This Puppet module will install awscli. It is works with Debian, RedHat and OSX(Tested on Yosemite using boxen) based distros.
OSX has been tested on Yosemite only and requires:
- boxen https://boxen.github.com
- boxen homebrew https://github.com/boxen/puppet-homebrew.
- Packages python and brew-pip are require to be install using boxen.
puppet module install --modulepath /path/to/puppet/modules jdowning-awscli
class { 'awscli': }
There are some optional class parameters, documentation can be found in init.pp.
You may want to add a credentials for awscli and can do so using awscli::profile
.
If you just define access_key_id and secret key, these credentials will work only for the root user:
awscli::profile { 'myprofile':
aws_access_key_id => 'MYAWSACCESSKEYID',
aws_secret_access_key => 'MYAWSSECRETACESSKEY'
}
You can also define a profile for a custom user:
awscli::profile { 'myprofile2':
user => 'ubuntu',
aws_access_key_id => 'MYAWSACCESSKEYID',
aws_secret_access_key => 'MYAWSSECRETACESSKEY'
}
If the user has a non-standard ${HOME}
location (/home/${USER}
on Linux,
/Users/${USER}
on Mac OS X), you can specify the homedir explicitly:
awscli::profile { 'myprofile3':
user => 'ubuntu',
homedir => '/tmp',
aws_access_key_id => 'MYAWSACCESSKEYID',
aws_secret_access_key => 'MYAWSSECRETACESSKEY'
}
To remove a profile, simply set $ensure => 'absent'
awscli::profile { 'myprofile3':
ensure => 'absent',
}
You can also define the profile's region and output format:
awscli::profile { 'myprofile4':
user => 'ubuntu',
aws_access_key_id => 'MYAWSACCESSKEYID',
aws_secret_access_key => 'MYAWSSECRETACESSKEY'
aws_region => 'eu-west-1',
output => 'text',
}
Finally, if you'd like to use a different profile name, you can specify profile_name directly as a parameter. You can read more in the aws-cli docs. (Note that this is
a potentially breaking change if you depended on the $title
for this previously):
awscli::profile { 'myprofile5':
profile_name => 'foo',
user => 'ubuntu',
aws_access_key_id => 'MYAWSACCESSKEYID',
aws_secret_access_key => 'MYAWSSECRETACESSKEY'
aws_region => 'eu-west-1',
output => 'text',
}
The above will result in a file ~ubuntu/.aws/config
that looks like this:
[profile foo]
region=eu-west-1
output=text
and a file ~ubuntu/.aws/credentials
that looks like this:
[foo]
aws_access_key_id=MYAWSACCESSKEYID
aws_secret_access_key=MYAWSSECRETACESSKEY
If you do not provide aws::profile::aws_access_key_id
and awscli::profile::aws_secret_access_key
,
then the aws-cli tool can use IAM roles to authenticate a user's request.
You can test this module with rspec:
bundle install
bundle exec rake spec
You can also test this module in a Vagrant box. There are two box definitons included in the
Vagrant file for CentOS and Ubuntu testing. You will need to use librarian-puppet
to setup dependencies:
bundle install
bundle exec librarian-puppet install
To test both boxes:
vagrant up
To test one distribution:
vagrant up [centos|ubuntu]