Amazon AWS EC2

the amazon aws ec2 connector enables management and automation of ec2 instances and security features, facilitating seamless integration with cloud based workflows amazon aws ec2 is a secure, resizable compute service that offers cloud based virtual servers to support a wide range of applications this connector enables swimlane turbine users to automate key ec2 operations such as instance management, security group updates, and network acl configurations by integrating with amazon aws ec2, users can streamline security workflows, rapidly respond to threats, and manage cloud resources efficiently, all within the swimlane platform prerequisites to utilize the amazon aws ec2 connector with swimlane turbine, ensure you have the following aws authentication credentials with appropriate permissions region name the name of the region your ec2 instances are hosted in this connector allows turbine to connect to aws ec2 asset setup this integration authenticates with aws ec2 using the following input values requirements aws access key id a long term aws access key id with access to athena aws secret key id a long term secret access key associated with the above accesskey id region name the aws region role arn an arn of an aws iam role to assume this is optional external id an external id to use when assuming the role this is optional obtaining aws credentials to use this integration, you will need to have an aws account and obtain the necessary aws credentials you can obtain these credentials by following the steps below log in to your aws account and navigate to the iam console in the left navigation pane, click on the "users" tab and select the user for which you want to create credentials click on the "security credentials" tab, and then click on the "create access key" make sure to save the access key id and secret access key in a secure location, as you will not be able to see the secret access key again after this step if you want to use an aws iam role, you will need to have the arn of the role and an optional external id, if one was specified by the aws account administrator configurations aws ec2 authentication authenticates using aws credentials configuration parameters parameter description type required access key aws access key, see https //docs aws amazon com/general/latest/gr/managing aws access keys html https //docs aws amazon com/general/latest/gr/managing aws access keys html for more information string optional secret key aws secret key, see https //docs aws amazon com/general/latest/gr/managing aws access keys html https //docs aws amazon com/general/latest/gr/managing aws access keys html for more information string optional region name the aws region where you want to create new connections string required role arn optional role arn to assume leave blank unless tasks need to assume a different role see https //docs aws amazon com/sts/latest/apireference/api assumerole html https //docs aws amazon com/sts/latest/apireference/api assumerole html for more information string optional external id external id to assume iam role optional value used for assuming roles can be added, or removed in trusted relationships of target role string optional session token use if a session token is provided when switching roles string optional role session name defaults to sessionfromswimlane \<hash> when no value is provide string optional actions allow ip in network acls grants access to a specified ip address by updating the network acls in amazon aws ec2 endpoint method get input argument name type required description ip address string required parameter for allow ip in network acls output parameter type description success boolean whether the operation was successful example \[ { "success" true } ] block ip in network acls blocks a specified ip address using amazon aws ec2 network access control lists (acls) requires an ip address as input endpoint method get input argument name type required description ip address string required parameter for block ip in network acls output parameter type description success boolean whether the operation was successful example \[ { "success" true } ] create instance launches a specified number of amazon aws ec2 instances with required permissions, monitoring options, and instance counts endpoint method get input argument name type required description blockdevicemappings array optional parameter for create instance devicename string optional name of the resource virtualname string optional name of the resource ebs object optional parameter for create instance deleteontermination boolean optional parameter for create instance iops number optional parameter for create instance snapshotid string optional unique identifier volumesize number optional parameter for create instance volumetype string optional type of the resource kmskeyid string optional unique identifier throughput number optional parameter for create instance outpostarn string optional parameter for create instance encrypted boolean optional parameter for create instance nodevice string optional parameter for create instance imageid string optional unique identifier instancetype string optional type of the resource ipv6addresscount number optional count value ipv6addresses array optional parameter for create instance ipv6address string optional parameter for create instance isprimaryipv6 boolean optional parameter for create instance kernelid string optional unique identifier keyname string optional name of the resource maxcount number required count value mincount number required count value monitoring object required parameter for create instance output parameter type description groups array output field groups groupname string name of the resource groupid string unique identifier instances array output field instances amilaunchindex number output field amilaunchindex imageid string unique identifier instanceid string unique identifier instancetype string type of the resource keyname string name of the resource launchtime string time value monitoring object output field monitoring state string output field state placement object output field placement availabilityzone string output field availabilityzone affinity string output field affinity groupname string name of the resource partitionnumber number output field partitionnumber hostid string unique identifier tenancy string output field tenancy spreaddomain string output field spreaddomain hostresourcegrouparn string output field hostresourcegrouparn groupid string unique identifier platform string output field platform privatednsname string name of the resource privateipaddress string output field privateipaddress example \[ { "groups" \[ {} ], "instances" \[ {} ], "ownerid" "string", "requesterid" "string", "reservationid" "string" } ] create security group creates a new security group in amazon aws ec2 with a specified name and description endpoint method get input argument name type required description description string required parameter for create security group groupname string required name of the resource vpcid string optional unique identifier tagspecifications array optional parameter for create security group resourcetype string optional type of the resource tags array optional parameter for create security group key string optional parameter for create security group value string optional value for the parameter dryrun boolean optional parameter for create security group output parameter type description groupid string unique identifier tags array output field tags key string output field key value string value for the parameter example \[ { "groupid" "string", "tags" \[ {} ] } ] delete security group removes a specified security group from amazon aws ec2 ensure no instances are associated with it before deletion endpoint method get input argument name type required description groupid string optional unique identifier groupname string optional name of the resource dryrun boolean optional parameter for delete security group output parameter type description responsemetadata object response data example \[ { "responsemetadata" {} } ] get instances info retrieves details for specified amazon aws ec2 instances or all instances if no specific criteria are provided endpoint method get input argument name type required description filters array optional parameter for get instances info name string optional name of the resource values array optional value for the parameter instanceids array optional unique identifier dryrun boolean optional parameter for get instances info maxresults number optional result of the operation nexttoken string optional parameter for get instances info output parameter type description reservations array output field reservations groups array output field groups groupname string name of the resource groupid string unique identifier instances array output field instances amilaunchindex number output field amilaunchindex imageid string unique identifier instanceid string unique identifier instancetype string type of the resource kernelid string unique identifier keyname string name of the resource launchtime string time value monitoring object output field monitoring state string output field state placement object output field placement availabilityzone string output field availabilityzone affinity string output field affinity groupname string name of the resource partitionnumber number output field partitionnumber hostid string unique identifier tenancy string output field tenancy spreaddomain string output field spreaddomain hostresourcegrouparn string output field hostresourcegrouparn groupid string unique identifier platform string output field platform example \[ { "reservations" \[ {} ], "nexttoken" "string" } ] list security groups retrieves details of specified security groups or all security groups associated with your amazon aws ec2 account endpoint method get input argument name type required description filters array optional parameter for list security groups name string optional name of the resource values array optional value for the parameter groupids array optional unique identifier groupnames array optional name of the resource dryrun boolean optional parameter for list security groups maxresults number optional the maximum number of items to return for this request this value can be between 5 and 1000 nexttoken string optional parameter for list security groups output parameter type description securitygroups array output field securitygroups description string output field description groupname string name of the resource ippermissions array output field ippermissions fromport number output field fromport ipprotocol string output field ipprotocol ipranges array output field ipranges cidrip string unique identifier description string output field description ipv6ranges array output field ipv6ranges cidripv6 string unique identifier description string output field description prefixlistids array unique identifier description string output field description prefixlistid string unique identifier toport number output field toport useridgrouppairs array unique identifier description string output field description groupid string unique identifier groupname string name of the resource peeringstatus string status value userid string unique identifier vpcid string unique identifier vpcpeeringconnectionid string unique identifier ownerid string unique identifier example \[ { "securitygroups" \[ {} ], "nexttoken" "string" } ] quarantine instance isolate an amazon aws ec2 instance by modifying its associated security groups, requiring 'instance id' and 'vpc id' endpoint method get input argument name type required description instance id string required unique identifier vpc id string required unique identifier output parameter type description success boolean whether the operation was successful group name string name of the resource example \[ { "success" true, "group name" "string" } ] snapshot instance create a snapshot of an amazon aws ec2 instance using the specified instance id endpoint method get input argument name type required description instance id string required unique identifier output parameter type description snapshot array output field snapshot description string output field description tags object output field tags type number type of the resource name string name of the resource encrypted boolean output field encrypted volumeid string unique identifier state string output field state volumesize number output field volumesize progress string output field progress starttime string time value ownerid string unique identifier snapshotid string unique identifier example \[ { "snapshot" \[ {} ] } ] start instance initiates the start process for an amazon ebs backed ec2 instance that was previously stopped, requiring the 'instanceids' parameter endpoint method get input argument name type required description instanceids array required unique identifier additionalinfo string optional parameter for start instance dryrun boolean optional parameter for start instance output parameter type description startinginstances array output field startinginstances currentstate object output field currentstate code number output field code name string name of the resource instanceid string unique identifier previousstate object output field previousstate code number output field code name string name of the resource example \[ { "startinginstances" \[ {} ] } ] stop instance stops an amazon ebs backed instance by specifying the required instanceids endpoint method get input argument name type required description instanceids array required unique identifier dryrun boolean optional parameter for stop instance hibernate boolean optional hibernates the instance if the instance was enabled for hibernation at launch force boolean optional forces the instances to stop output parameter type description stoppinginstances array output field stoppinginstances currentstate object output field currentstate code number output field code name string name of the resource instanceid string unique identifier previousstate object output field previousstate code number output field code name string name of the resource example \[ { "stoppinginstances" \[ {} ] } ] update security group add or remove a security rule from an amazon aws ec2 security group, specifying direction, ports, protocol, and ip range endpoint method get input argument name type required description group id string required unique identifier ingress or egress string required parameter for update security group add or delete string required parameter for update security group from port number required parameter for update security group to port number required parameter for update security group ip protocol string required parameter for update security group cidr string required unique identifier description string optional parameter for update security group output parameter type description metadata string response data example \[ { "success" true } ] notes aws account and access keys https //docs aws amazon com/powershell/latest/userguide/pstools appendix sign up html boto3 ec2 documentation https //boto3 amazonaws com/v1/documentation/api/latest/reference/services/ec2 html#ec2