[HN Gopher] Show HN: Bash-My-AWS - CLI Commands for AWS ___________________________________________________________________ Show HN: Bash-My-AWS - CLI Commands for AWS Author : failmode Score : 52 points Date : 2019-12-31 14:48 UTC (1 days ago) (HTM) web link (bash-my-aws.org) (TXT) w3m dump (bash-my-aws.org) | TheSpiciestDev wrote: | Just the other day I was looking for an official docker image | that includes the AWS CLI. On top of that, and mainly, I was | looking to find more documentation or tooling to better automate | the deployment of new AWS projects. | | Does anyone here have any experience of (starting from scratch or | with no AWS resources) setting up | policies/users/resources/configurations via something similar to | the Deployment Managers of GCP and Azure?.. preferably something | declarative or via templates? | | Bash-my-AWS looks like a great step towards the goal I have in | mind but I may also just be unaware of other tooling or AWS | capabilities. | weberc2 wrote: | If I'm understanding you correctly, I think you want | CloudFormation? | TheSpiciestDev wrote: | Thanks, AWS CloudFormation looks like what I've experienced | with other cloud service providers. | mypalmike wrote: | There is also AWS Cloud Development Kit, which generates | CloudFormation from Typescript, C#, Java, or Python. | | https://aws.amazon.com/blogs/developer/getting-started- | with-... | stevekemp wrote: | The other alternative is terraform: | | https://www.terraform.io/ | avip wrote: | Like it or not (I do...) terraform is the de-facto industry | standard, and pretty much the only mature cloud resources | management tool I'm aware of. | | It is unwise IMHO to use CloudFormation currently unless you're | provisioning resources so obscure they didn't yet make it to tf | aws provider. | | BTW your Dockerfile pretty much boils down to: | FROM alpine:3.10 RUN apk add --no-cache \ | python3 RUN pip3 install awscli COPY | config /root/.aws/ COPY credentials /root/.aws/ | crtlaltdel wrote: | if you don't want to copy your credentials into the container | you can supply them via env vars when you docker run commands | in the container | bob33 wrote: | ansible and serverless are also very powerful IAC tools that | let you deploy on top of CloudFormation but give you a much | nicer way to do so. Terraform does require state which is a | pain point of it for some. Ansible let's you just run their | scripts and you don't have to worry about state in S3 or | Dynamo DB. | yjftsjthsd-h wrote: | > unless you're provisioning resources so obscure they didn't | yet make it to tf aws provider. | | Isn't there precedent for terraform getting support for | things _before_ cloudformation? | LilBytes wrote: | I'd say it's more and more common that CF doesn't support X | resource or pattern than anything else. | | We've got custom resources _everywhere_ instead and only | just started on our journey of using TF instead. CDK is | trying to drive up adoption though I've not used it yet so | can't provide any opinions. | zbruhnke wrote: | Gruntwork has a lot of Open Source tooling around AWS and their | new guides are pretty great for some of what you're mentioning | | https://gruntwork.io/guides/ | | I am in no way affiliated with them other than being a customer | parfamz wrote: | I would strongly recommend to use cloud formation through a | typed proxy like troposphere. Also would not recommend to use | terraform at all since you will run into warts and fundamental | issues quickly. I have done projects with both and my current | blessed workflow is a custom python driver which uses CF via | troposphere and minimal boto3 as glue. Also I work at AWS. | ak217 wrote: | Several of the warts in Terraform were fixed in 0.12. | | While I think the HCL DSL was a mistake and prefer the | CloudFormation YAML, CloudFormation has its share of warts as | well, and the TF community has been doing better than CF in | staying up-to-date with the AWS API updates - which reflects | quite poorly on AWS actually. | | > would not recommend to use terraform at all since you will | run into warts and fundamental issues | | It's not a good look to be employed by the 800 pound gorilla | and bash your company's competitor without mentioning | specifics. | LilBytes wrote: | 0.12 fixed and introduced warts. It's a buggy mess, but it | is at least has better coverage than CF. | natekupp wrote: | We use Pulumi to manage both our GCP and AWS resources, and we | really like it. | | You might consider using Terraform directly if you want | something more mature. | cosaquee wrote: | At work we are using Terraform to manage everything that is | related to AWS resources, including accounts, IAM policies and | groups. We also used Serverless framework and CloudFormation, | but Terraform is what works for us and I can recommend it as a | main IaaS tool | Terretta wrote: | Interesting this requires 'jq' when JMESpath is built into AWS | CLI already. | | http://jmespath.org/ | kesor wrote: | jmespath has quite a few limitations, even the official AWS CLI | documentation states that for the more advanced stuff `jq` is | probably the go to tool. | | https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-o... | | "For more advanced filtering that you might not be able to do | with --query, you can consider jq, a command line JSON | processor. You can download it and find the official tutorial | at http://stedolan.github.io/jq/." | fiddlerwoaroof wrote: | I find jq's language a lot nicer than JMESpath and trend to use | it whenever possible | justin_oaks wrote: | My HN comment detailing several limitations of JMESPath: | https://news.ycombinator.com/item?id=16400320 | failmode wrote: | jq is only used in three of the >120 functions. All the rest | use JMESPath. | | If anyone can help with a solution I'd be delighted to remove | the dependency on jq. | | https://github.com/bash-my-aws/bash-my-aws/blob/b74d92a902bb... | m0zg wrote: | Coming from Google Cloud, I couldn't deal with the atrocity that | is awscli, so I ended up eventually implementing the bare minimum | of shell wrappers to at least start, stop, ssh into, rsync files | to and from, etc, my aws instances _by name_, not by instance ID. | Took me a couple of hours to cobble it together. | | Google cloud CLI offers all of this out of the box. Why Amazon | wants to make such basic commands difficult, I'll never | understand. | pensatoio wrote: | What really sells me on this tool is the ability to examine the | underlying awscli command and transformations. I'll be giving | this a go in the new year! | nahikoa wrote: | This looks like an awesome project! | | Meta note: All things considered, Amazon has it pretty good. They | put out a barely usable, bare-bones, but fully functional tool in | awscli. Paying customers of AWS have to perform the engineering | effort to make the API more usable, and some even open-source | their projects like this. AWS is an incredible business model. | Aperocky wrote: | Anything above bare bones will be opinionated, imo this is the | best solution for infrastructure provider - maximum freedom, | but also providing a UI for simpler access. | dajohnson89 wrote: | turning the flywheel | zk68420 wrote: | you can do this in a very simple tip check details | here;http://bit.ly/2lRXocyz | ak217 wrote: | I have developed something similar on top of the AWS CLI that | incorporates a bunch of integrations with other tools like the | cloudinit and various bits of Batch-related instrumentation: | https://github.com/kislyuk/aegea | failmode wrote: | It's probably my fault if you haven't heard of Bash-My-AWS. | | Bash-My-AWS is a simple but extremely powerful set of CLI | commands for managing resources on Amazon Web Services. They | harness the power of Amazon's AWSCLI, while abstracting away the | verbosity. The project implements some innovative patterns but | (arguably) remains simple, beautiful, readable and easily | extensible. | | The project started in 2014 and while many hundreds of hours have | gone into it, far less has gone into promotion. | | I'm speaking about it at LinuxConf and have created a | documentation site at https://bash-my-aws.org | | https://linux.conf.au/schedule/presentation/144/ | bob33 wrote: | for anyone on this thread that is interested. I run | https://getcommandeer.com which is a tool to manage your AWS | and IAC infrastructure from a desktop GUI. I love this bash-my- | aws, as we are about to release Bash, Docker Compose, and | Terraform Runners. We already have Serverless and Ansible | runners. They enable you to run your command line system from a | GUI, so that you can instantly switch between AWS | accounts/regions and even LocalStack. Because it is a desktop, | under the hood we are really running cli tools mixed in with | some AWS JS SDK. | GhettoMaestro wrote: | Very cool app. Giving it a try right now. | dopylitty wrote: | If you want to easily manipulate your AWS environment from the | command line use the AWS cmdlets for PowerShell. The fact that | PowerShell cmdlets work on objects instead of text makes them | miles better than this or the AWS CLI because you don't spend | most of your time figuring out how to wrangle text into | meaningful output. | jrockway wrote: | Do you have any insights on how someone who is used to the | text-only world of Bash transition to using Powershell cmdlets? | | The problem I run into is that it just feels like so much | typing to me. I have to read documentation. All the attributes | HaveReallyLongNamesThatContainCapitalLetters. By the time I've | made my beta version of the command I want to run, I feel like | I need to open a text editor to finish it. Maybe add some error | checking. Some comments too. Maybe a unit test or three. And | now I have an entire project and all I wanted to do was add a | line of text to the end of a file. | | Part of the problem on my part is my own ignorance of the APIs | and what commands are available to me. But it all seems too | verbose to use practically. The Powershell language seems very | good for what you would write a shell script to do, but for | interactive commands, I have a hard time believing that people | use it. It's just so verbose. | bob33 wrote: | We are starting to solve the command line problem in | Commandeer. https://getcommandeer.com/iac-running-suite In | the next few weeks we will be rolling out a Bash Runner. This | is a preview of the Bash Runner Page - | https://imgur.com/Eruzzv7 | dvtrn wrote: | Hasn't AWSCLI supported toggling the cmd output to either text, | json or csv for quite some time now or have I misunderstood | your comment here? | failmode wrote: | Bash-My-AWS wraps AWSCLI as thinly as possible and makes use | of JMESPath and the text output. | | The result is you have a simple set of commands that don't | require you to type hundreds of characters. | instances() { local instance_ids=$(__bma_read_inputs) | local filters=$(__bma_read_filters $@) aws ec2 | describe-instances | \ $([[ -n ${instance_ids} ]] && echo --instance-ids | ${instance_ids}) \ --query " | Reservations[].Instances[][ InstanceId, | InstanceType, State.Name, | [Tags[?Key=='Name'].Value][0][0], LaunchTime, | Placement.AvailabilityZone, VpcId | ]" | \ --output text | grep -E -- | "$filters" | LC_ALL=C sort -b -k 6 | column | -s$'\t' -t } | jolux wrote: | You don't get the impedance mismatch of text to objects that | bash has when dealing with the complexity of AWS resources. | alpb wrote: | Is this primarily required because AWS CLI is not good enough at | listing resources in desired format (json, jsonpath, yaml, | table..)? ___________________________________________________________________ (page generated 2020-01-01 23:00 UTC)