Skip to content

Commit

Permalink
Initial code for CLI + Client
Browse files Browse the repository at this point in the history
  • Loading branch information
eyalstoler committed May 18, 2020
0 parents commit 72d67d5
Show file tree
Hide file tree
Showing 18 changed files with 788 additions and 0 deletions.
118 changes: 118 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class

# C extensions
*.so

# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST

# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec

# Installer logs
pip-log.txt
pip-delete-this-directory.txt

# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
.hypothesis/
.pytest_cache/

# Translations
*.mo
*.pot

# Django stuff:
*.log
local_settings.py
db.sqlite3

# Flask stuff:
instance/
.webassets-cache

# Scrapy stuff:
.scrapy

# Sphinx documentation
docs/_build/

# PyBuilder
target/

# Jupyter Notebook
.ipynb_checkpoints

# IPython
profile_default/
ipython_config.py

# pyenv
.python-version

# celery beat schedule file
celerybeat-schedule

# SageMath parsed files
*.sage.py

# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/

# Spyder project settings
.spyderproject
.spyproject

# Rope project settings
.ropeproject

# mkdocs documentation
/site

# mypy
.mypy_cache/
.dmypy.json
dmypy.json

# Pyre type checker
.pyre/

#idea files
.idea/
165 changes: 165 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,165 @@
# ssm-simple-cli

[![CircleCI](https://circleci.com/gh/circleci/circleci-docs.svg?style=shield)](https://circleci.com/gh/circleci/circleci-docs)

A Python based CLI that works with [AWS Systems Manager Parameter Store] in the simplest way possible.
Powered by [Boto3] & [Click]!

## Main Features
- Simple, intuitive and easy to use CLI to use as password managemant tool!
- Levraging AWS password managemant capabilities and without cost! Free of charge!
- Quick installation & lightweight
- Duality - Allows using both as CLI for developer to utilize and as also as a Python client to run in CI
- Hight test coverage for a reltively simple CLI

> The ssm-simple-cli is designated to act primarily as a CLI but it also allows using it as a Python client.
> Most of the instructions below will help you setup & use the ssm-simple-cli as a plain CLI.
> If you are interested in using it as a client within Python code you can read more in the [Development](##development) section.
## Installation
### Please make sure:
- You have Python 3 version installed.
- You are NOT on any virtualenv
- You have configured AWS credentials with the neccessary user profile permissions. See [AWS Permissions section](#aws-permissions--credentials) for more information.

```sh
$ pip install --editable .
```
## Initial Setup

> Since ssm-simple-cli uses [AWS Systems Manager Parameter Store] behind the scenes, you must have a valid AWS account with crednetials set up. See [AWS Permissions section](#aws-permissions--credentials) for more info.
After a fresh install, you will have to configure you cli for the first time:

```sh
$ ssm configure
```

This will require you to enter you AWS account credentials. You can also configure the ssm-simple-cli to point to a specific named AWS profile:

```sh
$ ssm configure -p <my-desired-aws-profile-name>
```

> To read more about multiple AWS profiles support [click here](#####multiple-aws-profile-support!).
## Usage

Once ssm-siple-cli was configure, simply type `ssm` in you desired shell to show the main help menu:

```console
$ ssm

Usage: ssm [OPTIONS] COMMAND [ARGS]...

Options:
--help Show this message and exit.

Commands:
configure Setup an initial configuration for this cli
describe Retrieve a list of available secrets
get Retrieve a specific secret.
put Submit a new secret to the SSM store
```

You can also use the `--help` flag on a specific command to find our more about it and its parameters:

```sh
$ ssm describe --help

Usage: ssm describe [OPTIONS]

Retrieve a list of available secrets

Options:
-c, --copy Copies the selected secret value to your clipboard
-g, --get Give you a prompt to choose which secret to get
-p, --path TEXT Describe only parameters located in a specific path (must start with "/")

--help Show this message and exit.

```

## AWS permissions & credentials

In order to run the ssm-simple-cli you must have a valid AWS account, AWS credentials and basic permissions to the [AWS Systems Manager Parameter Store]. Please read below in order to get more details.

### AWS Account
Just go to the [AWS homepage](https://aws.amazon.com/) and create an account. No initial sum requied!

### Credentials

AWS credentials are usually configured using the [aws-cli]. you should install the cli and then configure your AWS credentials using this command:

```sh
$ aws configure
```

[Click here](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html#cli-quick-configuration-creds) for more information on how to obtain such credentials

Once you have these credentials in place you will be able to [setup](##initial-setup) the ssm-simple-cli.

##### Multiple AWS Profile Support!
When you setup the [aws-cli], credentials are stored in a default AWS profile however if you use multiple [named AWS profiles](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) the ssm-simple-cli totally supports this!

> By default the ssm-simple-cli uses the "default" AWS profile
To view what current AWS profile I'm using simply run

```sh
$ ssm configure -s
```

This will print the curent AWS named profile the ssm-simple-cli is using.

If you wish to configure a different named AWS profile:

```sh
$ ssm configure -p <my-desired-aws-profile-name>
```

This will direct the ssm-simple-cli to use crednetials for this specific named AWS profile

### Permissions

Your user must have the proper permissions in AWS Systems Manager Parameter Store. See [this example](example/aws/policy/README.md) in this repo for more information.


## Develpoment

### Running within Python code
> Can be run in CI!
The ssm-simple-cli also allows running the actual commands within Python code. This provides a more holistic use of the same password mangemant tool & code in both the developer terminal & the actual CI build. Highly recommended!

To import the Python client code simply import the following classes:
```python
from cli.src.ssm_cli import CliConfiguration
from cli.src.ssm_client import SSMClient
```

To initialize the client simply configure a `CLIConfiguration` and provide it to the client

```python
# by default the ssm-simple-cli configuration file sits at '~/.ssm/config' but can be anywhere
config = CliConfiguration('<configuration-file-path>')
client = SSMClient(config)
```


### Todos

- Add MORE Tests
- Consider adding "delete" capability (Did not do it since it may be harmful)

License
----

MIT

[//]: #
[Boto3]: <https://boto3.amazonaws.com/v1/documentation/api/latest/index.html>
[Click]: <https://click.palletsprojects.com>
[aws-cli]: <https://aws.amazon.com/cli>
[AWS Systems Manager Parameter Store]: <https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter-store.html>
[git-repo-url]: <https://github.com/joemccann/dillinger.git>
Empty file added cli/__init__.py
Empty file.
Empty file added cli/src/__init__.py
Empty file.
Loading

0 comments on commit 72d67d5

Please sign in to comment.