sh $fields" $CACHE_SUB_KEY | tail -n +2 | sed "s/^/$region,/g" >> $tempfile &
# full "dump sync, 2-2.5x slower
#cache_run $timeout "aws --region $region "${api_category}" "${api_method}" | format_generic_json.sh $fields" $CACHE_SUB_KEY | tail -n +2 | sed "s/^/$region,/g" >> $tempfile
# "smart" async into different files catted together at the end
cache_run $timeout "aws --region $region "${api_category}" "${api_method}" | format_generic_json.sh $fields" $CACHE_SUB_KEY | tail -n +2 | sed "s/^/$region,/g" > $tempfile.$region &
files="$files $tempfile.$region"
done
wait
cat "$tempfile" # header
cat $files > "$tempfile"
# Probably more optimization to do here
#
#if [ ! "${1:-}" ]
#then
#cat "$tempfile" | tail +2 > "$tempfile2"
#cat "$tempfile2" > "$tempfile"
#fi
while [ "${1:-}" ]
do
cat "$tempfile" | grep -i "$1" > "$tempfile2"
cat "$tempfile2" > "$tempfile"
shift
done
cat $tempfile