Functions/AWS/Get-EC2Credential.ps1
<# .SYNOPSIS Returns Administrator credentials for an EC2 Instance .DESCRIPTION The cmdlet accepts pipeline input of EC2 instances and requires a private-key file to decrypt and logon with the administrator credentials. .PARAMETER InstanceObject Accepts an EC2 Reservation pipeline input from Get-Ec2Instance output. .PARAMETER InstanceId Accepts an Amazon EC2 Instance object from the pipeline .PARAMETER Region Mandatory - AWS Region if InstanceId is specified instead of InstanceObject .PARAMETER PemFile Mandatory - Path to the PrivateKey file to decrypt .EXAMPLE Get-EC2Credential -InstanceId i-d56ef3 -PemFile '~/ssh/ec2-dev.pem' -Region us-west-2 .EXAMPLE Get-ECInstance -InstanceId i-d56ef3 | Get-EC2Credential -PemFile '~/ssh/ec2-dev.pem' #> function Get-EC2Credential { [CmdletBinding(DefaultParameterSetName='ByInstanceId')] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingConvertToSecureStringWithPlainText","")] param( [Parameter(Mandatory=$true, ParameterSetName="ByInstanceId")] [string]$InstanceId, [Parameter(Mandatory=$true, ParameterSetName="ByInstanceId")] [string]$Region, [Parameter(ParameterSetName="ByInstanceObject", ValueFromPipeline=$true)] [Amazon.EC2.Model.Instance]$InstanceObject, [Parameter(Mandatory=$true,ParameterSetName="ByReservationObject", ValueFromPipeline=$true)] [Amazon.EC2.Model.Reservation]$Reservation, [Parameter()] [ValidateNotNullOrEmpty()] [string]$PemFile=$script:DefaultEc2PemFile, [Parameter()] [switch]$AsText ) Write-Verbose "ParameterSet: $($PsCmdlet.ParameterSetName)" Test-EC2PemFile -PemFile $PemFile -ErrorAction Stop | Out-Null $PemFile = Resolve-Path $PemFile if ($Reservation) { $InstanceObject = $Reservation.Instances | Select-Object -First 1 } if ($InstanceObject) { $InstanceId = $InstanceObject.InstanceId $Region = $InstanceObject.Placement.AvailabilityZone -replace '\w$','' Write-Verbose "Required Private-key: $($InstanceObject.KeyName)" } Write-Verbose "Fetching Credentials for $InstanceId@$Region" Write-Verbose "Keyfile used: $PemFile" $rawPassword = Get-EC2PasswordData -Region $Region -InstanceId $InstanceId -Decrypt -PemFile $PemFile if ($AsText) { return $rawPassword } if ($rawPassword) { $securePassword = ConvertTo-SecureString $rawPassword -AsPlainText -Force New-Object System.Management.Automation.PSCredential('~\Administrator',$securePassword) } } |