Inputs & Outputs

AWSClient

  • Contains AWS API connection details

  • It is used as an input to many of the actions in this plugin

Generating API Access Keys

See this AWS article if you need to generate API access keys.

Supplying Credentials

You should always use a PPA Vault integration to provide credentials to a plugin action.

Required Keys

access_key_id: AWS access key ID

secret_access_key: AWS secret access key

Example

1
2
3
aws_client:
  access_key_id: your_access_key_id
  secret_access_key: your_secret_access_key

IPRange

  • Contains IP range properties associated with an inbound/outbound rule
IPRange Keys

cidr_ip: allowed source/destination CIDR address

description: description for the IP range associated with the rule

YAML Structure
1
2
cidr_ip: 1.2.3.4/5
description: SSH Access from Corporate Office

InboundRule

  • Contains properties for an inbound rule associated with an EC2 security group
InboundRule Keys

protocol: rule protocol (tcp, udp, or -1 for any)

ip_ranges: list of IPRanges associated with the rule

from_port: rule start port

to_port: rule end port

YAML Structure
1
2
3
4
5
6
protocol: tcp
ip_ranges:
  - cidr_ip: 1.2.3.4/5
    description: SSH Access from Corporate Office
from_port: 22
to_port: 22

Instance

  • Contains EC2 instance properties
Instance Keys

image_id: ID of the image used by the instance

instance_id: ID of the instance

instance_type: type of the instance

key_name: name of the public/private key pair associated with the instance

launch_time: time of launch (format: 06:45:23 09/07/2020)

monitoring: state of instance monitoring (enabled or disabled)

platform: platform type (windows or None)

private_dns_name: instance private dns name

private_ip_address: instance private IP address

public_dns_name: instance public DNS name

state: instance state (starting, running, stopping, stopped, or terminated)

vpc_id: ID of the instance VPC

subnet_id: ID of the subnet the instance was launched in

security_groups: list of dictionaries containing the name & group_id of each SecurityGroup associated with the instance

root_device_type: type of the instance root volume (ebs or an instance store volume)

tags: a list of dictionaries containing the key & value of each tag associated with the instance

cpu_options: instance CPU options dictionary containing core_count & threads_per_core

YAML Structure
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
image_id: ami-00f6a0c18edb19300
instance_id: i-0e88060c12d5d7e71
instance_type: t2.micro
key_name: ubuntu-server
launch_time: 06:45:23 09/07/2020
monitoring: disabled
platform: windows
private_dns_name: ip-172-31-5-236.eu-west-2.compute.internal
private_ip_address: 172.31.5.236
public_dns_name:
state: stopped
vpc_id: vpc-9e5cd4d5
subnet_id: subnet-80c3d1e7
security_groups:
- name: SSH Access
  group_id: sg-033f2b3f97134d512
root_device_type: ebs
tags:
- key: Name
  value: Ubuntu Server
- key: Environment
  value: UAT
cpu_options:
  core_count: 2
  threads_per_core: 4

InstanceType

  • Contains properties for an EC2 Instance type
InstanceType Keys

name: the name of the instance type

bare_metal: indicates whether the instance type is bare metal

free_tier_eligible: indicates whether the instance type is free tier eligible

supported_usage_classes: indicates whether the instance type is offered for spot, on-demand, or both

hypervisor: the instance type hypervisor (usually xen or nitro)

memory: the memory of the instance type in MiB

vcpu_info: a VCPUInfo dictionary containing instance type VCPU details

processor_info: a ProcessorInfo dictionary containing instance type processor details

YAML Structure
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
name: t3.nano
bare_metal: false
free_tier_eligible: false
supported_usage_classes:
  - on-demand
  - spot
hypervisor: nitro
vcpu_info:
  default_vcpus: 2
  default_cores: 1
  default_threads_per_core: 2
  valid_cores:
    - 1
  valid_threads_per_core:
    - 1
    - 2
processor_info:
  supported_architectures:
    - x86_64
  sustained_clock_speed: 2.5
memory: 512

KeyPair

  • Contains EC2 key pair properties
KeyPair Keys

name: name of the key pair

key_pair_id: the ID of the key pair

fingerprint: the key fingerprint

tags: a list of dictionaries containing the key & value of each tag associated with the key pair

YAML Structure
1
2
3
4
5
6
name: uat-ubuntu-servers
key_pair_id: key-08e7e20d238ce6rc5
fingerprint: 17:ef:57:2d:5b:b4:bb:f2:9f:09:09:fc:d4:f7:3c:23:b4:04:14:f6
tags:
  - key: environment
    value: UAT

OutboundRule

  • Contains properties for an outbound rule associated with an EC2 security group
OutboundRule Keys

protocol: rule protocol (tcp, udp, or -1 for any)

ip_ranges: list of IPRanges associated with the rule

from_port: rule start port

to_port: rule end port

YAML Structure
1
2
3
4
5
6
protocol: tcp
ip_ranges:
- cidr_ip: 1.2.3.4/5
  description: Outbound Access to Corporate Office
from_port: 22
to_port: 22

ProcessorInfo

  • Contains EC2 Instance type processor information
ProcessorInfo Keys

supported_architectures: a list of processor architectures supported by the instance type

sustained_clock_speed: the sustained clock speed in GHz

YAML Structure
1
2
3
supported_architectures:
  - x86_64
sustained_clock_speed: 3.1

SecurityGroup

  • Contains EC2 security group properties
SecurityGroup Keys

description: description of the security group

name: name of the security group

owner_id: ID of the security group owner

group_id: ID of the security group

vpc_id: ID of the security group VPC

inbound_rules: a list of InboundRules configured in the security group

outbound_rules: a list of OutboundRules configured in the security group

tags: a list of dictionaries containing the key & value of each tag associated with the security group

YAML Structure
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
description: SSH access on port 22
name: SSH
owner_id: 381957475495
group_id: 'sg-04cd36d28fe84e079'
vpc_id: vpc-1c0be4g4
inbound_rules:
  - protocol: tcp
    ip_ranges:
    - cidr_ip: 1.2.3.4/5
      description: SSH Access from Corporate Office
    from_port: 22
    to_port: 22
outbound_rules:
  - protocol: tcp
    ip_ranges:
    - cidr_ip: 1.2.3.4/5
      description: Outbound Access to Corporate Office
    from_port: 22
    to_port: 22
tags:
  - key: environment
    value: production

VCPUInfo

  • Contains EC2 Instance type VCPU information
VCPUInfo Keys

default_vcpus: the default number of VCPUs

default_cores: the default number of VCPU cores

default_threads_per_core: the default number of threads per VCPU core

valid_cores: a list of valid core numbers

valid_threads_per_core: a list of valid threads per core

YAML Structure
1
2
3
4
5
6
7
8
default_vcpus: 2
default_cores: 1
default_threads_per_core: 2
valid_cores:
  - 1
valid_threads_per_core:
  - 1
  - 2

VPC

  • Contains properties for an EC2 Virtual Private Cloud
VPC Keys

cidr_block: CIDR address range for the VPC

is_default: indicates whether it is the default VPC

state: VPC state

vpc_id: ID of the VPC

tags: a list of dictionaries containing the key & value of each tag associated with the VPC

YAML Structure
1
2
3
4
5
6
7
cidr_block: 172.31.0.0/16
is_default: true
state: available
vpc_id: vpc-0d7fbc6c4aa6c1ee3
tags:
  - key: name
    value: Default VPC