hundredacres/puppet-awscli

Puppet module to install awscli

awscli

Description

This Puppet module will install awscli. It is works with Debian, RedHat and OSX(Tested on Yosemite using boxen) based distros.

OSX has been tested on Yosemite only and requires:

• boxen https://boxen.github.com
• boxen homebrew https://github.com/boxen/puppet-homebrew.
• Packages python and brew-pip are require to be install using boxen.

Installation

puppet module install --modulepath /path/to/puppet/modules jdowning-awscli

Usage

class { 'awscli': }

There are some optional class parameters, documentation can be found in init.pp.

Profiles

You may want to add a credentials for awscli and can do so using awscli::profile. If you just define access_key_id and secret key, these credentials will work only for the root user:

awscli::profile { 'myprofile':
  aws_access_key_id     => 'MYAWSACCESSKEYID',
  aws_secret_access_key => 'MYAWSSECRETACESSKEY'
}

You can also define a profile for a custom user:

awscli::profile { 'myprofile2':
  user                  => 'ubuntu',
  aws_access_key_id     => 'MYAWSACCESSKEYID',
  aws_secret_access_key => 'MYAWSSECRETACESSKEY'
}

If the user has a non-standard ${HOME} location (/home/${USER} on Linux, /Users/${USER} on Mac OS X), you can specify the homedir explicitly:

awscli::profile { 'myprofile3':
  user                  => 'ubuntu',
  homedir               => '/tmp',
  aws_access_key_id     => 'MYAWSACCESSKEYID',
  aws_secret_access_key => 'MYAWSSECRETACESSKEY'
}

To remove a profile, simply set $ensure => 'absent'

awscli::profile { 'myprofile3':
  ensure => 'absent',
}

You can also define the profile's region and output format:

awscli::profile { 'myprofile4':
  user                  => 'ubuntu',
  aws_access_key_id     => 'MYAWSACCESSKEYID',
  aws_secret_access_key => 'MYAWSSECRETACESSKEY'
  aws_region            => 'eu-west-1',
  output                => 'text',
}

Finally, if you'd like to use a different profile name, you can specify profile_name directly as a parameter. You can read more in the aws-cli docs. (Note that this is a potentially breaking change if you depended on the $title for this previously):

awscli::profile { 'myprofile5':
  profile_name          => 'foo',
  user                  => 'ubuntu',
  aws_access_key_id     => 'MYAWSACCESSKEYID',
  aws_secret_access_key => 'MYAWSSECRETACESSKEY'
  aws_region            => 'eu-west-1',
  output                => 'text',
}

The above will result in a file ~ubuntu/.aws/config that looks like this:

[profile foo]
region=eu-west-1
output=text

and a file ~ubuntu/.aws/credentials that looks like this:

[foo]
aws_access_key_id=MYAWSACCESSKEYID
aws_secret_access_key=MYAWSSECRETACESSKEY

If you do not provide aws::profile::aws_access_key_id and awscli::profile::aws_secret_access_key, then the aws-cli tool can use IAM roles to authenticate a user's request.

Testing

You can test this module with rspec:

bundle install
bundle exec rake spec

Vagrant

You can also test this module in a Vagrant box. There are two box definitons included in the Vagrant file for CentOS and Ubuntu testing. You will need to use librarian-puppet to setup dependencies:

bundle install
bundle exec librarian-puppet install

To test both boxes:

vagrant up

To test one distribution:

vagrant up [centos|ubuntu]