-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathGet-EC2InstancePassword.ps1
60 lines (51 loc) · 3.85 KB
/
Get-EC2InstancePassword.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
function Get-EC2InstancePassword
{
<#
.Synopsis
Gets an instance password from EC2
.Description
Gets and decrypts a password from an EC2 instance
.Example
Get-EC2 |
Get-EC2InstancePassword
.Link
Get-EC2
.Link
Get-SecureSetting
#>
[OutputType([string],[MAnagement.Automation.pscredential])]
param(
# The EC2 Instance ID
[Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
[Alias('InstanceId', 'EC2InstanceId')]
[string]
$EC2,
# If set, will return the password as a credential
[Switch]
$AsCredential
)
process {
$dr= New-Object Amazon.EC2.Model.GetPasswordDataRequest
$null = $dr.WithInstanceId($EC2)
$ec2Instance = Get-EC2 -InstanceId $EC2
$rsaKey = Get-SecureSetting -Name $ec2Instance.KeyName -ValueOnly
$passwordResult = $AwsConnections.EC2.GetPasswordData($dr).GetPasswordDataResult
if ($passwordResult.PasswordData.Data) {
$password= $passwordResult.GetDecryptedPassword($rsaKey)
if ($asCredential) {
New-Object Management.Automation.PSCredential "Administrator", ($password | ConvertTo-SecureString -AsPlainText -Force)
} else {
New-Object PSObject |
Add-Member NoteProperty InstanceId $EC2 -PassThru |
Add-Member NoteProperty Password $Password -PassThru
}
} else {
$warningMsg = @"
Password not available yet for instance $ec2.
Password generation and encryption can sometimes take more than 30 minutes.
Please wait at least 15 minutes after launching an instance before trying to retrieve the generated password.
"@
Write-Warning $warningMsg
}
}
}