AWS DEV Server Manager
Simple utility for starting and stopping AWS servers
GUI
Shows a list of AWS servers, their running status and a button to Start or Stop them
CLI
Enables you to start / stop AWS servers from the command line.
aws-dev-server-manager-cli --action=stop --instances="i-272586d,i-234586d,i-643586d,i-432586d"
Useful to run as a Scheduled build on your Build Server to shut down AWS dev instances at the end of the work day.
Configuration
AWS credentials/region
Add your AWSAccessKey
, AWSSecretKey
and AWSRegion
to the App.config
, see
Configuring Credentials for Your Application for details.
- If you happen to run this utility from an Amazon EC2 instance started with an
IAM Role for Amazon EC2,
you can also omit these explicit credentials (just set
value
to an empty string), which would be automatically picked up from that IAM role then.
EC2 instance pool selection
By default, the utility makes all EBS backed EC2 instances in the configured account available for starting/stopping.
You can also restrict the available instances via Filters, most commonly used by Tagging Your Amazon EC2 Resources - see Filtering the List of Resources by Tags for examples and Using Filtering for more details on the concept as such.
There are two available parameters in App.config
for this purpose, which are both evaluated together at runtime and support the wildcard character *
:
InstanceTags
- one or more semicolon separated key/value pairs of tags, e.g.Name=WebServer-*
orName=WebServer-*;Owner=TeamA
InstanceFilters
- one or more semicolon separated key/value pairs of filters, e.g.instance-type=m1.xlarge
orinstance-type=m1.*;image-id=ami-1a2b3c4d
, see section Supported Filters within DescribeInstances for details.- Note: This allows to lock down the list of instances to specific ones, e.g.
instance-id=i-1a2b3c4d;instance-id=i-5a6b7c8d
- Note: You can also just use
InstanceFilters
for tags as well by means of thetag:
prefix, e.g.instance-type=m1.xlarge;tag:Owner=TeamA
.
IAM permissions
Here are a few example policies for the required Identity and Access management (IAM) permissions to operate the EC2 instances - for more details on the more advanced policies you may want to read Resource-level Permissions for EC2 � Controlling Management Access on Specific Instances.
All instances in all regions
This is the most simple IAM policy, which allows to operate all existing instances in all regions:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeRegions",
"ec2:RebootInstances",
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
Specific instances in their respective region
This explicitly names pre-setup instance(s) by means of their id, e.g:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeRegions"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ec2:RebootInstances",
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": [
"arn:aws:ec2:us-east-1:1234567890:instance/i-96d811fe",
"arn:aws:ec2:eu-west-1:1234567890:instance/i-12d81142"
],
"Effect": "Allow"
}
]
}
- The
Resource
ARN has the following format (<region>
and<instance id>
can also be*
, see alternative below):
arn:aws:ec2:<region>:<account id>:instance/<instance id>
All instances matching a tag in one region
Alternatively, if you want a more dynamic solution based on tags, you could apply something like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeRegions"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ec2:RebootInstances",
"ec2:StartInstances",
"ec2:StopInstances"
],
"Condition": {
"StringEquals": {
"ec2:ResourceTag/pool":"developers"
}
},
"Resource": [
"arn:aws:ec2:*:1234567890:instance/*"
],
"Effect": "Allow"
}
]
}
- The
Resource
ARN has the following format (<region>
and<instance id>
can also be*
, see alternative below):
arn:aws:ec2:<region>:<account id>:instance/<instance id>
Since the permission excludes ec2:CreateTags
, nobody could adjust the instance list manually,
yet every instance added/removed to/from this tag based pool developers
would be reflected automatically.