Inputs & Outputs

AWSClient

Contains AWS API connection details
It is used as an input to many of the actions in this plugin

Generating API Access Keys

See this AWS article if you need to generate API access keys.

Supplying Credentials

You should always use a PPA Vault integration to provide credentials to a plugin action.

Required Keys

access_key_id: AWS access key ID

secret_access_key: AWS secret access key

Example

1
2
3

aws_client:
  access_key_id: your_access_key_id
  secret_access_key: your_secret_access_key

EC2IPRange

Contains IP range properties associated with an inbound/outbound rule

EC2IPRange Keys

cidr_ip: allowed source/destination CIDR address

description: description for the IP range associated with the rule

YAML Structure

1 2	`cidr_ip: 1.2.3.4/5 description: SSH Access from Corporate Office`

EC2InboundRule

Contains properties for an inbound rule associated with an EC2 security group

EC2InboundRule Keys

protocol: rule protocol (tcp, udp, or -1 for any)

ip_ranges: list of EC2IPRanges associated with the rule

from_port: rule start port

to_port: rule end port

YAML Structure

protocol: tcp
ip_ranges:
  - cidr_ip: 1.2.3.4/5
    description: SSH Access from Corporate Office
from_port: 22
to_port: 22

EC2Instance

Contains EC2 instance properties

EC2Instance Keys

image_id: ID of the image used by the instance

instance_id: ID of the instance

instance_type: type of the instance

key_name: name of the public/private key pair associated with the instance

launch_time: time of launch (format: 06:45:23 09/07/2020)

monitoring: state of instance monitoring (enabled or disabled)

platform: platform type (windows or None)

private_dns_name: instance private dns name

private_ip_address: instance private IP address

public_dns_name: instance public DNS name

state: instance state (starting, running, stopping, stopped, or terminated)

vpc_id: ID of the instance VPC

subnet_id: ID of the subnet the instance was launched in

security_groups: list of dictionaries containing the name & group_id of each EC2SecurityGroup associated with the instance

root_device_type: type of the instance root volume (ebs or an instance store volume)

tags: a list of dictionaries containing the key & value of each tag associated with the instance

cpu_options: instance CPU options dictionary containing core_count & threads_per_core

YAML Structure

image_id: ami-00f6a0c18edb19300
instance_id: i-0e88060c12d5d7e71
instance_type: t2.micro
key_name: ubuntu-server
launch_time: 06:45:23 09/07/2020
monitoring: disabled
platform: windows
private_dns_name: ip-172-31-5-236.eu-west-2.compute.internal
private_ip_address: 172.31.5.236
public_dns_name:
state: stopped
vpc_id: vpc-9e5cd4d5
subnet_id: subnet-80c3d1e7
security_groups:
- name: SSH Access
  group_id: sg-033f2b3f97134d512
root_device_type: ebs
tags:
- key: Name
  value: Ubuntu Server
- key: Environment
  value: UAT
cpu_options:
  core_count: 2
  threads_per_core: 4

EC2InstanceProcessorInfo

Contains EC2 Instance type processor information

EC2InstanceProcessorInfo Keys

supported_architectures: a list of processor architectures supported by the instance type

sustained_clock_speed: the sustained clock speed in GHz

YAML Structure

1
2
3

supported_architectures:
  - x86_64
sustained_clock_speed: 3.1

EC2InstanceType

Contains properties for an EC2 Instance type

EC2InstanceType Keys

name: the name of the instance type

bare_metal: indicates whether the instance type is bare metal

free_tier_eligible: indicates whether the instance type is free tier eligible

supported_usage_classes: indicates whether the instance type is offered for spot, on-demand, or both

hypervisor: the instance type hypervisor (usually xen or nitro)

memory: the memory of the instance type in MiB

vcpu_info: an EC2InstanceVCPUInfo dictionary containing instance type VCPU details

processor_info: an EC2InstanceProcessorInfo dictionary containing instance type processor details

YAML Structure

name: t3.nano
bare_metal: false
free_tier_eligible: false
supported_usage_classes:
  - on-demand
  - spot
hypervisor: nitro
vcpu_info:
  default_vcpus: 2
  default_cores: 1
  default_threads_per_core: 2
  valid_cores:
    - 1
  valid_threads_per_core:
    - 1
    - 2
processor_info:
  supported_architectures:
    - x86_64
  sustained_clock_speed: 2.5
memory: 512

EC2InstanceVCPUInfo

Contains EC2 Instance type VCPU information

EC2InstanceVCPUInfo Keys

default_vcpus: the default number of VCPUs

default_cores: the default number of VCPU cores

default_threads_per_core: the default number of threads per VCPU core

valid_cores: a list of valid core numbers

valid_threads_per_core: a list of valid threads per core

YAML Structure

default_vcpus: 2
default_cores: 1
default_threads_per_core: 2
valid_cores:
  - 1
valid_threads_per_core:
  - 1
  - 2

EC2KeyPair

Contains EC2 key pair properties

EC2KeyPair Keys

name: name of the key pair

key_pair_id: the ID of the key pair

fingerprint: the key fingerprint

tags: a list of dictionaries containing the key & value of each tag associated with the key pair

YAML Structure

name: uat-ubuntu-servers
key_pair_id: key-08e7e20d238ce6rc5
fingerprint: 17:ef:57:2d:5b:b4:bb:f2:9f:09:09:fc:d4:f7:3c:23:b4:04:14:f6
tags:
  - key: environment
    value: UAT

EC2OutboundRule

Contains properties for an outbound rule associated with an EC2 security group

EC2OutboundRule Keys

protocol: rule protocol (tcp, udp, or -1 for any)

ip_ranges: list of EC2IPRanges associated with the rule

from_port: rule start port

to_port: rule end port

YAML Structure

protocol: tcp
ip_ranges:
- cidr_ip: 1.2.3.4/5
  description: Outbound Access to Corporate Office
from_port: 22
to_port: 22

EC2SecurityGroup

Contains EC2 security group properties

EC2SecurityGroup Keys

description: description of the security group

name: name of the security group

owner_id: ID of the security group owner

group_id: ID of the security group

vpc_id: ID of the security group VPC

inbound_rules: a list of EC2InboundRules configured in the security group

outbound_rules: a list of EC2OutboundRules configured in the security group

tags: a list of dictionaries containing the key & value of each tag associated with the security group

YAML Structure

description: SSH access on port 22
name: SSH
owner_id: 381957475495
group_id: 'sg-04cd36d28fe84e079'
vpc_id: vpc-1c0be4g4
inbound_rules:
  - protocol: tcp
    ip_ranges:
    - cidr_ip: 1.2.3.4/5
      description: SSH Access from Corporate Office
    from_port: 22
    to_port: 22
outbound_rules:
  - protocol: tcp
    ip_ranges:
    - cidr_ip: 1.2.3.4/5
      description: Outbound Access to Corporate Office
    from_port: 22
    to_port: 22
tags:
  - key: environment
    value: production

EC2VPC

Contains properties for an EC2 Virtual Private Cloud

EC2VPC Keys

cidr_block: CIDR address range for the VPC

is_default: indicates whether it is the default VPC

state: VPC state

vpc_id: ID of the VPC

tags: a list of dictionaries containing the key & value of each tag associated with the VPC

YAML Structure

cidr_block: 172.31.0.0/16
is_default: true
state: available
vpc_id: vpc-0d7fbc6c4aa6c1ee3
tags:
  - key: name
    value: Default VPC

IAMGroup

Contains IAM group information

Group Keys

name: the name of the group

group_id: the group's ID

arn: the Amazon resource name

created_at: the date & time the group was created

YAML Structure

name: EC2Admins
group_id: AGPAVR3TQRSTWXAIUDVV7
arn: arn:aws:iam::[account-id]:group/EC2Admins
created_at: 10:06:43 19/01/2021

IAMUser

Contains IAM user information

User Keys

name: the name of the user

user_id: the user's ID

created_at: the date & time the user was created

password_last_user: the date & time the password was last used (or null if never used)

YAML Structure

name: john.smith
user_id: AIDAVR3TQRST3WZ2QQZTU
created_at: 11:19:46 25/01/2021
password_last_used: null