Starting up ec2-groups-dumper
MoroccoIT opened this issue · comments
Greetings All,
I was wondering if someone is using this script could shed some light please..
- First in the this Doc EC2 dumper script the script name in the install command has dashes and not underscores, like so:
pip installec2-security-groups-dumper
So I used the name with underscores to install it: ec2_security_groups_dumper
(see below)
bash-3.2$ pip install ec2_security_groups_dumper Collecting ec2_security_groups_dumper Downloading ec2-security-groups-dumper-1.7.1.tar.gz Collecting boto (from ec2_security_groups_dumper) Downloading boto-2.48.0-py2.py3-none-any.whl (1.4MB) 100% |████████████████████████████████| 1.4MB 718kB/s Collecting docopt (from ec2_security_groups_dumper) Downloading docopt-0.6.2.tar.gz Installing collected packages: boto, docopt, ec2-security-groups-dumper Running setup.py install for docopt ... done Running setup.py install for ec2-security-groups-dumper ... done Successfully installed boto-2.48.0 docopt-0.6.2 ec2-security-groups-dumper-1.7.1
2. Now, I am having issues running the script:
Please note, I run it with dashes and underscores, nothing works
>> with underscores
bash-3.2$ ec2_security_groups_dumper --json > /tmp/ec2-sec-grp.csv bash: ec2_security_groups_dumper: command not found
>> with dashes
bash-3.2$ ec2-security-groups-dumper --json > /tmp/ec2-sec-grp.csv bash: ec2-security-groups-dumper: command not found
Here is the directory I am running it from: as you can see the script name has underscores and not dashes, but in the Doc it uses dashes.. I am confused :(
bash-3.2$ ls -ltr
-rwxr-xr-x@ 1 abdel.aboufariss staff 999 Aug 25 15:16 setup.py
drwxr-xr-x@ 4 abdel.aboufariss staff 136 Aug 25 15:16 ec2_security_groups_dumper
-rwxr-xr-x@ 1 abdel.aboufariss staff 204 Aug 25 15:16 circle.yml
-rwxr-xr-x@ 1 abdel.aboufariss staff 252 Aug 25 15:16 Makefile
-rwxr-xr-x@ 1 abdel.aboufariss staff 35122 Aug 25 15:16 LICENSE
-rwxr-xr-x@ 1 abdel.aboufariss staff 1238 Oct 6 17:49 README.md
Thanks for your input..
-AJ
If you ran pip install
as root, then the script should get installed to /usr/bin/ec2-security-groups-dumper
. It's possible it's ended up in your home directory under ~/.local/bin
I intentionally installed the script into my home directory using pip install -U --user ec2-security-groups-dumper
. Then I use it by calling ~/.local/bin/ec2-security-groups-dumper --json
Thank you so much @porjo !! I was able to get one step further :)
Now, I have AWS permissions issue which I highlighted below.. I was wondering if I need to set my Access Key and Secret Key somewhere within the script ? Please note, I also use MFA to access my AWS Acct.. Not sure how my AWS access info is called by this script ?
`$ ~/.local/bin/ec2-security-groups-dumper --csv > /tmp/security-info.csv
Traceback (most recent call last):
File "/home/username/.local/bin/ec2-security-groups-dumper", line 9, in
load_entry_point('ec2-security-groups-dumper==1.7.1', 'console_scripts', 'ec2-security-groups-dumper')()
File "/home/username/.local/lib/python2.7/site-packages/ec2_security_groups_dumper/main.py", line 347, in main
firewall = Firewall(region=region, profile=profile, vpc=vpc)
File "/home/username/.local/lib/python2.7/site-packages/ec2_security_groups_dumper/main.py", line 117, in init
self.dict_rules = self._get_rules_from_aws()
File "/home/username/.local/lib/python2.7/site-packages/ec2_security_groups_dumper/main.py", line 278, in _get_rules_from_aws
security_groups = conn.get_all_security_groups(filters=self.filters)
File "/usr/lib/python2.7/dist-packages/boto/ec2/connection.py", line 2984, in get_all_security_groups
[('item', SecurityGroup)], verb='POST')
File "/usr/lib/python2.7/dist-packages/boto/connection.py", line 1186, in get_list
raise self.ResponseError(response.status, response.reason, body)
boto.exception.EC2ResponseError: EC2ResponseError: 401 Unauthorized
AuthFailure
AWS was not able to validate the provided access credentials463e-----63-1-4-----aaf--------
`
@porjo I did figure this out after I setup AWS CONFIGURE properly..
Thank you so much for your input, that gave me a good starting point to resolve my issue..
And big Thanks to @lra Laurent Raufaste for providing this COOL script ! Now, my whole AWS Security Environment is backed up & monitored closely 👍
This is the best script for this purpose I've seen out there.. Thank you !!