Changelog

Features

• #71: Add support for Classic load-balancers:

    $ awless list classicloadbalancers
    $ awless create classicloadbalancer name=my-loadb subnets=[sub-123,sub-456] listeners=HTTP:80:HTTP:8080 healthcheck-path=/health/ping  securitygroups=sg-54321 tags=Env:Test,Created:Awless
    $ awless update classicloadbalancer name=my-loadb health-interval=10 health-target=HTTP:80/weather/ health-timeout=300 healthy-threshold=10  unhealthy-threshold=5
    $ awless attach classicloadbalancer name=my-loadb instance=@redis-prod-1
    $ awless delete classicloadbalancer name=my-loadb

• #214: AWS_PROFILE env variable now loaded in awless in addition to the deprecated AWS_DEFAULT_PROFILE thanks to @alewando
• Better completion for attach mfadevice and attach user commands
• #219: Validate access key and secret key before writing into ~/.aws/credentials file

Fixes

• #220: Add double quotes to CSV output if needed thanks to @lllama
• Fix compilation error in templates with concatenation and reference (c.f. for example in this template)
• Parse integer beginning with '0' as string (preventing the deletion of the initial '0' for example in ... account.id=0123456789)

Changelog

Features

• Much better performance when synchronising all access data (IAM, etc.)

• Create instances now supports distro prompting for CentOS, Amazon Linux 2, CoreOS

  $ awless create instance name=myinst distro=amazonlinux:amzn2
  $ awless create instance distro=coreos
  $ awless create instance distro=centos name=myinst
  

• Avoiding extra throttling: Listing flag --filter now passes on the user wanted filtering down to the AWS API when possible so that less unneeded resources are fetched, bandwidth is reduced and some throttling avoided.

  For example:

  $ awless ls s3objects --filter bucket=website
  $ awless ls records --filter name=io
  $ awless ls containertasks --filter name=my-task-definition-name
  

• Support for region embedded in an AWS profile (i.e. shared config files ~/.aws/{credentials,config}). See #181 in Fixes for more details

• #191 Attach a certificate to a listener with: awless listener attach id=... certificate=... (see awless attach listener -h for more)

Fixes

• #200: Now paging is supported for s3 objects when listing
• #196: Regression fix SIGSEV when having AWS config with role assuming
• #182: Region embedded in profile taken into account and given correct precedence
• #144: Filtering done on AWS side when listing records for a given zone name
• #172: Filtering done on AWS side when listing containertasks for a given task definition name

Changelog

In this release, the local data model has been updated to support multi-account and stale data is removed when upgrading. Local data (ex: used for completion, etc...) will progressively be synced again through your usage of awless. Although, to get all your data now under the new model, you can manually run 'awless sync'

Features

• Support and seamless sync across multi-account (i.e. multiple profiles) and regions
• Enriched params prompting with optional/skippable but very common params. Can be disabled with --prompt-only-required or forced with --prompt-all to leverage smart completion for all params
• Automatically complete the username when deleting an access key by its ID, if it is contained in the local graph model:
  • awless delete accesskey id=ACCESSKEYID
• For awless update stack param stackfile can now slurp yml and json params files. Thanks to @Trane9991 (#167, #145)
• Better completion for template parameters independently of their display name
• Aliases can now be resolved to properties other than IDs. For example, they are resolved to ARN in attach/detach/update/delete policy: awless attach policy arn=@my-policy-name
• Running only awless switch now returns your current region and profile, allowing a quick and short region/profile lookup
• Better completion of slice properties

AWS Services

• Listing of Route53 records now contains a new column for aliases #181
• Create an image from an existing instance. See awless create image -h
  • awless create image instance=@my-instance-name name=redis-image description='redis prod image'
  • awless create image instance=i-0ee436a45561c04df name=redis-image reboot=true
  • List your images with awless ls images --sort created
  • Delete images with an awless revert ... or with awless delete image id=@redis-image
• #169: Start/Stop a RDS database:
  • awless start database id=my-db-id
  • awless stop database id=@my-db-name
  • awless restart database id=@my-db-name
• Restart an EC2 instance
  • awless restart instance id=id-1234
  • awless restart instance ids=@redis-prod-1,@redis-prod-2
• #176: Delete a DNS record only by its awless ID (see awless ls records) or by its name:
  • awless delete record id=awls-39ec0618
  • awless delete record [email protected]

Fixes

• Fix regression error: errors in dry run showed but where ignored hence user could wrongly confirm to run the template
• Delete a DNS record only by its awless ID

You can find attached binaries for OSX, Linux and Windows.

Changelog

Features

• Better prompting of template parameters
• Overall better logging output of template execution

AWS Services

• Create a database replica with: awless create database replica=...

You can find attached binaries for OSX, Linux and Windows.

Changelog

Features

• Better prompt completion for template parameters
• Create instance/launchconfiguration from community distro names (awless create instance distro=debian). In default config value, deprecation of instance.image in favor of instance.distro (migration should be seamless).
  • awless create instance distro=redhat:rhel:7.2
  • awless create launchconfiguration distro=canonical:ubuntu
  • awless create instance distro=debian
• Quick way to switch to profiles and regions. Ex: awless switch eu-west-1, awless switch mfa us-west-1
• Create a public subnet in only one command with: awless create subnet public=true...
• Save directly your newly created access key in ~/.aws/credentials with : awless create accesskey save=true
• Overall better logging output of template execution

AWS Services

• Update Cloudfront distribution with: awless update distribution...

You can find attached binaries for OSX, Linux and Windows.

Changelog

Overall re-design of AWS commands with full acceptance testing allowing for easier external contribution, greater flexibility and scalability moving forward

Features

• #154: awless ssh allow specifying both --port and --through-port
• #151: awless ssh using ip addresses. Ex: awless ssh 172.31.68.49 --through 172.31.11.249
• awless attach mfadevice now propose to automatically add the MFA device configuration to ~/.aws/config
• #158, #159: Added bash/zsh completion to regions and profiles. Thanks to @padilo

You can find attached binaries for OSX, Linux and Windows

Changelog

Features

• Complete flow to enable MFA for a user, including QRCode generation
• Much better output for awless log; default message (or user specified message) stored now in logs
• #143: Follow CloudFormation stack events: awless tail stack-events my-stack-name --follow. Thanks to @Trane9991.
• Support concatenation between {holes} and "quoted strings" in template with + operator: policy = create policy ... resource="arn:aws:iam::" + {account.id} + ":mfa/${aws:username}"

AWS Services

• Manage and listing of MFA devices: awless create/delete/attach/detach mfadevice, awless list mfadevices
• Support Network Load Balancers: awless create loadbalancer .... type=network ...
• Add conditions in policies and support multiple resources awless create policy ... conditions=\"aws:MultiFactorAuthPresent==true\" resource=arn:aws:iam::0123456789:mfa/test,arn:aws:iam::0123456789:user/test
• Add conditions in role creation awless create role name=awless-mfa-role principal-account=0123456789 conditions=\"aws:MultiFactorAuthPresent==true\"
• List the access keys of all users with awless list accesskeys (previously, only current user)
• Fetch role trust policy document: awless show my-role

Fixes

• Exit code is now non zero on template run with KO states

You can find attached binaries for OSX, Linux and Windows

Changelog

Features

• Local storage of cloud data (RDF store) now done using the NTriples text format instead of a binary format (transition completely transparent for the user). New format allows more friendly git revisioning of data compared to a binary format.
• #87: Customize columns displayed in awless list with --columns: awless ls instances --sort name --columns name,vpc,state,privateip
• Global --no-sync flag to not run any sync on command
• awless show policy-name/policy-id now displays the current policy Document (in JSON).

AWS Services

• Update IAM policies, to add statements with awless update policy
• Add ACM certificates in infra:
  • awless list certificates
  • awless create/delete/check certificate domains=my.firstdomain.com,my.seconddomain.com validation-domains=firstdomain.com,seconddomain.com
• #123: Listing route tables display the association IDs.

Fixes

• awless ssh --through: no reusing same conn to avoid EOF. Bug: only first user (amazonlinux) was successful (usually ec2-user) !!
• awless ssh --through: on new proxy client catching error that where shadowed

You can find attached binaries for OSX, Linux and Windows

Changelog

Features

• awless show command 'not found' error now suggests if resource with same reference exists in other locally synced regions
• awless template language now supports lists, for example: create loadbalancer subnets=[$subnet1, $subnet2]
• Variables in awless template language now support references, holes and lists, for example: mysecgroups = [$secgroup1, {my.secgroup},sg-123456]
• awless template language now supports holes in strings, for example: create instance name={prefix}database{version}
• awless update securitygroup can now authorize/revoke access from another security group: update securitygroup id=sg-12345 inbound=authorize portrange=any protocol=tcp securitygroup=sg-23456
• Template CLI prompt: better TAB completion of resources and their properties
• Man CLI examples for all one liners command. For example, awless create instance -h will display relevant CLI examples
• Add Type (AWS/Customer managed) and Attached (true/false) columns in awless list policies
• #129: flag --color=always/never to force enabling/disabling of colored output.

AWS Services

• List network interfaces with awless list networkinterfaces

Fixes

• Fix regression: listing a resource returned no results when this resource was disabled for sync. Listing should always fetch the resources and display what is on your cloud.
• #130: Better exit status code in awless show command
• Port ranges starting from 0 to n are no longer processed as from n to n.
• awless ssh --through: works without an SSH agent running; correct StrictHostkeyChecking; correct display for --print-config

You can find attached binaries for OSX, Linux and Windows

Changelog

Features

• Sync overall speed up and massive reducing in memory consumption
• SSH --through: awless ssh my-priv-inst --through my-pub-inst allow you to connect to a private instance by going through a public one in ths same VPC. You need to have the same keypair (SSH key) on both instances.
• Flag --profile-sync on awless sync to enable live profiling. Will dump mem and cpu Go profiling files for later inspection
• #109: Support caching of STS credentials for Multi-Factor Authentication.
• #126: Flag --no-alias in awless show force the display of IDs in relations.
• #126: Reverse sorting when listing resources with flag --reverse
• #120: Profile info is now included in execution logs and appended when suggesting revert action
• #82: Better template TAB completion (e.g. complete list of parameters)

AWS Services

• Instance Profiles: List them; attach them to an instance. Ex: attach instanceprofile name=..., awless ls instanceprofiles
• Replace in one command an InstanceProfile on a given instance with the replace=true param. Ex: attach instanceprofile .... replace=true
• Update Route53 records with awless update record

Fixes

• #116 No more sync Out Of Memory