knife-rds

Overview

A knife plugin for managing AWS RDS instances.

** WORK IN PROGRESS. **

This project is very early, and should be taken as a proof of concept.

Motivation

  • Integration of AWS resources with Chef intrastructure.

  • Store configuration for security and parameter groups in Chef.

Commands (pending)

All commands use your EC2 keys, as configured in your Knife configuration. Your ability to interact with RDS resources is limited by your account access.

Instances

List

knife rds list

List available RDS Instances.

Modify

knife rds instance from data bag (ITEM)

Create or update an RDS instance using attributes stored in a data bag.

Security Groups

List

knife sg list

List created RDS security groups. Show name and description.

Modify

knife rds sg from data bag SECURITY_GROUP_NAME

Creates and/or updates an RDS security group and syncs the authorization levels with those specified in the data bag.

The command expects the following keys:

  • description: (String) The description of the data bag. (Only required when security group is created).
  • ec2_security_groups: (Array) A list of string EC2 security group names to whitelist for this RDS security group.
  • ip_addressses: (Array) A list of IP addresses that should have access to this security group.

All EC2 security groups and IP addresses that exist in the data bag will be granted access to this security group.

Any EC2 securiy groups or IP addresses that previously had authorization, but no longer appear in the data bag, will have their authorization revoked.

The expected data bag name is 'rds_parameter_groups', but this can be overriden.

Parameter Groups

List

knife pg list

List created RDS parameter groups.

Modify

knife pg from data bag PARAMETER_GROUP_NAME

Creates and/or updates an RDS parameter group. Syncs user defined settings from data bag to AWS.

The command expects the following keys:

  • description: (String) Parameter group descriptive text. (Only required when parameter group is created).
  • db_parameter_group_family: (String) The parameter group family you group should inherit from. (Only required when parameter group is created).
  • parameters: (Hash) Key,value combinations of parameters to be overriden.

All valid parameters in the data bag will be applied (via the 'apply method') to the data bag.

All user supplied parameters that exist in the parameter group, but are not present in the data bag, will be revoked (via the 'apply method').