Python script to start or stop amazon ec2 instance and notify slack channel

Hello Guys,

Happy New Year to you all. This is my first post in 2016 and I would love to share something useful for those who play around with AWS EC2 instances. Let’s get started with the prerequisites.

Prerequisites

Before you start, I would love to warn you about python and its discipline around indentation. That’s no joke, unless you are already familiar to python or are a veteran python guru. The second thing to know is to be familiar with how Amazon Web Services(AWS) works or have a system admin who can create an AWS user and its privileges and give you an AWS API access key and API secret key. This post assumes a working knowledge of AWS . So to run this script you need:

  • Have AWS IAM user with adequate privileges
  • In order to securely use AWS API it’s best to create users with specific privileges. So this two posts http://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html and http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-using.html#attach-managed-policy-console will help you achieve it. For now let’s say an AmazonEC2FullAccess is required. But this should be restricted further to specifics.

  • Have python installed
  • We are going to use python for this and if you are using linux python 2 should come by default with it. For windows folks there are posts out there which can get you there.

  • Have Awscli library
  • The awscli is a python library which is build upon the boto python library which is the python “implementation” of the aws API. There are many other language specific ones, java, php, .Net etc. You can install both boto and awscli through pip

The Script

Below is the script created at /srv/script/ec2_start_stop.py :

Further tweaks and explanations

About the arguments

There is a little explanation I would like to provide about this sys.argv and the fact that we have not used argv[0] anywhere. Argv is the array of argument passed to python and not the script. So to run our script we should type the following command:

Because python is the one passed the command

sys.argv[0] = /srv/script/ec2_start_stop.py (This is the script itself and first argument to python)
sys.argv[1] = start (this is actually the first argument of the script but second argument to python)
sys.argv[2] = us-east-1 (this is the aws region to which we making connection to)
sys.argv[3] = i-xxxxxxx (this is the instance we are either starting or stopping)

About IAM credentials

In this script I have not used the IAM access and secret key directly but rather , in my os installation. After installing awscli , I had configured it using the command aws configure this command will ask for the access key and the secret key and the default aws region. If that was not done, then I should have included the credentials in the script like shown below at the connection part:

If the server on which the script is run is itself an aws instance, with amazon role assigned to the this instance, there is no need to do aws configure or put the credentials in script

About Slack

In case you might not know what slack is, I can briefly say it’s a team communication plaform a more enterprise whastapp …. kind off .Building a full slack integration for a script is just an overkill. Instead we used slack webhooks to push notifictions to the channel the hook is for. Basically , it takes to post some json object to a url generated in/by slack to have this done nicely.

I hope this will be useful.

Leave a Comment

Your email address will not be published. Required fields are marked *

captcha * Time limit is exhausted. Please reload the CAPTCHA.