def get_lambda_function(lambda_function, flags=FLAGS.ALL, **conn):
"""Fully describes a lambda function.
Args:
lambda_function: Name, ARN, or dictionary of lambda function. If dictionary, should likely be the return value from list_functions. At a minimum, must contain a key titled 'FunctionName'.
flags: Flags describing which sections should be included in the return value. Default ALL
Returns:
dictionary describing the requested lambda function.
"""
from cloudaux.orchestration.aws.arn import ARN
# If STR is passed in, determine if it's a name or ARN and built a dict.
if isinstance(lambda_function, basestring):
lambda_function_arn = ARN(lambda_function)
if lambda_function_arn.error:
lambda_function = dict(FunctionName=lambda_function)
else:
lambda_function = dict(FunctionName=lambda_function_arn.name,
FunctionArn=lambda_function)
# If an ARN is available, override the account_number/region from the conn dict.
if 'FunctionArn' in lambda_function:
lambda_function_arn = ARN(lambda_function['FunctionArn'])
if not lambda_function_arn.error:
if lambda_function_arn.account_number:
conn['account_number'] = lambda_function_arn.account_number
if lambda_function_arn.region:
conn['region'] = lambda_function_arn.region
return registry.build_out(flags,
start_with=lambda_function,
pass_datastructure=True,
**conn)
def get_elbv2(alb, flags=FLAGS.ALL, **conn):
"""
Fully describes an ALB (ELBv2).
:param alb: Could be an ALB Name, ALB ARN, or a dictionary. Likely the return value from a previous call to describe_load_balancers. At a minimum, must contain a key titled 'LoadBalancerArn'.
:param flags: Flags describing which sections should be included in the return value. Default is FLAGS.ALL.
:return: Returns a dictionary describing the ALB with the fields described in the flags parameter.
"""
# Python 2 and 3 support:
try:
basestring
except NameError as _:
basestring = str
if isinstance(alb, basestring):
from cloudaux.orchestration.aws.arn import ARN
alb_arn = ARN(alb)
if alb_arn.error:
alb = dict(LoadBalancerName=alb)
else:
alb = dict(LoadBalancerArn=alb)
return registry.build_out(flags,
start_with=alb,
pass_datastructure=True,
**conn)
def create_item_aws(item, technology, account):
arn = ARN(item.config.get('Arn'))
return Item(region=arn.region or 'universal',
name=arn.parsed_name or arn.name,
arn=item.config.get('Arn'),
tech_id=technology.id,
account_id=account.id)
def get_security_group(sg_obj, flags=FLAGS.ALL, **conn):
"""
Orchestrates calls to build a Security Group in the following format:
{
"Description": ...,
"GroupName": ...,
"IpPermissions" ...,
"OwnerId" ...,
"GroupId" ...,
"IpPermissionsEgress" ...,
"VpcId" ...
}
Args:
sg_obj: name, ARN, or dict of Security Group
flags: Flags describing which sections should be included in the return value. Default ALL
Returns:
dictionary describing the requested Security Group
"""
if isinstance(sg_obj, string_types):
group_arn = ARN(sg_obj)
if group_arn.error:
sg_obj = {'GroupId': sg_obj}
else:
sg_obj = {'GroupId': group_arn.parsed_name}
return registry.build_out(flags, sg_obj, **conn)
def get_vault(vault_obj, flags=FLAGS.ALL, **conn):
"""
Orchestrates calls to build a Glacier Vault in the following format:
{
"VaultARN": ...,
"VaultName": ...,
"CreationDate" ...,
"LastInventoryDate" ...,
"NumberOfArchives" ...,
"SizeInBytes" ...,
"Policy" ...,
"Tags" ...
}
Args:
vault_obj: name, ARN, or dict of Glacier Vault
flags: Flags describing which sections should be included in the return value. Default ALL
Returns:
dictionary describing the requested Vault
"""
if isinstance(vault_obj, basestring):
vault_arn = ARN(vault_obj)
if vault_arn.error:
vault_obj = {'VaultName': vault_obj}
else:
vault_obj = {'VaultName': vault_arn.parsed_name}
return registry.build_out(flags, vault_obj, **conn)
def _conn_from_arn(arn):
"""
Extracts the account number from an ARN.
:param arn: Amazon ARN containing account number.
:return: dictionary with a single account_number key that can be merged with an existing
connection dictionary containing fields such as assume_role, session_name, region.
"""
arn = ARN(arn)
if arn.error:
raise CloudAuxException('Bad ARN: {arn}'.format(arn=arn))
return dict(account_number=arn.account_number, )
def test_arn():
test_arn = 'arn:aws:iam::123456789123:role/testRole'
arn = ARN(test_arn)
assert arn.partition == 'aws'
assert arn.tech == 'iam'
assert arn.region == ''
assert arn.account_number == '123456789123'
assert arn.name == 'role/testRole'
assert arn.resource_type == 'role'
assert arn.resource == 'testRole'
test_arn2 = 'arn:aws:iam::123456789123:role/service-role/DynamoDBAutoscaleRole'
arn = ARN(test_arn2)
assert arn.partition == 'aws'
assert arn.tech == 'iam'
assert arn.region == ''
assert arn.account_number == '123456789123'
assert arn.name == 'role/service-role/DynamoDBAutoscaleRole'
assert arn.resource_type == 'role'
assert arn.resource == 'service-role/DynamoDBAutoscaleRole'
# Test for GovCloud Partition
test_arn3 = 'arn:aws-us-gov:iam::123456789123:role/service-role/DynamoDBAutoscaleRole'
arn = ARN(test_arn3)
assert arn.partition == 'aws-us-gov'
assert arn.tech == 'iam'
assert arn.region == ''
assert arn.account_number == '123456789123'
assert arn.name == 'role/service-role/DynamoDBAutoscaleRole'
assert arn.resource_type == 'role'
assert arn.resource == 'service-role/DynamoDBAutoscaleRole'
def test_arn():
test_arn = 'arn:aws:iam::123456789123:role/testRole'
arn = ARN(test_arn)
assert arn.tech == 'iam'
assert arn.region == ''
assert arn.account_number == '123456789123'
assert arn.name == 'role/testRole'
assert arn.resource_type == 'role'
assert arn.resource == 'testRole'
test_arn2 = 'arn:aws:iam::123456789123:role/service-role/DynamoDBAutoscaleRole'
arn = ARN(test_arn2)
assert arn.tech == 'iam'
assert arn.region == ''
assert arn.account_number == '123456789123'
assert arn.name == 'role/service-role/DynamoDBAutoscaleRole'
assert arn.resource_type == 'role'
assert arn.resource == 'service-role/DynamoDBAutoscaleRole'
def _get_name_from_structure(item, default):
"""
Given a possibly sparsely populated item dictionary, try to retrieve the item name.
First try the default field. If that doesn't exist, try to parse the from the ARN.
:param item: dict containing (at the very least) item_name and/or arn
:return: item name
"""
if item.get(default):
return item.get(default)
if item.get('Arn'):
arn = item.get('Arn')
item_arn = ARN(arn)
if item_arn.error:
raise CloudAuxException('Bad ARN: {arn}'.format(arn=arn))
return item_arn.parsed_name
raise CloudAuxException(
'Cannot extract item name from input: {input}.'.format(input=item))
