now can create IAM user and get a key/secret -- but no permission yet -- that's next

2013-06-06 15:12:10 -07:00 · 2013-06-06 15:12:10 -07:00 · 23aa8f449e
parent e4c1b201d0
commit 23aa8f449e
1 changed files with 113 additions and 109 deletions
--- a/build_ec2_instances_for_django.ipynb
+++ b/build_ec2_instances_for_django.ipynb
@ -16,16 +16,7 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [
-      {
-       "output_type": "pyout",
-       "prompt_number": 1,
-       "text": [
-        "<module 'regluit.sysadmin.aws' from '/Users/raymondyee/C/src/Gluejar/regluit/sysadmin/aws.pyc'>"
-       ]
-      }
-     ],
-     "prompt_number": 1
+     "outputs": []
    },
    {
     "cell_type": "code",
@ -36,8 +27,7 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [],
-     "prompt_number": 2
+     "outputs": []
    },
    {
     "cell_type": "code",
@ -47,17 +37,7 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [
-      {
-       "output_type": "pyout",
-       "prompt_number": 3,
-       "text": [
-        "(u'ami-79c0ae10',\n",
-        " u'ubuntu/images/ebs/ubuntu-precise-12.04-amd64-server-20130516')"
-       ]
-      }
-     ],
-     "prompt_number": 3
+     "outputs": []
    },
    {
     "cell_type": "code",
@ -71,21 +51,13 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [
-      {
-       "output_type": "pyout",
-       "prompt_number": 6,
-       "text": [
-        "(Instance:i-d061cbbb, u'running')"
-       ]
-      }
-     ],
-     "prompt_number": 6
+     "outputs": []
    },
    {
     "cell_type": "code",
     "collapsed": false,
     "input": [
+      "# launch a new instance\n",
      "# use default security group for now -- probably want to make a new one\n",
      "\n",
      "INSTANCE_NAME = 'new_test'\n",
@ -113,16 +85,7 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [
-      {
-       "output_type": "pyout",
-       "prompt_number": 7,
-       "text": [
-        "u'running'"
-       ]
-      }
-     ],
-     "prompt_number": 7
+     "outputs": []
    },
    {
     "cell_type": "code",
@ -134,8 +97,7 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [],
-     "prompt_number": 9
+     "outputs": []
    },
    {
     "cell_type": "code",
@ -280,7 +242,6 @@
      "\n",
      "def host_type():\n",
      "    run('uname -s')\n",
-      "\n",
      "    \n",
      "def deploy():\n",
      "    sudo(\"aptitude update\")\n",
@ -331,6 +292,15 @@
     "metadata": {},
     "outputs": []
    },
+    {
+     "cell_type": "markdown",
+     "metadata": {},
+     "source": [
+      "## Commands to add?\n",
+      "\n",
+      "Apply security upgrade: `sudo unattended-upgrade`\n"
+     ]
+    },
    {
     "cell_type": "code",
     "collapsed": false,
@ -706,16 +676,7 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [
-      {
-       "output_type": "pyout",
-       "prompt_number": 10,
-       "text": [
-        "[DBInstance:justdb, DBInstance:production]"
-       ]
-      }
-     ],
-     "prompt_number": 10
+     "outputs": []
    },
    {
     "cell_type": "code",
@ -860,6 +821,13 @@
      "Rebooting instance"
     ]
    },
+    {
+     "cell_type": "markdown",
+     "metadata": {},
+     "source": [
+      "After installing mysql locally, it seems that the instance needs to be rebooted.  Here's some code to do so.  Problem remaining is how to reboot, wait for reboot to be completed, and then pick up the next steps."
+     ]
+    },
    {
     "cell_type": "code",
     "collapsed": false,
@ -925,8 +893,7 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [],
-     "prompt_number": 11
+     "outputs": []
    },
    {
     "cell_type": "code",
@ -936,37 +903,7 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [
-      {
-       "output_type": "pyout",
-       "prompt_number": 12,
-       "text": [
-        "{u'list_groups_response': {u'list_groups_result': {u'groups': [{u'arn': u'arn:aws:iam::439256357102:group/gluejar',\n",
-        "     u'create_date': u'2011-06-15T17:58:18Z',\n",
-        "     u'group_id': u'AGPAJIZSSFHWXAET4TFIK',\n",
-        "     u'group_name': u'gluejar',\n",
-        "     u'path': u'/'},\n",
-        "    {u'arn': u'arn:aws:iam::439256357102:group/gluejar-high',\n",
-        "     u'create_date': u'2012-05-03T21:26:32Z',\n",
-        "     u'group_id': u'AGPAJMDLCKW4PMX4OTYFO',\n",
-        "     u'group_name': u'gluejar-high',\n",
-        "     u'path': u'/'},\n",
-        "    {u'arn': u'arn:aws:iam::439256357102:group/s3-admins',\n",
-        "     u'create_date': u'2013-02-18T19:10:58Z',\n",
-        "     u'group_id': u'AGPAIJUAJVGQMDCLH7WW2',\n",
-        "     u'group_name': u's3-admins',\n",
-        "     u'path': u'/'},\n",
-        "    {u'arn': u'arn:aws:iam::439256357102:group/s3-unglueit_files-access',\n",
-        "     u'create_date': u'2013-02-04T18:43:05Z',\n",
-        "     u'group_id': u'AGPAI7BC5Q67APWYEOSDQ',\n",
-        "     u'group_name': u's3-unglueit_files-access',\n",
-        "     u'path': u'/'}],\n",
-        "   u'is_truncated': u'false'},\n",
-        "  u'response_metadata': {u'request_id': u'9a166986-c951-11e2-b2db-2f18d5db5f10'}}}"
-       ]
-      }
-     ],
-     "prompt_number": 12
+     "outputs": []
    },
    {
     "cell_type": "code",
@ -976,35 +913,102 @@
     ],
     "language": "python",
     "metadata": {},
-     "outputs": [
-      {
-       "output_type": "pyout",
-       "prompt_number": 23,
-       "text": [
-        "[u'andromeda',\n",
-        " u'developer',\n",
-        " u'edsummers',\n",
-        " u'eric',\n",
-        " u'jakace',\n",
-        " u'rdhyee',\n",
-        " u's3user',\n",
-        " u's3_just',\n",
-        " u's3_ry',\n",
-        " u'ses-smtp-unglue-it']"
-       ]
-      }
-     ],
-     "prompt_number": 23
+     "outputs": []
    },
    {
     "cell_type": "code",
     "collapsed": false,
     "input": [
-      "# ok, we can go into greate depth."
+      "# ok, we can go into greate depth.\n",
+      "# can we use IAM to create new IAM user and get the key / secret?\n",
+      "\n",
+      "IAM_USER_NAME = 'ry-dev-2'\n",
+      "\n",
+      "iam_user = iam.create_user(user_name=IAM_USER_NAME)\n",
+      "key_output = iam.create_access_key(user_name=IAM_USER_NAME)\n",
+      "access_key = key_output['create_access_key_response']['create_access_key_result']['access_key']\n",
+      "(key, secret) = (access_key['access_key_id'], access_key['secret_access_key'])"
     ],
     "language": "python",
     "metadata": {},
     "outputs": []
+    },
+    {
+     "cell_type": "code",
+     "collapsed": false,
+     "input": [
+      "iam_user"
+     ],
+     "language": "python",
+     "metadata": {},
+     "outputs": []
+    },
+    {
+     "cell_type": "code",
+     "collapsed": false,
+     "input": [
+      "iam.create_access_key(user_name='ry-dev-2')"
+     ],
+     "language": "python",
+     "metadata": {},
+     "outputs": []
+    },
+    {
+     "cell_type": "code",
+     "collapsed": false,
+     "input": [
+      "key_output = _"
+     ],
+     "language": "python",
+     "metadata": {},
+     "outputs": []
+    },
+    {
+     "cell_type": "code",
+     "collapsed": false,
+     "input": [
+      "access_key = key_output['create_access_key_response']['create_access_key_result']['access_key']\n",
+      "(access_key['access_key_id'], access_key['secret_access_key'])"
+     ],
+     "language": "python",
+     "metadata": {},
+     "outputs": []
+    },
+    {
+     "cell_type": "code",
+     "collapsed": false,
+     "input": [
+      "# we've created a key/secret but we still needed to create permissions to attach to user  \n"
+     ],
+     "language": "python",
+     "metadata": {},
+     "outputs": []
+    },
+    {
+     "cell_type": "markdown",
+     "metadata": {},
+     "source": [
+      "<pre>\n",
+      "{\n",
+      "  \"Version\": \"2012-10-17\",\n",
+      "  \"Statement\": [\n",
+      "    {\n",
+      "      \"Effect\": \"Allow\",\n",
+      "      \"NotAction\": \"iam:*\",\n",
+      "      \"Resource\": \"*\"\n",
+      "    }\n",
+      "  ]\n",
+      "}\n",
+      "</pre>"
+     ]
+    },
+    {
+     "cell_type": "code",
+     "collapsed": false,
+     "input": [],
+     "language": "python",
+     "metadata": {},
+     "outputs": []
    }
   ],
   "metadata": {}