diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2015-01-19 11:26:48 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2015-01-19 11:35:21 +0200 |
commit | 4d1258de786a83888d123f4e8f791f1ad6ecf605 (patch) | |
tree | e172edcda699af4b7db72f42e30f4399866b339b /doc | |
parent | 0766417065bfec9747bf0f41f9b68c27e378f817 (diff) | |
download | eclat-4d1258de786a83888d123f4e8f791f1ad6ecf605.tar.gz eclat-4d1258de786a83888d123f4e8f791f1ad6ecf605.tar.bz2 |
Initial support for IAM
* NEWS: Update.
* doc/eclat.1man: Update.
* lib/.gitignore: Update.
* lib/Makefile.am (libeclat_a_SOURCES): Add new files.
* lib/json.h: New file.
* lib/jsongrm.y: New file.
* lib/jsonlex.l: New file.
* lib/yytrans: New file.
* lib/libeclat.h (ec2_query) <token>: New member
(eclat_query_create): Change signature.
* lib/qcreat.c (eclat_query_create): Take security token as 5th
argument.
* lib/reqsign.c (querysign2): Add security token.
* src/cmdline.opt: Update copyright years
* src/ec2map.c (ec2_map_get): Pass security token to
eclat_query_create.
* src/eclat.c (security_token): New variable.
(eclat_do_command): Pass security token to
eclat_query_create.
(main): Get authentication credentials from the instance
store, if not found in the access file.
* src/eclat.h (security_token): New extern.
(eclat_get_instance_creds): New proto.
* src/util.c (eclat_get_instance_zone): Use json parser.
(eclat_get_instance_creds): New function.
* tests/Makefile.am (noinst_PROGRAMS): add tjson
* tests/tjson.c: New file.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/eclat.1man | 39 |
1 files changed, 27 insertions, 12 deletions
diff --git a/doc/eclat.1man b/doc/eclat.1man index 0d39f21..9560e81 100644 --- a/doc/eclat.1man +++ b/doc/eclat.1man @@ -1,5 +1,5 @@ .\" This file is part of Eclat -*- nroff -*- -.\" Copyright (C) 2012-2014 Sergey Poznyakoff +.\" Copyright (C) 2012-2015 Sergey Poznyakoff .\" .\" Eclat is free software; you can redistribute it and/or modify .\" it under the terms of the GNU General Public License as published by @@ -13,7 +13,7 @@ .\" .\" You should have received a copy of the GNU General Public License .\" along with Eclat. If not, see <http://www.gnu.org/licenses/>. -.TH ECLAT 1 "July 10, 2014" "ECLAT" "Eclat User Reference" +.TH ECLAT 1 "January 19, 2015" "ECLAT" "Eclat User Reference" .SH NAME eclat \- EC2 Command Line Administrator Tool .SH SYNOPSIS @@ -26,7 +26,7 @@ eclat \- EC2 Command Line Administrator Tool is a tool that makes it possible to manage Amazon EC2 services from the command line. In contrast to the tools provided by Amazon itself, .B Eclat -does not require tons of resource-consuming libraries (\fBJava +does not require tons of resource-consuming libraries (\fIJava madness\fR), is very fast and efficient. .PP All administrative tasks are invoked through the single binary, @@ -67,15 +67,23 @@ argument to identify the action to be performed. It then forms an Amazon request using the rest arguments supplied to the command, and sends it to the selected endpoint. .PP -An \fBendpoint\fR is a URI of the Amazon server which is supposed to -handle the request. It is selected according to availability region, -as set in the configuration file (the \fBdefault\-region\fR statement), -or in the command line (the \fB\-\-region\fR option). If neither of -these is set, the endpoint specified by the \fBdefault\-endpoint\fR -configuration statement is used. +.I Availability region +specifies the region in the AWS where the requested resource is +located. It can be set either in the configuration file (the +\fBdefault\-region\fR statement), or in the command line (the +\fB\-\-region\fR option). +.PP +If avaialbility region is not set, \fBeclat\fR attempts to get it +from the instance store. This attempt will succeed only if it is +run on a EC2 instance. +.PP +An \fIendpoint\fR is a URI of the Amazon server which is supposed to +handle the request. It is selected according to the availability +region. The default value is provided in the configuration file +(using the \fBdefault\-endpoint\fR statement). .PP Upon completion of the action, Amazon sends back a -.BR response : +.IR response : an XML document containing details about the result of the operation performed. This document is displayed using a special format, expressed in eclat formatting language (\fBforlan\fR for short). A set of @@ -93,7 +101,7 @@ the option argument as its name. User-defined formats are declared in the configuration file using the \fBdefine\-format\fR statement. .PP If none of these options is given, the request -.B action name +.I action name is used to look up the default format to use. A default format is defined in the configuration file using the \fBformat\fR statement. .PP @@ -105,7 +113,7 @@ If .B eclat fails to select appropriate format using this procedure, it dumps the contents of the response on the standard output using -.BR "path notation" , +.IR "path notation" , where each tag is identified by its name and the names of parent tags, separated by dots. .SH AUTHENTICATION @@ -138,6 +146,13 @@ If the \fB\-\-access\-key\fR option is used, its argument is the access key or tag to look for in the access file. Otherwise, .B eclat selects the first available key pair. +.PP +If the access key is not found in the access file, it is assumed to be +a name of the \IIAM\fR role. The program then tries to obtain +credentials from the instance store. This attempt will succeed only +if \fBeclat\fR is run on an EC2 instance which is assigned a role upon +its creation (see +.BR http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-usingrole-ec2instance.html ) .SH MAPS Each amazon resource has a unique string associated with it, called its |