leegin · December 5, 2018 01:57
diff --git a/access_stack.sh b/access_stack.sh
 #!/bin/bash
 #Author : Leegin Bernads

 read -p "Enter the IAM user name : " user
 arn = `aws iam get-user --user-name $user | grep Arn | cut -d ':' -f2,3,4,5,6,7 | tr -d ' ' |sed -e 's/^"//' -e 's/"$//'`

 function get_stackname()
 {
 #With the insatnce id we are getting the instance ip with which the stack name of these instances is gathered in this function.
 	for i in `cat instanceids.txt`
 	do
 		aws ec2 describe-instances --instance-id $i  --query 'Reservations[].Instances[].PrivateIpAddress' |grep "\"" |  cut -d"\"" -f2 >> instancesip.txt
 		aws ec2 describe-instances --instance-id $i --query 'Reservations[].Instances[].[Tags[?Key==`opsworks:stack`].Value | [0]]' | grep "\"" | cut -d "\"" -f2 >> stacknames.txt
 	done
 }

 function grant_access_default()
 {
 #In this function we are getting the stack id of the opsworks stacks in the default region "ap-southeast-1" from the stack names and granting access to the user for all the stacks.
 	aws opsworks describe-stacks >> output.txt
 	for i in `cat stacknames.txt`
 	do 
 		cat output.txt | grep -B 50 $i | grep "StackId" | cut -d ':' -f2 | cut -d "," -f1 | tr -d ' ' |sed -e 's/^"//' -e 's/"$//' >> stackids.txt
 	done
 	for i in `cat stackids.txt`
 	do
 		aws opsworks set-permission --stack-id $i --level iam_only  --iam-user-arn $arn --allow-ssh --allow-sudo
 	done	
 }

 function grant_access_us_east()
 {
 #Again in this function we are getting the stack id of the opsworks stacks in the region us-east-1 from the stack names and granting access to the user for all the stacks.
 	aws opsworks describe-stacks --region us-east-1 >> output1.txt
 	for i in `cat stacknames.txt`
 	do 
 		cat output1.txt | grep -B 50 $i | grep "StackId" | cut -d ':' -f2 | cut -d "," -f1 | tr -d ' ' |sed -e 's/^"//' -e 's/"$//' >> stackids1.txt
 	done
 	for i in `cat stackids1.txt`
 	do
 		aws opsworks set-permission --region us-east-1 --stack-id $i --level iam_only  --iam-user-arn $arn --allow-ssh --allow-sudo
 	done
 }

 if [[ -e instanceids.txt ]]
 then
 	get_stackname
 	grant_access_default
 	grant_access_us_east
 fi
	#!/bin/bash
	#Author : Leegin Bernads

	read -p "Enter the IAM user name : " user
	arn = `aws iam get-user --user-name $user \| grep Arn \| cut -d ':' -f2,3,4,5,6,7 \| tr -d ' ' \|sed -e 's/^"//' -e 's/"$//'`

	function get_stackname()
	{
	#With the insatnce id we are getting the instance ip with which the stack name of these instances is gathered in this function.
	for i in `cat instanceids.txt`
	do
	aws ec2 describe-instances --instance-id $i --query 'Reservations[].Instances[].PrivateIpAddress' \|grep "\"" \| cut -d"\"" -f2 >> instancesip.txt
	aws ec2 describe-instances --instance-id $i --query 'Reservations[].Instances[].[Tags[?Key==`opsworks:stack`].Value \| [0]]' \| grep "\"" \| cut -d "\"" -f2 >> stacknames.txt
	done
	}

	function grant_access_default()
	{
	#In this function we are getting the stack id of the opsworks stacks in the default region "ap-southeast-1" from the stack names and granting access to the user for all the stacks.
	aws opsworks describe-stacks >> output.txt
	for i in `cat stacknames.txt`
	do
	cat output.txt \| grep -B 50 $i \| grep "StackId" \| cut -d ':' -f2 \| cut -d "," -f1 \| tr -d ' ' \|sed -e 's/^"//' -e 's/"$//' >> stackids.txt
	done
	for i in `cat stackids.txt`
	do
	aws opsworks set-permission --stack-id $i --level iam_only --iam-user-arn $arn --allow-ssh --allow-sudo
	done
	}

	function grant_access_us_east()
	{
	#Again in this function we are getting the stack id of the opsworks stacks in the region us-east-1 from the stack names and granting access to the user for all the stacks.
	aws opsworks describe-stacks --region us-east-1 >> output1.txt
	for i in `cat stacknames.txt`
	do
	cat output1.txt \| grep -B 50 $i \| grep "StackId" \| cut -d ':' -f2 \| cut -d "," -f1 \| tr -d ' ' \|sed -e 's/^"//' -e 's/"$//' >> stackids1.txt
	done
	for i in `cat stackids1.txt`
	do
	aws opsworks set-permission --region us-east-1 --stack-id $i --level iam_only --iam-user-arn $arn --allow-ssh --allow-sudo
	done
	}

	if [[ -e instanceids.txt ]]
	then
	get_stackname
	grant_access_default
	grant_access_us_east
	fi