I’m using ShutIt to play with AWS at the moment.
I can leverage the core libraries to easily build on top with my secret data and store in my source control system, and I’ll show how you can do this here.
Firstly, there’s a core aws library that takes care of installing the aws command line tool which is part of the ShutIt libraries:
It contains the ability to configure the AWS access token, but obviously we don’t want to store that in the core library.
The solution to this to create my own module which effectively inherits from that generic solution, adding my pems and configuring for access.
/space/git/shutit/shutit skeleton /my/git/path/ianmiellaws ianmiellaws my.domain cd /my/git/path/ianmiellaws mv /path/to/pems context/ cd /my/git/path/ianmiellaws/ vi configs/ vi ianmiellaws.py ./test.sh
The bits in bold were the bits edited in the above vi edit:
imiell@lp01728:/space/git/work/notes/aws/ianmiellaws$ cat ianmiellaws.py from shutit_module import ShutItModule class ianmiellaws(ShutItModule): def is_installed(self,shutit): return False def build(self,shutit): shutit.send_host_file('t2.pem','context/pems/t2.pem') return True def module(): return ianmiellaws( 'my.domain.ianmiellaws.ianmiellaws', 1159697827.00, description='', maintainer='' depends=['shutit.tk.setup','shutit.tk.aws.aws'] )
In the config file edit I put (replacing the stuff in caps with my details):
[my.domain.aws.aws] access_key_id:MYKEYHERE secret_access_key:MYSECRETACCESSKEYHERE region:MYREGION output:
Then build it:
/path/to/shutit build -m /path/to/shutit/library
Then run it:
docker run -t -i ianmiellaws /bin/bash
and you should be able to access your AWS services from wherever you have the container.
In the next posts I’ll show how to build on top of this to write a module to automatically provision an AWS instance and run a docker service on it.