Demeter is a command line tool for managing security groups across multiple AWS environments. Demeter was written with the following goals:
- Stateless. EC2 tags are used to store all metadata about security groups. This makes it easy for collaborators to make changes to security groups.
- Variables. Provides a flexible way to define global and per-environment variables to be used in all templates.
- Multiple AWS Accounts. Maintain a naming scheme for your security groups that can be applied to any region or AWS account.
- Infrastructure as code. My maintaining your security groups using a demeter repository makes them easy to edit and collaborate on.
HighSecurity install
wget https://raw.githubusercontent.com/coinbase/demeter/master/certs/coinbase.pem
gem cert --add coinbase.pem
gem install demeter-cli --trust-policy HighSecurityRegular install
% gem install demeter-cliDetailed instructions - Demeter Example Project
-environment or short -e is a required parameter. It loads the environment variables and sources .env.<environment> file
Show general help or specific command help
$ demeter help <command>
Get list of all managed and unmanaged security groups
$ demeter status -e staging
Run a plan against environment and return a diff between local state
$ demeter plan -e staging
Apply diff changes
$ demeter apply -e staging
When migrating existing security groups you can generate config by specifying existing security group ids
$ demeter generate -e staging -ids sg-111111 sg-22222
- Fork it ( https://github.com/coinbase/demeter/fork )
- Create your feature branch (
git checkout -b my-new-feature) - Commit your changes (
git commit -am 'Add some feature') - Push to the branch (
git push origin my-new-feature) - Create a new Pull Request
You can use rake install to install and test your local development gem
Copyright © 2015 Coinbase Inc. – Released under MIT License