Introduction
One can query or perform CRUD operations on AWS resources using AWS-specific tools (e.g. CLI, SDK or console) or third-party tools (e.g. Terraform, Crossplane, Pulumi etc). If you are a DevOps professional working on AWS, a third-party IaC tool (e.g. Terraform) and AWS CLI will likely be your preferred choices for managing AWS resources. This is because you are already using an IaC tool to provision AWS resources in production, so it makes sense to use the same tool in non-production environments as well. Additionally, you will use AWS CLI for operations (e.g. starting a VM) that are not supported by an IaC tool.
However, this is not the case with software or cloud architects and developers or other (non technical) folks who don't use such tools on day to day basis or find it difficult to use these tools due to the complexity of such tools. They want an easy way to manage their AWS resources so they can focus on their main tasks. Using plain english commands helps them avoid installing, upgrading, and learning tools they don't use regularly. Additionally, a simple prompt can perform a complex operation in a few words, whereas a CLI command would require typing many words.
Unlike the world of platform engineering, which often creates numerous catalog items for various AWS services that are not in sync with AWS APIs most of the time, our vision for this chatbot is to deliver a personalized experience where users will see a service form tailored to their role without a dedicated team to create multiple variants of the form in advance.
Our most important goal is to ensure full compatibility with AWS APIs at all times (once we roll out initial support for all AWS APIs) without requiring any manual effort from the end users.
AWS Chatbot
Advantages
List or perform CRUD operation on your AWS resources using plain english commands. For example -
create a vpc with '10.100.0.0/16' cidr and with the following tags - mc-id | id-vpc1 Name | Vpc1 list all the vpcs with following tags - mc-id | id-vpc1 create a subnet with '10.100.1.0/24' cidr under '<id of vpc1>' vpc with the following tags - mc-id | id-subnet1 Name | Subnet1 list all the instance types which are free tier eligible
Unlike Amazon Q, which is limited to only querying AWS resource, this chatbot can both query and manage AWS resources.
Unlike terraform, which does not support many operations (e.g. starting or stopping a vm), you can use this chatbot to perform any operation which is supported by any AWS API at any time.
Unlike terraform, you will be able to provision the infrastructure in stateless manner without storing the state locally (coming soon ..)
No need to install or upgrade AWS specific or third party tools which you are using to interact with AWS.
Finding right parameters for specific inputs for an operation can be time consuming or frustrating which can be eliminated with this chatbot.
Switching aws accounts or regions for an aws account is a no brainer with this chatbot.
Supported operations
Following operations are supported at this moment -
Vpc
Creating a vpc
Getting the list of vpcs
Subnet
Creating a subnet
Getting the list of subnets
Virtual Machines
Provisioning one or more VMs
Starting one or more VMs
Stopping one or more VMs
Instance Types
- Getting the list of instance types (e.g. t2.micro)
We will be rolling out support for other operations in the coming days. Keep an eye on our social media channels for latest updates in this regard.
AWS Console
Add an identity provider
Go to IAM -> Identity providers and click on Add provider button to add an OIDC identity provider with following details -
Field | Value |
Provider URL | https://mechcloud-piston-preview.eu.auth0.com/ |
Audience | n6dMQlo8ZCE5QxLY4o2KjeBaSn8eefTX |
Create an IAM role
Now assign an IAM role to the newly added OIDC provider by following below instructions -
Go to IAM -> Identity providers and click on the provider created in the previous section.
Click on Assign role button.
Select Create a new role radio button.
Select following details on the next page and click on Next button -
Select permissions policies (e.g. AmazonEC2ReadOnlyAccess) on the next page which you want to assign to this role and click on the Next button.
Specify MechCloudWebIdentityRole (or any other name) under Role name on the next page and click on Create role button to create the role. Make sure you replace MechCloudWebIdentityRole in following steps if you decide to use a different name for this role.
(IMPORTANT) Make sure that you specify a condition under the Trust relationships tab of MechCloudWebIdentityRole role as shown in the below image so that only users with specific email ids can assume this role. In the absence of this condition, any user who is logged into MechCloud and knows your AWS account number and the role name will be able to assume this role on your AWS account which can result in unexpected charges if you have assigned permissions to provision AWS resources to this role.
- (IMPORTANT) Also, make sure to revoke existing sessions whenever you remove a user from the condition highlighted above. This will block the access for those users who were removed from the above condition but still have a valid session token.
MechCloud Console
Configure an AWS account
Sign up or sign in on the MechCloud Console.
Navigate to Infrastructure -> Cloud Accounts.
Select a team and select AWS under Select a Cloud Provider.
Click on New Cloud Account button.
Specify an account name, your aws account number and MechCloudWebIdentityRole under role name. Click on Save button to create the cloud account.
Using chatbot
Sign in to the MechCloud Console..
Navigate to Infrastructure -> AWS Chatbot.
Select a region under Region dropdown.
Select a team under Team dropdown and then an account under Cloud Account dropdown.
Enter a prompt for the supported actions. For example,
list all the vpcs
list all the subnets under '<vpc_id>' vpc
Demo
Conclusion
In conclusion, the MechCloud chatbot for AWS APIs offers a revolutionary way for software and cloud architects, as well as developers, to manage their AWS resources effortlessly. By leveraging plain English commands, users can perform complex operations without the need for extensive tool installations or learning curves. This chatbot not only supports querying but also managing AWS resources, providing a more comprehensive solution compared to existing tools like Amazon Q and Terraform. With its seamless integration and user-friendly interface, the MechCloud chatbot is set to transform how AWS resources are managed, making it an invaluable tool for professionals looking to streamline their workflows. Stay tuned for more updates as we continue to expand the capabilities of this innovative solution.
Stay connected
Join our discord server to get latest updates on this chatbot.