Welcome to IP Liberator’s documentation!¶
IP Liberator¶
A command line utility to update AWS Security Groups rules.
- Free software: GNU General Public License v3
- Documentation: https://ip-liberator.readthedocs.io.
Features¶
- Update a list of security groups of your AWS account at once.
- Grant access to informed ports for your current IP address or an informed IP.
- Read profile files in JSON with all the information needed to contact.
- Fit for use as script (e.g. to update your dynamic IP regularly).
Installation¶
$ pip install ip-liberator
Quickstart¶
Consider a file /path/my-profile.json with the following content:
{
"credentials": {
"access_key": "<AWS_ACCESS_KEY>",
"secret_key": "<AWS_SECRET_KEY>",
"region_name": "<AWS REGION>"
},
"config": {
"operator": "John",
"services": [
{
"name": "FTP+SFTP",
"port": "21-22"
},
{
"name": "HTTPS",
"port": "443"
}
],
"security_groups": [
"sg-<GROUP_ID_1>",
"sg-<GROUP_ID_2>"
]
}
}
Using the profile defined above will create or update two entries in the informed security groups:
- John FTP+SFTP granting access for the current IP the ports 21 and 22.
- John HTTPS granting access for the current IP the port 443.
To accomplish it, simply run:
$ ip-liberator --profile /path/my-profile.json
Authorizing rules ['John FTP+SSH', 'John HTTPS'] to IP 192.30.253.112/32
- sg-<GROUP_ID_1>
- sg-<GROUP_ID_2>
Credits¶
Authors¶
- Wagner Macedo <wagnerluis1982@gmail.com> (maintainer)
Installation¶
Stable release¶
To install IP Liberator, run this command in your terminal:
$ pip install ip-liberator
This is the preferred method to install IP Liberator, as it will always install the most recent stable release.
If you don’t have pip installed, this Python installation guide can guide you through the process.
From sources¶
The sources for IP Liberator can be downloaded from the Github repo.
You can either clone the public repository:
$ git clone git://github.com/wagnerluis1982/ip-liberator
Or download the tarball:
$ curl -OL https://github.com/wagnerluis1982/ip-liberator/tarball/master
Once you have a copy of the source, you can install it with:
$ python setup.py install
Usage¶
TODO: replace quickstart with a well detailed usage.
Quickstart¶
Consider a file /path/my-profile.json with the following content:
{
"credentials": {
"access_key": "<AWS_ACCESS_KEY>",
"secret_key": "<AWS_SECRET_KEY>",
"region_name": "<AWS REGION>"
},
"config": {
"operator": "John",
"services": [
{
"name": "FTP+SFTP",
"port": "21-22"
},
{
"name": "HTTPS",
"port": "443"
}
],
"security_groups": [
"sg-<GROUP_ID_1>",
"sg-<GROUP_ID_2>"
]
}
}
Using the profile defined above will create or update two entries in the informed security groups:
- John FTP+SFTP granting access for the current IP the ports 21 and 22.
- John HTTPS granting access for the current IP the port 443.
To accomplish it, simply run:
$ ip-liberator --profile /path/my-profile.json
Authorizing rules ['John FTP+SSH', 'John HTTPS'] to IP 192.30.253.112/32
- sg-<GROUP_ID_1>
- sg-<GROUP_ID_2>
Contributing¶
Contributions are welcome, and they are greatly appreciated! Every little bit helps, and credit will always be given.
You can contribute in many ways:
Types of Contributions¶
Report Bugs¶
Report bugs at https://github.com/wagnerluis1982/ip-liberator/issues.
If you are reporting a bug, please include:
- Your operating system name and version.
- Any details about your local setup that might be helpful in troubleshooting.
- Detailed steps to reproduce the bug.
Fix Bugs¶
Look through the GitHub issues for bugs. Anything tagged with “bug” and “help wanted” is open to whoever wants to implement it.
Implement Features¶
Look through the GitHub issues for features. Anything tagged with “enhancement” and “help wanted” is open to whoever wants to implement it.
Write Documentation¶
IP Liberator could always use more documentation, whether as part of the official IP Liberator docs, in docstrings, or even on the web in blog posts, articles, and such.
Submit Feedback¶
The best way to send feedback is to file an issue at https://github.com/wagnerluis1982/ip-liberator/issues.
If you are proposing a feature:
- Explain in detail how it would work.
- Keep the scope as narrow as possible, to make it easier to implement.
- Remember that this is a volunteer-driven project, and that contributions are welcome :)
Get Started!¶
Ready to contribute? Here’s how to set up ip-liberator for local development.
Fork the ip-liberator repo on GitHub.
Clone your fork locally:
$ git clone git@github.com:your_name_here/ip-liberator.git
Install your local copy into a virtualenv. Assuming you have virtualenvwrapper installed, this is how you set up your fork for local development:
$ mkvirtualenv ip-liberator $ cd ip-liberator/ $ python setup.py developCreate a branch for local development:
$ git checkout -b name-of-your-bugfix-or-feature
Now you can make your changes locally.
When you’re done making changes, check that your changes pass flake8 and the tests, including testing other Python versions with tox:
$ flake8 ip_liberator tests $ python setup.py test or py.test $ toxTo get flake8 and tox, just pip install them into your virtualenv.
Commit your changes and push your branch to GitHub:
$ git add . $ git commit -m "Your detailed description of your changes." $ git push origin name-of-your-bugfix-or-featureSubmit a pull request through the GitHub website.
Pull Request Guidelines¶
Before you submit a pull request, check that it meets these guidelines:
- The pull request should include tests.
- If the pull request adds functionality, the docs should be updated. Put your new functionality into a function with a docstring, and add the feature to the list in README.rst.
- The pull request should work for 3.6 onwards, and for PyPy. Check https://travis-ci.org/wagnerluis1982/ip-liberator/pull_requests and make sure that the tests pass for all supported Python versions.
Deploying¶
A reminder for the maintainers on how to deploy. Make sure all your changes are committed (including an entry in HISTORY.rst). Then run:
$ bumpversion patch # possible: major / minor / patch
$ git push
$ git push --tags
Travis will then deploy to PyPI if tests pass.
Credits¶
Development Lead¶
- Wagner Macedo <wagnerluis1982@gmail.com>
Contributors¶
None yet. Why not be the first?
History¶
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
0.2.2 (Unreleased)¶
This release marks a breaking change. Now the script “tags” recorded entries in
the security groups, e.g. [ip-liberator] SSH John instead of only SSH John.
That helps to identify what IP Liberator added and what was added by hand.
By default, the tag is ip-liberator, but can be change through the new
option --tag. If the user wants the previous behavior, i.e. without a tag,
he or she must pass the option --no-tag.
Added¶
- Add option
--operatorto change the profile operator. - Add short option
-pfor--profile - Add option
--versionto show current script version.
Changed¶
- Add option
--tagto identify entries added by the script. - Migrate build system to Poetry
0.2.1 (2019-04-19)¶
- Fix documentation
0.2.0 (2019-04-19)¶
This release marks as the first to be published to PyPI.
No new functionality was added. The version was changed was to place a history mark.
- Added documentation.
- Added full coverage tests.
- Code refactoring.
0.1.1 (2018-10-16)¶
- Better console output.
- Added option
--revoke-only. - Don’t reauthorize if the IP address is already in the security group.
- Authorizing and revoking in batch to be more efficient.
- Bugfixes
0.1.0 (2018-09-27)¶
- Added option
--my-ipto inform an IP address explicitly. - Show in console the security groups being processed.
- Allow use as script by reading JSON as external config.