A Mighty CLI for AWS
$ awless list classicloadbalancers
$ awless create classicloadbalancer name=my-loadb subnets=[sub-123,sub-456] listeners=HTTP:80:HTTP:8080 healthcheck-path=/health/ping securitygroups=sg-54321 tags=Env:Test,Created:Awless
$ awless update classicloadbalancer name=my-loadb health-interval=10 health-target=HTTP:80/weather/ health-timeout=300 healthy-threshold=10 unhealthy-threshold=5
$ awless attach classicloadbalancer name=my-loadb instance=@redis-prod-1
$ awless delete classicloadbalancer name=my-loadb
AWS_PROFILE
env variable now loaded in awless
in addition to the deprecated AWS_DEFAULT_PROFILE
thanks to @alewandoattach mfadevice
and attach user
commands~/.aws/credentials
file... account.id=0123456789
)Much better performance when synchronising all access data (IAM, etc.)
Create instances now supports distro prompting for CentOS, Amazon Linux 2, CoreOS
$ awless create instance name=myinst distro=amazonlinux:amzn2
$ awless create instance distro=coreos
$ awless create instance distro=centos name=myinst
Avoiding extra throttling: Listing flag --filter
now passes on the user wanted filtering down to the AWS API when possible so that less unneeded resources are fetched, bandwidth is reduced and some throttling avoided.
For example:
$ awless ls s3objects --filter bucket=website
$ awless ls records --filter name=io
$ awless ls containertasks --filter name=my-task-definition-name
Support for region embedded in an AWS profile (i.e. shared config files ~/.aws/{credentials,config}). See #181 in Fixes for more details
#191 Attach a certificate to a listener with: awless listener attach id=... certificate=...
(see awless attach listener -h for more)
In this release, the local data model has been updated to support multi-account and stale data is removed when upgrading. Local data (ex: used for completion, etc...) will progressively be synced again through your usage of awless. Although, to get all your data now under the new model, you can manually run 'awless sync'
--prompt-only-required
or forced with --prompt-all
to leverage smart completion for all paramsawless delete accesskey id=ACCESSKEYID
awless update stack
param stackfile
can now slurp yml and json params files. Thanks to @Trane9991 (#167, #145)awless attach policy arn=@my-policy-name
awless switch
now returns your current region and profile, allowing a quick and short region/profile lookupawless create image -h
awless create image instance=@my-instance-name name=redis-image description='redis prod image'
awless create image instance=i-0ee436a45561c04df name=redis-image reboot=true
awless ls images --sort created
awless revert ...
or with awless delete image id=@redis-image
awless start database id=my-db-id
awless stop database id=@my-db-name
awless restart database id=@my-db-name
awless restart instance id=id-1234
awless restart instance ids=@redis-prod-1,@redis-prod-2
awless ls records
) or by its name:
awless delete record id=awls-39ec0618
awless delete record [email protected]
You can find attached binaries for OSX, Linux and Windows.
awless create instance distro=debian
). In default config value, deprecation of instance.image
in favor of instance.distro
(migration should be seamless).
awless create instance distro=redhat:rhel:7.2
awless create launchconfiguration distro=canonical:ubuntu
awless create instance distro=debian
awless switch eu-west-1
, awless switch mfa us-west-1
awless create subnet public=true...
~/.aws/credentials
with : awless create accesskey save=true
awless update distribution...
You can find attached binaries for OSX, Linux and Windows.
Overall re-design of AWS commands with full acceptance testing allowing for easier external contribution, greater flexibility and scalability moving forward
awless ssh
allow specifying both --port
and --through-port
awless ssh
using ip addresses. Ex: awless ssh 172.31.68.49 --through 172.31.11.249
awless attach mfadevice
now propose to automatically add the MFA device configuration to ~/.aws/config
You can find attached binaries for OSX, Linux and Windows
awless log
; default message (or user specified message) stored now in logsawless tail stack-events my-stack-name --follow
. Thanks to @Trane9991.{holes}
and "quoted strings"
in template with +
operator: policy = create policy ... resource="arn:aws:iam::" + {account.id} + ":mfa/${aws:username}"
awless create/delete/attach/detach mfadevice
, awless list mfadevices
awless create loadbalancer .... type=network ...
awless create policy ... conditions=\"aws:MultiFactorAuthPresent==true\" resource=arn:aws:iam::0123456789:mfa/test,arn:aws:iam::0123456789:user/test
awless create role name=awless-mfa-role principal-account=0123456789 conditions=\"aws:MultiFactorAuthPresent==true\"
awless list accesskeys
(previously, only current user)awless show my-role
You can find attached binaries for OSX, Linux and Windows
awless list
with --columns
: awless ls instances --sort name --columns name,vpc,state,privateip
--no-sync
flag to not run any sync on commandawless show policy-name/policy-id
now displays the current policy Document (in JSON).awless update policy
awless list certificates
awless create/delete/check certificate domains=my.firstdomain.com,my.seconddomain.com validation-domains=firstdomain.com,seconddomain.com
awless ssh --through
: no reusing same conn to avoid EOF. Bug: only first user (amazonlinux) was successful (usually ec2-user) !!awless ssh --through
: on new proxy client catching error that where shadowedYou can find attached binaries for OSX, Linux and Windows
awless show
command 'not found' error now suggests if resource with same reference exists in other locally synced regionsawless
template language now supports lists, for example: create loadbalancer subnets=[$subnet1, $subnet2]
awless
template language now support references, holes and lists, for example: mysecgroups = [$secgroup1, {my.secgroup},sg-123456]
awless
template language now supports holes in strings, for example: create instance name={prefix}database{version}
awless update securitygroup
can now authorize/revoke access from another security group: update securitygroup id=sg-12345 inbound=authorize portrange=any protocol=tcp securitygroup=sg-23456
awless create instance -h
will display relevant CLI examplesType
(AWS/Customer managed) and Attached
(true/false) columns in awless list policies
--color=always/never
to force enabling/disabling of colored output.awless list networkinterfaces
awless show
commandawless ssh --through
: works without an SSH agent running; correct StrictHostkeyChecking; correct display for --print-config
You can find attached binaries for OSX, Linux and Windows
--through
: awless ssh my-priv-inst --through my-pub-inst
allow you to connect to a private instance by going through a public one in ths same VPC. You need to have the same keypair (SSH key) on both instances.--profile-sync
on awless sync
to enable live profiling. Will dump mem
and cpu
Go profiling files for later inspection--no-alias
in awless show
force the display of IDs in relations.--reverse
attach instanceprofile name=...
, awless ls instanceprofiles
replace=true
param. Ex: attach instanceprofile .... replace=true
awless update record