This repository has been archived by the owner on May 8, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 15
/
aws-sync-routes-client.sh
executable file
·143 lines (137 loc) · 4.17 KB
/
aws-sync-routes-client.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
#!/bin/bash
# Exit on error
set -e
dry_run=false
function usage () {
printf "\nSynchronize AWS VPC routes from the main/default route table to all custom route tables.\n"
printf "\nUsage: $0 -i <api gateway id> -k <api key> -r <aws region> -c <ipv4 destination cidr blocks> -s <sleep seconds> -t <route table id> -v <vpc id> [-d <dry run?>]\n\n"
printf "\t-c, --destination-cidr-blocks\n\t\tA comma-delimited list of IPv4 destination CIDR blocks for each route to sync.\n\n"
printf "\t-d, --dry-run\n\t\tChecks whether you have the required permissions for the action, without actually making the request, and provides an error response.\n\n"
printf "\t-h, --help\n\t\tUsage help. This lists all current command line options with a short description.\n\n"
printf "\t-i, --api-gateway-id\n\t\tThe ID of the AWS API Gateway.\n\n"
printf "\t-k, --api-key\n\t\tThe API key for the API Gateway.\n\n"
printf "\t-r, --aws-region\n\t\tThe AWS region hosting the API Gateway.\n\n"
printf "\t-s, --seconds\n\t\tThe number of seconds to pause between API calls.\n\n"
printf "\t-t, --route-table-id\n\t\tThe ID of the main/default route table for the VPC.\n\n"
printf "\t-v, --vpc-id\n\t\tThe ID of the the VPC.\n\n"
}
while (( "$#" ))
do
case "$1" in
-c|--destination-cidr-blocks)
destination_cidr_blocks=$(printf "$2" | tr -d '[:space:]' | tr ',' '\n')
shift 2
for destination_cidr_block in $destination_cidr_blocks
do
if [[ ! ${destination_cidr_block} =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$ ]]
then
usage
printf "Error: Invalid IPv4 destination CIDR block: '$destination_cidr_block'.\n" >&2
exit 1
fi
done
;;
-d|--dry-run)
if [[ ${2} =~ ^(true|false)$ ]]
then
dry_run=$2
shift 2
else
printf "Error: Dry run must be set to either 'true' or 'false': '$2'.\n" >&2
usage
exit 1
fi
;;
-h|--help)
usage
exit
;;
-i|--api-gateway-id)
if [ -z "$2" ]
then
usage
printf "Error: API Gateway ID required: '$2'.\n" >&2
exit 1
else
api_gateway_id=$2
shift 2
fi
;;
-k|--api-key)
if [ -z "$2" ]
then
usage
printf "Error: API key required.\n" >&2
exit 1
else
api_key=$2
shift 2
fi
;;
-r|--aws-region)
if [ -z "$2" ]
then
usage
printf "Error: AWS region required.\n" >&2
exit 1
else
aws_region=$2
shift 2
fi
;;
-s|--seconds)
if [[ ${2} =~ ^[0-9]+$ ]]
then
sleep_seconds=$2
shift 2
else
usage
printf "Error: Invalid sleep seconds value: '$2'.\n" >&2
exit 1
fi
;;
-t|--route-table-id)
if [[ ${2} =~ ^rtb-([0-9a-f]{8}|[0-9a-f]{17})$ ]]
then
route_table_id=$2
shift 2
else
usage
printf "Error: Invalid route table ID: '$2'.\n" >&2
exit 1
fi
;;
-v|--vpc-id)
if [[ ${2} =~ ^vpc-([0-9a-f]{8}|[0-9a-f]{17})$ ]]
then
vpc_id=$2
shift 2
else
usage
printf "Error: Invalid VPC ID: '$2'.\n" >&2
exit 1
fi
;;
-*)
usage
printf "Error: Invalid parameter: '$1'.\n" >&2
exit 1
;;
esac
done
if [ -z "$api_gateway_id" ] || [ -z "$api_key" ] || [ -z "$aws_region" ] || [ -z "$destination_cidr_blocks" ] || [ -z "$route_table_id" ] || [ -z "$vpc_id" ] || [ -z "$sleep_seconds" ]
then
usage
else
api_endpoint="https://$api_gateway_id.execute-api.$aws_region.amazonaws.com/v1/vpcs/$vpc_id/route-tables/$route_table_id"
while true
do
printf "\n$(date +"%Y-%m-%d %H:%M:%S ")\tPress [CTRL+C] to stop...\n"
for destination_cidr_block in $destination_cidr_blocks
do
request_body="{\"destination-cidr-block\": \"$destination_cidr_block\", \"dry-run\": $dry_run}"
printf "$(curl --silent --show-error --data "$request_body" --header 'Content-Type: application/json' --header "X-API-Key: $api_key" --request 'PATCH' $api_endpoint)\n" &
done
sleep $sleep_seconds
done
fi