Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/railsware/aws-ecs-tools


https://github.com/railsware/aws-ecs-tools

Last synced: 7 months ago
JSON representation

Awesome Lists containing this project

README 

          
# aws-ecs-tools



A collection of Ruby scripts that make it easier to work with ECS from the command line.



## param_tool.rb



A tool to sync up AWS Systems Manager Parameter Store with a local YAML file.



WIP; TODO a prettier name.



```

Usage: AWS_REGION= param_tool.rb [options] (down|up)

    -f, --file=FILE                  File with params

    -p, --prefix=PREFIX              Param prefix

    -k, --key=KEY                    Encryption key for writing secure params (no effect on reading)

    -d, --decrypt                    Output decrypted params

    -y, --yes                        Apply changes without asking for confirmation (DANGER)

    -D, --description=STRING         Add description to params

```



### Download params



```sh

AWS_REGION=eu-central-1 param_tool.rb --prefix /staging/myapp down >params.yml

```



- Secure (encrypted) param values are replaced with `SECURE` - NOT decrypted.

- To decrypt, use `-d` key.

- Secure param keys are suffixed with '!'

- Params are converted into a tree, using slashes as nesting separators.



### Upload params



```sh

# see planned changes, confirm, apply:

AWS_REGION=eu-central-1 param_tool.rb --prefix /staging/myapp --file params.yml up



Planned changes:

create /staging/myapp/host = "app.com"

delete /staging/myapp/deprecated

update /staging/myapp/port = "80"

Apply? (anything but "yes" will abort): yes

writing parameter /staging/myapp/host...done

deleting parameter /staging/myapp/deprecated...done

writing parameter /staging/myapp/port...done

All done!



# non-interactive mode (and you can pass params to standard input)

my_param_generating_script.sh | param_tool.rb --prefix /staging/myapp --yes up



# specify a key to do the encryption:

AWS_REGION=eu-central-1 param_tool.rb --key alias/mailtrap-parameter-store --prefix /staging/myapp --file params.yml up

```



- params that are not changed will not be updated

- secure params that have a value of `SECURE` are NOT updated

- secure params that have any other value ARE updated - then make sure to provide the proper key

- to make a param secure, add a `!` suffix to the key name - note that the '!' character itself will be stripped from the key name in Parameter Store

- params with a value of `DELETE` are deleted from parameter store



### Workflow concept



- create a YAML file with the params you need; you can reuse the same file for a file-based Global backend.

- upload it to staging

- upload it to prod

- download params from staging, update, and send to prod

- commit param set as reference (make sure that sensitive params are secured, and thus not committed)



### Sample params.yml



```yaml

---

aws:

  bucket: my-bucket

braintree:

  environment: sandbox

  merchant_id!: SECURE

  private_key!: SECURE

  public_key!: SECURE

heroku:

  addon_manifest: |-

    {

     "hey!": "you can do multiline values too",

     "useful": "for SSH keys"

    }

```



## ecs_run.rb



Run shell script or Ruby code on an ECS service



```sh

Usage: ecs_run.rb [options] [command or STDIN]

    -c, --cluster=CLUSTER            Cluster name

    -s, --service=SERVICE            Service name

    -w, --watch                      Watch output

    -r, --ruby                       Run input as Ruby code with Rails runner (instead of shell command)

    -R, --region                     AWS region to use

```



Note that the command is non-interactive - you provide the code and you watch it execute.



### Specify target



Cluster and service are required params. Besides them, you'll need to set the region through environment variables.



The command retrieves the task definition, subnet, and security group from the service automatically.



### Providing input



There are three ways to provide input:



- as a final argument to the command - make sure to quote it properly



  ```sh

  ecs_run.rb -c app -s app 'rake -T'

  ```



- from a file



  ```sh

  ecs_run.rb -c app -s app