mitmproxy and ec2-api-tools

Here’s how you can mitmproxy on OS X to see which URLs the ec2-api-tools are querying against.
1. Install mitmproxy:

    sudo pip install mitmproxy
  1. Start it up:

    mitmproxy -p 8080
    
  2. Configure the Java keystore to trust the mitmproxy CA certificate:

    sudo keytool -importcert -alias mitmproxy -storepass "changeit" \
    -keystore /System/Library/Java/Support/CoreDeploy.bundle/Contents/Home/lib/security/cacerts \
    -trustcacerts -file ~/.mitmproxy/mitmproxy-ca-cert.pem
    

(Type yes when asked to trust the certificate)

  1. Configure the EC2 tools to use the mitm proxy:

    export EC2_JVM_ARGS="-DproxySet=true -DproxyHost=127.0.0.1 -DproxyPort=8080 -Dhttps.proxySet=true -Dhttps.proxyHost=127.0.0.1 -Dhttps.proxyPort=8080"
    
  2. Run an ec2-api command, e.g.:

    ec2-describe-instances
    

Don’t forget to delete the mitmproxy CA cert when you’re done:

    sudo keytool -delete -alias mitmproxy -storepass "changeit" \
    -keystore /System/Library/Java/Support/CoreDeploy.bundle/Contents/Home/lib/security/cacerts
This entry was posted in Uncategorized and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s