Should be simple to implement, and would save me some time.

For a current penetration test I need to output a list of subnets:

• Name.
• CIDR Range.

Would be far easier to do if I had a subnets sub-command.

Right now the implementation of the sub-command contains things like this:

			// details
			fmt.Printf("\tAMI: %s\n", ami)
			fmt.Printf("\tInstance type: %s\n", *instance.InstanceType)

			if instance.KeyName != nil {
				fmt.Printf("\tKey name: %s\n", *instance.KeyName)
			}

This looks ugly, and is hard for users to modify. Instead of that define a golang text/template snippet and use a struct as appropriate to allow changing the formatting and included values. This could also pave the way towards a JSON-output option.

Since I'm using it on my personal accounts now:

% AWS_SDK_LOAD_CONFIG=1 aws-utils  instances   

Several of our commands now operate either on the main AWS account, or a set of roles assumed from it:

• csv-instances
• instances
• sg-grep

Rather than duplicating all the code create a helper which does that once, and triggers a callback into the sub-command for the handling.

This would let me search prime-xxx-qa, prime-xxx-stage, and id-prod for "steve", for example.

Making the change won't be hard.

This configuration file is fine:

wc41 ~ $ cat ~/.aws/credentials 
[default]
aws_access_key_id=1234...
aws_secret_access_key=abc...

But the moment you have other profiles present as well things break:

 $ cat ~/.aws/credentials 
[default]
aws_access_key_id=1234..
aws_secret_access_key=abc..

[tmp]
aws_secret_access_key=124.
aws_access_key_id=blah
aws_session_token=secret

Specifically the values of all the keys get updated, not just the first one.

I guess we just replace the first value, not all the values, and that will solve this.

Today I was asked to provide a mapping of "name + IPv4" address for a bunch of accounts. This would have been easier if I could run:

  $ aws-utils csv-instances --fields="name,ipv4"

Of course once I realize this I can also say that the instances and csv-instances are very very similar (which they definitely are). Merging the two commands into one almost makes sense, but I use them for different purposes and it would be nice to keep the simple nature alone.

To close this issue:

• Remove the duplication between the two commands, with regard to getting the data at least.
• Allow the user to specify different fields for the CSV instnace, at least.
  • Ideally a template for the instances subcommand too.

No changes to the default behaviour from the end-user perspective though, even if they gain the ability to change the formatting/templates.

When a stack is present in multiple states it might get excluded.

• Imagine you create a stack, then delete it.
• Later you create a stack with the same name.

This results in two stacks in the list-stack output :

• One in DELETE_COMPLETE state
• One in CREATE_COMPLETE state

Depending on the random ordering this might get excluded. We need to build/maintain a list of the stack-stats not a simple key=>value hash, which will overwrite the stack-details.

Receiving an error with empty instances here:

% AWS_SDK_LOAD_CONFIG=1 aws-utils  instances   

errors running instance dump
error invoking callback: error rendering template template: output:2:2: executing "output" at <.InstanceName>: can't evaluate field InstanceName in type []instances.InstanceOutput
Steve.Kemp@Steves-MacBook-Pro .aws % 

This would be safer, and could also allow confirmation to be made in the cases where a change is required.

Hello,

thanks for this neat utility, I mostly use it to rotate AWS access-keys.
To that effect, would it be possible to add flags to the rotate-keys command to allow for deactivation/deletion of the previous, now rotated keys?

Thanks.