Inputs & Outputs

AWSClient

  • Contains AWS API connection details

  • It is used as an input to many of the actions in this plugin

Generating API Access Keys

See this AWS article if you need to generate API access keys.

Supplying Credentials

You should always use a PPA Vault integration to provide credentials to a plugin action.

Required Keys

access_key_id: AWS access key ID

secret_access_key: AWS secret access key

Example

1
2
3
aws_client:
  access_key_id: your_access_key_id
  secret_access_key: your_secret_access_key

IPRange

  • Contains IP range properties associated with an inbound/outbound rule
IPRange Keys

cidr_ip: allowed source/destination CIDR address

description: description for the IP range associated with the rule

YAML Structure
1
2
cidr_ip: 1.2.3.4/5
description: SSH Access from Corporate Office

InboundRule

  • Contains properties for an inbound rule associated with an EC2 security group
InboundRule Keys

protocol: rule protocol (tcp, udp, or -1 for any)

ip_ranges: list of IPRanges associated with the rule

from_port: rule start port

to_port: rule end port

YAML Structure
1
2
3
4
5
6
protocol: tcp
ip_ranges:
  - cidr_ip: 1.2.3.4/5
    description: SSH Access from Corporate Office
from_port: 22
to_port: 22

Instance

  • Contains EC2 instance properties
Instance Keys

image_id: ID of the image used by the instance

instance_id: ID of the instance

instance_type: type of the instance

key_name: name of the public/private key pair associated with the instance

launch_time: time of launch (format: 06:45:23 09/07/2020)

monitoring: state of instance monitoring (enabled or disabled)

private_dns_name: instance private dns name

private_ip_address: instance private IP address

public_dns_name: instance public DNS name

state: instance state (starting, running, stopping, stopped, or terminated)

vpc_id: ID of the instance VPC

subnet_id: ID of the subnet the instance was launched in

security_groups: list of dictionaries containing the name & group_id of each SecurityGroup associated with the instance

root_device_type: type of the instance root volume (ebs or an instance store volume)

tags: a list of dictionaries containing the key & value of each tag associated with the instance

cpu_options: instance CPU options dictionary containing core_count & threads_per_core

YAML Structure
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
image_id: ami-00f6a0c18edb19300
instance_id: i-0e88060c12d5d7e71
instance_type: t2.micro
key_name: ubuntu-server
launch_time: 06:45:23 09/07/2020
monitoring: disabled
private_dns_name: ip-172-31-5-236.eu-west-2.compute.internal
private_ip_address: 172.31.5.236
public_dns_name:
state: stopped
vpc_id: vpc-9e5cd4d5
subnet_id: subnet-80c3d1e7
security_groups:
- name: SSH Access
  group_id: sg-033f2b3f97134d512
root_device_type: ebs
tags:
- key: Name
  value: Ubuntu Server
- key: Environment
  value: UAT
cpu_options:
  core_count: 2
  threads_per_core: 4

OutboundRule

  • Contains properties for an outbound rule associated with an EC2 security group
OutboundRule Keys

protocol: rule protocol (tcp, udp, or -1 for any)

ip_ranges: list of IPRanges associated with the rule

from_port: rule start port

to_port: rule end port

YAML Structure
1
2
3
4
5
6
protocol: tcp
ip_ranges:
- cidr_ip: 1.2.3.4/5
  description: Outbound Access to Corporate Office
from_port: 22
to_port: 22

SecurityGroup

  • Contains EC2 security group properties
SecurityGroup Keys

description: description of the security group

name: name of the security group

owner_id: ID of the security group owner

group_id: ID of the security group

vpc_id: ID of the security group VPC

inbound_rules: a list of InboundRules configured in the security group

outbound_rules: a list of OutboundRules configured in the security group

tags: a list of dictionaries containing the key & value of each tag associated with the security group

YAML Structure
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
description: SSH access on port 22
name: SSH
owner_id: 381957475495
group_id: 'sg-04cd36d28fe84e079'
vpc_id: vpc-1c0be4g4
inbound_rules:
  - protocol: tcp
    ip_ranges:
    - cidr_ip: 1.2.3.4/5
      description: SSH Access from Corporate Office
    from_port: 22
    to_port: 22
outbound_rules:
  - protocol: tcp
    ip_ranges:
    - cidr_ip: 1.2.3.4/5
      description: Outbound Access to Corporate Office
    from_port: 22
    to_port: 22
tags:
  - key: environment
    value: production

VPC

  • Contains properties for an EC2 Virtual Private Cloud
VPC Keys

cidr_block: CIDR address range for the VPC

is_default: indicates whether it is the default VPC

state: VPC state

vpc_id: ID of the VPC

tags: a list of dictionaries containing the key & value of each tag associated with the VPC

YAML Structure
1
2
3
4
5
6
7
cidr_block: 172.31.0.0/16
is_default: true
state: available
vpc_id: vpc-0d7fbc6c4aa6c1ee3
tags:
  - key: name
    value: Default VPC