Starting up ec2-groups-dumper

Question

Starting up ec2-groups-dumper

MoroccoIT opened this issue 7 years ago · comments

Jalil Aboufariss commented 7 years ago

Greetings All,

I was wondering if someone is using this script could shed some light please..

First in the this Doc EC2 dumper script the script name in the install command has dashes and not underscores, like so:
pip install ec2-security-groups-dumper

So I used the name with underscores to install it: ec2_security_groups_dumper (see below)

bash-3.2$ pip install ec2_security_groups_dumper Collecting ec2_security_groups_dumper Downloading ec2-security-groups-dumper-1.7.1.tar.gz Collecting boto (from ec2_security_groups_dumper) Downloading boto-2.48.0-py2.py3-none-any.whl (1.4MB) 100% |████████████████████████████████| 1.4MB 718kB/s Collecting docopt (from ec2_security_groups_dumper) Downloading docopt-0.6.2.tar.gz Installing collected packages: boto, docopt, ec2-security-groups-dumper Running setup.py install for docopt ... done Running setup.py install for ec2-security-groups-dumper ... done Successfully installed boto-2.48.0 docopt-0.6.2 ec2-security-groups-dumper-1.7.1

2. Now, I am having issues running the script:

Please note, I run it with dashes and underscores, nothing works

>> with underscores
bash-3.2$ ec2_security_groups_dumper --json > /tmp/ec2-sec-grp.csv bash: ec2_security_groups_dumper: command not found
>> with dashes
bash-3.2$ ec2-security-groups-dumper --json > /tmp/ec2-sec-grp.csv bash: ec2-security-groups-dumper: command not found

Here is the directory I am running it from: as you can see the script name has underscores and not dashes, but in the Doc it uses dashes.. I am confused :(
bash-3.2$ ls -ltr
-rwxr-xr-x@ 1 abdel.aboufariss staff 999 Aug 25 15:16 setup.py
drwxr-xr-x@ 4 abdel.aboufariss staff 136 Aug 25 15:16 ec2_security_groups_dumper
-rwxr-xr-x@ 1 abdel.aboufariss staff 204 Aug 25 15:16 circle.yml
-rwxr-xr-x@ 1 abdel.aboufariss staff 252 Aug 25 15:16 Makefile
-rwxr-xr-x@ 1 abdel.aboufariss staff 35122 Aug 25 15:16 LICENSE
-rwxr-xr-x@ 1 abdel.aboufariss staff 1238 Oct 6 17:49 README.md

Thanks for your input..
-AJ

Ian Bishop · Answer 1 · Sun Oct 08 2017 17:04:25 GMT+0800 (China Standard Time)

If you ran pip install as root, then the script should get installed to /usr/bin/ec2-security-groups-dumper. It's possible it's ended up in your home directory under ~/.local/bin

I intentionally installed the script into my home directory using pip install -U --user ec2-security-groups-dumper. Then I use it by calling ~/.local/bin/ec2-security-groups-dumper --json

Jalil Aboufariss · Answer 2 · Mon Oct 09 2017 10:44:36 GMT+0800 (China Standard Time)

Thank you so much @porjo !! I was able to get one step further :)

Now, I have AWS permissions issue which I highlighted below.. I was wondering if I need to set my Access Key and Secret Key somewhere within the script ? Please note, I also use MFA to access my AWS Acct.. Not sure how my AWS access info is called by this script ?

`$ ~/.local/bin/ec2-security-groups-dumper --csv > /tmp/security-info.csv

Traceback (most recent call last):

File "/home/username/.local/bin/ec2-security-groups-dumper", line 9, in
load_entry_point('ec2-security-groups-dumper==1.7.1', 'console_scripts', 'ec2-security-groups-dumper')()

File "/home/username/.local/lib/python2.7/site-packages/ec2_security_groups_dumper/main.py", line 347, in main

firewall = Firewall(region=region, profile=profile, vpc=vpc)

File "/home/username/.local/lib/python2.7/site-packages/ec2_security_groups_dumper/main.py", line 117, in init

self.dict_rules = self._get_rules_from_aws()

File "/home/username/.local/lib/python2.7/site-packages/ec2_security_groups_dumper/main.py", line 278, in _get_rules_from_aws

security_groups = conn.get_all_security_groups(filters=self.filters)

File "/usr/lib/python2.7/dist-packages/boto/ec2/connection.py", line 2984, in get_all_security_groups

[('item', SecurityGroup)], verb='POST')

File "/usr/lib/python2.7/dist-packages/boto/connection.py", line 1186, in get_list

raise self.ResponseError(response.status, response.reason, body)

boto.exception.EC2ResponseError: EC2ResponseError: 401 Unauthorized

AuthFailureAWS was not able to validate the provided access credentials463e-----63-1-4-----aaf--------

`

Jalil Aboufariss · Answer 3 · Tue Oct 10 2017 02:01:27 GMT+0800 (China Standard Time)

@porjo I did figure this out after I setup AWS CONFIGURE properly..
Thank you so much for your input, that gave me a good starting point to resolve my issue..

And big Thanks to @lra Laurent Raufaste for providing this COOL script ! Now, my whole AWS Security Environment is backed up & monitored closely 👍

This is the best script for this purpose I've seen out there.. Thank you !!