def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
#
# ECR Repository
#
for ecr_repo_name, ecr_repo_configuration in resource_specs.items():
# AWS ECR Dynamic Variables
resource_repo_name = ecr_repo_name
# resource_repo_version = eks_repo_configuration["version"]
resource_repo_tags = None
resource_repo_tags = ecr_repo_configuration[
"tags"] if "tags" in ecr_repo_configuration else None
# Getting list of tags from configuration file
repo_tags_list = {}
if resource_repo_tags is not None:
for each_tag_name, each_tag_value in resource_repo_tags.items(
):
repo_tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
repo_tags_list.update({"Name": resource_repo_name})
repo_tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
repo_tags_list.update(resource_mandatory_tags)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for eip_name, eip_configuration in resource_specs.items():
# AWS Elastic IP Dynamic Variables
resource_name = eip_name
resource_tags = eip_configuration["tags"] if "'tags':" in str(
eip_configuration) else None
# Lists
tags_list = {}
# Getting list of tags from configuration file
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
eip = net.Eip(resource_name, tags=tags_list)
eip_ids_dict.update({eip._name: eip.id})
# Exporting each EIP
pulumi.export(eip._name, eip.id)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_vpc_id = VPCs.VPCId()
for subnet_name, subnet_configuration in resource_specs.items():
# AWS Subnet Dynamic Variables
resource_name = subnet_name
resource_az = subnet_configuration["az"]
resource_cidr = subnet_configuration["cidr"]
resource_assign_public_ipv4 = subnet_configuration[
"assign-public-ipv4"]
resource_vpc = subnet_configuration["vpc"]
resource_tags = None
resource_tags = subnet_configuration["tags"] if "'tags':" in str(
subnet_configuration) else None
this_vpc = aws_vpc_id[str(resource_vpc)]
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
subnet = net.Subnet(
resource_name,
vpc_id=this_vpc,
cidr_block=resource_cidr,
map_public_ip_on_launch=resource_assign_public_ipv4,
availability_zone=resource_az,
tags=tags_list
# FIXME: This needs to be sorted
# opts = pulumi.ResourceOptions(
# parent = this_vpc,
# depends_on = [this_vpc]
# )
)
subnet_ids_dict.update({subnet._name: subnet.id})
subnet_cidr_blocks_dict.update({subnet._name: subnet.cidr_block})
subnet_azs_dict.update({subnet._name: subnet.availability_zone})
# Exporting each subnet created for future reference
pulumi.export(subnet._name, subnet.id)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for acm_name, acm_configuration in resource_specs.items():
# AWS ACM Dynamic Variables
resource_name = acm_name
resource_number_of_instances = acm_configuration["domain"]
resource_namespace = acm_configuration["validation_type"]
def MandatoryTags(self):
mandatory = ParseYAML(resource_type).getSpecs()
for tag_key, tag_value in mandatory["tags"].items():
mandatory_tags_dict.update({tag_key: tag_value})
def SubnetGroup(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
for subnetgroup_name, subnetgroup_configuration in resource_specs[
"subnet-group"].items():
# AWS Elasticache Subnet Group Dynamic Variables
resource_name = subnetgroup_name
resource_description = subnetgroup_configuration["description"]
resource_subnet_ids = subnetgroup_configuration["subnets"]
resource_subnets_list = []
for each_subnet_found in resource_subnet_ids:
resource_subnets_list.append(
aws_subnet_id[str(each_subnet_found)])
subnetgroup = elasticache.SubnetGroup(
resource_name,
description=resource_description,
subnet_ids=resource_subnets_list)
subnetgroup_ids_dict.update({subnetgroup._name: subnetgroup.id})
# Exporting each Elasticache Subnet Group created for future reference
pulumi.export(subnetgroup._name, subnetgroup.id)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_eip_id = ElasticIPs.ElasticIPId()
for natgw_name, natgw_configuration in resource_specs.items():
# AWS NAT Gateway Variables
resource_name = natgw_name
resource_subnet = natgw_configuration["subnet"]
resource_eip = natgw_configuration["elastic_ip"]
resource_tags = None
resource_tags = natgw_configuration[
"tags"] if "tags" in natgw_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_subnet = aws_subnet_id[str(resource_subnet)]
this_eip = aws_eip_id[str(resource_eip)]
aws_natgw = net.NatGateway(resource_name,
subnet_id=this_subnet,
allocation_id=this_eip,
tags=tags_list)
# Update resource dictionaries
natgw_ids_dict.update({aws_natgw._name: aws_natgw.id})
# Export
pulumi.export(aws_natgw._name, aws_natgw.id)
def ParameterGroup(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for parametergroup_name, parametergroup_configuration in resource_specs["parameter-group"].items():
# AWS DocumentDB Parameter Group Dynamic Variables
resource_name = parametergroup_name
resource_description = parametergroup_configuration["description"]
resource_family = parametergroup_configuration["family"]
resource_tags = None
resource_tags = parametergroup_configuration["tags"] if "tags" in parametergroup_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Add mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
# Getting all parameters for each
# individual DocumentDB Parameter Group
resource_parameters = []
for each_parameter_key, each_parameter_value in parametergroup_configuration["parameters"].items():
resource_parameters.append(
{
"name": each_parameter_key,
"value": each_parameter_value["value"],
"applyMethod": each_parameter_value["apply"],
},
)
# Create resource
parametergroup = docdb.ClusterParameterGroup(
resource_name,
description = resource_description,
family = resource_family,
parameters = resource_parameters,
tags = tags_list
)
# Update resource dictionary
parametergroup_ids_dict.update({parametergroup._name: parametergroup.id})
# Export parameter group
pulumi.export(parametergroup._name, parametergroup.id)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for vpc_name, vpc_conf in resource_specs.items():
# AWS VPC Dynamic Variables
resource_name = vpc_name
resource_cidr = vpc_conf['cidr']
resource_dns_resolution = vpc_conf['dns-resolution']
resource_dns_hostnames = vpc_conf['dns-hostnames']
resource_tags = None
resource_tags = vpc_conf["tags"] if "tags" in vpc_conf else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Add mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
# Create resource
vpc = net.Vpc(resource_name,
cidr_block=resource_cidr,
enable_dns_support=resource_dns_resolution,
enable_dns_hostnames=resource_dns_hostnames,
tags=tags_list)
# Update resource dictionary
vpc_ids_dict.update({vpc._name: vpc.id})
# Export the name of each VPC
pulumi.export(vpc._name, vpc.id)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for s3_bucket_name, s3_bucket_configuration in resource_specs.items():
# AWS S3 Dynamic Variables
resource_name = s3_bucket_name
resource_tags = None
resource_tags = s3_bucket_configuration[
"tags"] if "tags" in s3_bucket_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
sse_config = s3_bucket_configuration[
"serverSideEncryptionConfiguration"] if "serverSideEncryptionConfiguration" in s3_bucket_configuration else None
# Create S3s
bucket = s3.Bucket(
resource_name,
acl=s3_bucket_configuration["acl"],
force_destroy=s3_bucket_configuration["force-destroy"],
tags=tags_list,
server_side_encryption_configuration=sse_config)
# Export
pulumi.export(bucket._name, bucket.id)
def PublicZone(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for r53_public_zone_name, r53_public_zone_configuration in resource_specs[
"public-zone"].items():
# Route53 Public Dynamic Variables
resource_name = r53_public_zone_name
# Resetting all optional variables
# with the default value None
resource_comment = \
resource_tags = None
# Cheking the documents content, if present
# we will be assigning their values to our variables,
# otherwise we'll set them to None
resource_comment = r53_public_zone_configuration[
"comment"] if "comment" in r53_public_zone_configuration else None
resource_tags = r53_public_zone_configuration[
"tags"] if "tags" in r53_public_zone_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
# Create Route53 Public Zone
route53_public_zone = route53.Zone(resource_name,
name=resource_name,
comment=resource_comment,
tags=tags_list)
pulumi.export(resource_name,
[{
"ID": route53_public_zone.id,
"Name servers": route53_public_zone.name_servers,
"Zone ID": route53_public_zone.zone_id
}])
route53_public_zone_ids_dict.update(
{route53_public_zone._name: route53_public_zone.id})
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_vpc_id = VPCs.VPCId()
for igw_name, igw_configuration in resource_specs.items():
# AWS Internet Gateway Variables
resource_name = igw_name
resource_vpc = igw_configuration["vpc"]
resource_tags = None
resource_tags = igw_configuration["tags"] if "tags" in igw_configuration else None
this_vpc = aws_vpc_id[str(resource_vpc)]
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
aws_igw = igw.InternetGateway(
resource_name,
vpc_id = this_vpc,
tags = resource_tags
)
igw_ids_dict.update({aws_igw._name: aws_igw.id})
# Export the name of each Internet Gateway
pulumi.export(aws_igw._name, aws_igw.id)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for keypair_name, keypair_configuration in resource_specs.items():
# AWS KeyPair Dynamic Variables
resource_name = keypair_name
resource_public_key = keypair_configuration['public_key']
resource_tags = None
resource_tags = keypair_configuration[
"tags"] if "tags" in keypair_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
# Create resource
keypair = am.KeyPair(resource_name,
public_key=resource_public_key,
tags=tags_list)
# Update resource dictionary
keypair_ids_dict.update({keypair._name: keypair.id})
# Exporting each KeyPair ID created for future reference
pulumi.export(keypair._name, keypair.id)
def SubnetGroup(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
for subnetgroup_name, subnetgroup_configuration in resource_specs["subnet-group"].items():
# AWS DocumentDB Subnet Group Dynamic Variables
resource_name = subnetgroup_name
resource_description = subnetgroup_configuration["description"]
resource_subnet_ids = subnetgroup_configuration["subnets"]
resource_tags = None
resource_tags = subnetgroup_configuration["tags"] if "tags" in subnetgroup_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
resource_subnets_list = []
for each_subnet_found in resource_subnet_ids:
resource_subnets_list.append(aws_subnet_id[str(each_subnet_found)])
subnetgroup = docdb.SubnetGroup(
resource_name,
description = resource_description,
subnet_ids = resource_subnets_list,
tags = tags_list
)
# Update resource dictionaries
subnetgroup_ids_dict.update({subnetgroup._name: subnetgroup.id})
# Export
pulumi.export(subnetgroup._name, subnetgroup.id)
def Subscription(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for sns_subscription_name, sns_subscription_configuration in resource_specs[
"subscription"].items():
sns_subscription_configuration = sns_subscription_configuration if sns_subscription_configuration else {}
resource_name = sns_subscription_name
# Create SNSs
subscription = sns.TopicSubscription(
resource_name,
protocol=sns_subscription_configuration.get("protocol"),
endpoint=sns_subscription_configuration.get("endpoint"),
topic=sns_subscription_configuration.get("topic"),
raw_message_delivery=sns_subscription_configuration.get(
"raw_message_delivery"))
# Export
pulumi.export(subscription._name, subscription.id)
def PrivateZone(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_vpc_id = VPCs.VPCId()
for r53_private_zone_name, r53_private_zone_configuration in resource_specs[
"private-zone"].items():
# Route53 Private Zone Dynamic Variables
resource_name = r53_private_zone_name
# Resetting all optional variables
# with the default value None
resource_comment = \
resource_vpcs = \
resource_tags = None
# Cheking the documents content, if present
# we will be assigning their values to our variables,
# otherwise we'll set them to None
resource_comment = r53_private_zone_configuration[
"comment"] if "comment" in r53_private_zone_configuration else None
resource_vpcs = r53_private_zone_configuration[
"vpcs"] if "vpcs" in r53_private_zone_configuration else None
resource_tags = r53_private_zone_configuration[
"tags"] if "tags" in r53_private_zone_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
# Get the list of VPCs
resource_vpcs_list = []
for each_private_zone_vpc in (resource_vpcs):
this_vpc = aws_vpc_id[str(each_private_zone_vpc)]
# this_vpc = aws_vpc_id[str(each_private_zone_vpc)]
# resource_vpcs_list.append(each_private_zone_vpc)
resource_vpcs_list.append(this_vpc)
print()
# Create Route53 Private Zone
route53_private_zone = route53.Zone(
resource_name,
name=resource_name,
comment=resource_comment,
# vpcs = resource_vpcs_list,
tags=tags_list
# vpcs = [
# route53.ZoneVpcArgs(
# vpc_id = resource_vpcs_list
# )
# ]
)
pulumi.export(resource_name, (
route53_private_zone.id,
route53_private_zone.name_servers,
route53_private_zone.zone_id,
))
route53_private_zone_ids_dict.update(
{route53_private_zone._name: route53_private_zone.id})
def AutoScalingGroup():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_launch_template_id = EC2.LTId()
# aws_target_group_arn = LoadBalancer.TargetGroupArn()
# Cheking if "auto-scaling-group:" is present in the configuration file
autoscaling_group = resource_specs["auto-scaling-group"].items(
) if "auto-scaling-group" in resource_specs else None
# If "auto-scaling-group:" is present then we'll run all the code below
if autoscaling_group is not None:
for autoscaling_group_name, autoscaling_group_configuration in autoscaling_group:
# AWS Autoscaling Group Dynamic Variables
# Resource Name
resource_name = autoscaling_group_name
# Autoscaling Group Configuration and its Default values
resource_min_size = autoscaling_group_configuration[
"min-size"] if "min-size" in autoscaling_group_configuration else 1
resource_max_size = autoscaling_group_configuration[
"max-size"] if "max-size" in autoscaling_group_configuration else 1
resource_desired_capacity = autoscaling_group_configuration[
"desired-capacity"] if "desired-capacity" in autoscaling_group_configuration else 1
resource_subnets = autoscaling_group_configuration[
"subnets"] if "subnets" in autoscaling_group_configuration else None
resource_capacity_rebalance = autoscaling_group_configuration[
"capacity-rebalance"] if "capacity-rebalance" in autoscaling_group_configuration else False
resource_cooldown_period = autoscaling_group_configuration[
"cooldown-period"] if "cooldown-period" in autoscaling_group_configuration else 300
resource_health_check_type = autoscaling_group_configuration[
"health-check-type"] if "health-check-type" in autoscaling_group_configuration else None
resource_launch_template = autoscaling_group_configuration[
"launch-template"] if "launch-template" in autoscaling_group_configuration else None
resource_target_groups = autoscaling_group_configuration[
"target-groups"] if "target-groups" in autoscaling_group_configuration else None
# Resource Tags and its Default values
resource_tags = None
resource_tags = autoscaling_group_configuration[
"tags"] if "tags" in autoscaling_group_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
# List of all Subnets gathered from "subnets:" key
resource_subnets_list = []
for each_subnet_found in resource_subnets:
individual_subnet_id = aws_subnet_id[str(
each_subnet_found)]
resource_subnets_list.append(individual_subnet_id)
# Check if "launch-template" is provided or not
if resource_launch_template is not None:
this_launch_template_id = aws_launch_template_id[str(
resource_launch_template)]
# FIXME It complains about circular import
# Check if "target-groups:" is provided or not
# resource_target_group_arns = []
# if resource_target_groups is not None:
# individual_tg_arn = aws_target_group_arn[str(resource_target_groups)]
# resource_target_group_arns.append(individual_tg_arn)
# Create the Autoscaling Group
autoscaling_group = autoscaling.Group(
autoscaling_group_name,
min_size=resource_min_size,
max_size=resource_max_size,
desired_capacity=resource_desired_capacity,
vpc_zone_identifiers=resource_subnets_list,
capacity_rebalance=resource_capacity_rebalance,
default_cooldown=resource_cooldown_period,
health_check_type=resource_health_check_type,
launch_template={
"id": this_launch_template_id,
},
# NOT available using this module version
instance_refresh=autoscaling.GroupInstanceRefreshArgs(
strategy="Rolling",
# This triggers Instance Refresh everytime invoked
# triggers = ["launch_template"]
),
# tags = tags_list,
# target_group_arns = resource_target_group_arns
)
# NOTE Auto Scaling Group ID Dictionary
# Update resource dictionaries
asg_ids_dict.update(
{autoscaling_group._name: autoscaling_group.id})
def Record(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for r53_record_name, r53_record_configuration in resource_specs[
"record"].items():
# Route53 Record Dynamic Variables
resource_name = r53_record_name
# Resetting all optional variables
# with the default value None
resource_record_type = \
resource_record_zone_id = \
resource_record_target = \
resource_record_ttl = None
# Cheking the documents content, if present
# we will be assigning their values to our variables,
# otherwise we'll set them to None
resource_record_type = r53_record_configuration[
"type"] if "type" in r53_record_configuration else None
resource_record_zone_type = r53_record_configuration[
"zone_type"] if "zone_type" in r53_record_configuration else None
resource_record_zone_id = r53_record_configuration[
"zone_name"] if "zone_name" in r53_record_configuration else None
resource_record_target = r53_record_configuration[
"target"] if "target" in r53_record_configuration else None
resource_record_ttl = r53_record_configuration[
"ttl"] if "ttl" in r53_record_configuration else None
# Check record value type
for each_record_target_type, each_record_target_value in resource_record_target.items(
):
# print(each_record_target_type)
if each_record_target_type.lower() == "cname":
resource_record_value = each_record_target_value
elif each_record_target_type.lower() == "a":
resource_record_value = each_record_target_value
elif each_record_target_type.lower() == "eip":
resource_record_value = each_record_target_value
elif each_record_target_type.lower() == "ec2":
resource_record_value = each_record_target_value
elif each_record_target_type.lower() == "efs":
efs_dns = EFS.DNSName()
resource_record_target_name = efs_dns[str(
resource_record_target["efs"])]
resource_record_value = resource_record_target_name
# Get ZoneId being Public or Private
if resource_record_zone_type.lower() == "public":
route53_zone_id = Route53.PublicZoneId()
this_route53_zone_id = route53_zone_id[str(
resource_record_zone_id)]
elif resource_record_zone_type.lower() == "private":
route53_zone_id = Route53.PrivateZoneId()
this_route53_zone_id = route53_zone_id[str(
resource_record_zone_id)]
# Create Route53 Record
route53_record = route53.Record(resource_name,
name=resource_name,
type=resource_record_type,
zone_id=this_route53_zone_id,
records=[resource_record_value],
ttl=resource_record_ttl)
pulumi.export(resource_name, [{
"ID": route53_record.id,
"FQDN": route53_record.fqdn
}])
route53_record_ids_dict.update(
{route53_record._name: route53_record.id})
def TargetGroup(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_vpc_id = VPCs.VPCId()
aws_ec2_id = EC2.EC2Id()
for target_group_name, target_group_configuration in resource_specs[
"targetgroup"].items():
# AWS Target Group Dynamic Variables
resource_name = target_group_name
resource_port = target_group_configuration["port"]
resource_protocol = target_group_configuration["protocol"]
resource_vpc = target_group_configuration["vpc"]
resource_tags = None
resource_tags = target_group_configuration[
"tags"] if "tags" in target_group_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_vpc = aws_vpc_id[str(resource_vpc)]
# Create Instance Target Group
target_group = lb.TargetGroup(resource_name,
name=resource_name,
port=resource_port,
protocol=resource_protocol,
vpc_id=this_vpc,
tags=tags_list)
target_group_ids_dict.update({target_group._name: target_group.id})
# Export the name of each Instance Target Group
pulumi.export(resource_name, target_group.id)
# Target Group Attachments / Targets
target_group_attachment_index = 0
for each_tg_instance in target_group_configuration["instances"]:
target_group_attachment_index = target_group_attachment_index + 1
this_ec2 = aws_ec2_id[str(each_tg_instance)]
target_group_attachment = lb.TargetGroupAttachment(
(resource_name + "-at-" +
str(target_group_attachment_index)),
target_group_arn=target_group.arn,
target_id=this_ec2,
port=resource_port)
def Cluster():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_iam_role_arn = IAM.RoleARN()
aws_sgs_ids = SecurityGroups.SecurityGroupId()
#
# EKS Cluster
#
for eks_cluster_name, eks_cluster_configuration in resource_specs[
"cluster"].items():
# AWS EKS Cluster Dynamic Variables
resource_cluster_name = eks_cluster_name
resource_cluster_version = eks_cluster_configuration[
"version"] if "version" in eks_cluster_configuration else None
resource_cluster_role_arn = eks_cluster_configuration[
"role"] if "role" in eks_cluster_configuration else None
resource_cluster_subnets = eks_cluster_configuration[
"subnets"] if "subnets" in eks_cluster_configuration else None
resource_cluster_security_groups = eks_cluster_configuration[
"security_groups"] if "security_groups" in eks_cluster_configuration else None
resource_cluster_endpoint_private_access = eks_cluster_configuration[
"endpoint_private_access"] if "endpoint_private_access" in eks_cluster_configuration else None
resource_cluster_endpoint_public_access = eks_cluster_configuration[
"endpoint_public_access"] if "endpoint_public_access" in eks_cluster_configuration else None
resource_cluster_public_access_cidrs = eks_cluster_configuration[
"public_access_cidrs"] if "public_access_cidrs" in eks_cluster_configuration else None
resource_cluster_tags = None
resource_cluster_tags = eks_cluster_configuration[
"tags"] if "tags" in eks_cluster_configuration else None
# Getting list of tags from configuration file
cluster_tags_list = {}
if resource_cluster_tags is not None:
for each_tag_name, each_tag_value in resource_cluster_tags.items(
):
cluster_tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
cluster_tags_list.update({"Name": resource_cluster_name})
cluster_tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
cluster_tags_list.update(resource_mandatory_tags)
# Get EKS Cluster IAM Role
this_cluster_iam_role = aws_iam_role_arn[str(
resource_cluster_role_arn)]
# Getting the list of subnets needed for EKS Cluster
eks_cluster_subnets_list = []
for each_eks_cluster_subnet in resource_cluster_subnets:
eks_cluster_subnets_list.append(
aws_subnet_id[str(each_eks_cluster_subnet)])
# Getting security groups for EKS Cluster
eks_cluster_security_groups_list = []
for each_eks_cluster_security_group in resource_cluster_security_groups:
eks_cluster_security_groups_list.append(
aws_sgs_ids[str(each_eks_cluster_security_group)])
# Getting the list of public access cidrs for EKS Cluster
eks_cluster_public_access_cidrs_list = []
for each_eks_cluster_public_access_cidr in resource_cluster_public_access_cidrs:
eks_cluster_public_access_cidrs_list.append(
str(each_eks_cluster_public_access_cidr))
eks_cluster = eks.Cluster(
resource_cluster_name,
name=resource_cluster_name,
version=resource_cluster_version,
role_arn=this_cluster_iam_role,
vpc_config={
'endpoint_private_access':
resource_cluster_endpoint_private_access,
'endpoint_public_access':
resource_cluster_endpoint_public_access,
'subnet_ids': eks_cluster_subnets_list,
'security_group_ids': eks_cluster_security_groups_list,
'publicAccessCidrs': eks_cluster_public_access_cidrs_list,
},
tags=cluster_tags_list)
pulumi.export(eks_cluster._name, [
eks_cluster.id, eks_cluster.arn, eks_cluster.endpoint,
eks_cluster.certificate_authority
])
#
# EKS Node Groups
#
for eks_nodegroup_name, eks_nodegroup_configuration in eks_cluster_configuration[
"nodegroup"].items():
# AWS EKS Node Group Dynamic Variables
resource_nodegroup_name = eks_nodegroup_name
resource_nodegroup_role_arn = eks_nodegroup_configuration[
"role"] if "role" in eks_nodegroup_configuration else None
resource_nodegroup_subnets = eks_nodegroup_configuration[
"subnets"] if "subnets" in eks_nodegroup_configuration else None
resource_nodegroup_instance_type = eks_nodegroup_configuration[
"instance_type"] if "instance_type" in eks_nodegroup_configuration else None
resource_nodegroup_instance_disk_size = eks_nodegroup_configuration[
"instance_disk_size"] if "instance_disk_size" in eks_nodegroup_configuration else 40
resource_nodegroup_desired_size = eks_nodegroup_configuration[
"scaling"][
"desired_size"] if "desired_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_max_size = eks_nodegroup_configuration[
"scaling"][
"max_size"] if "max_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_min_size = eks_nodegroup_configuration[
"scaling"][
"min_size"] if "min_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_ami_type = eks_nodegroup_configuration[
"ami_type"] if "ami_type" in eks_nodegroup_configuration else None
resource_nodegroup_capacity_type = eks_nodegroup_configuration[
"capacity_type"] if "capacity_type" in eks_nodegroup_configuration else None
resource_tags = None
resource_tags = eks_nodegroup_configuration[
"tags"] if "tags" in eks_nodegroup_configuration else None
# Getting list of tags from configuration file
nodegroup_tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
nodegroup_tags_list.update(
{each_tag_name: each_tag_value})
# Adding mandatory tags
nodegroup_tags_list.update({"Name": resource_nodegroup_name})
nodegroup_tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
nodegroup_tags_list.update(resource_mandatory_tags)
# Getting the list of subnets needed for EKS Node Group
eks_nodegroup_subnets_list = []
if resource_nodegroup_subnets is not None:
for each_eks_nodegroup_subnet in resource_nodegroup_subnets:
eks_nodegroup_subnets_list.append(
aws_subnet_id[str(each_eks_nodegroup_subnet)])
# Get EKS Node Group IAM Role
this_nodegroup_iam_role = aws_iam_role_arn[str(
resource_nodegroup_role_arn)]
eks_node_group = eks.NodeGroup(
resource_nodegroup_name,
cluster_name=eks_cluster.name,
node_group_name=resource_nodegroup_name,
version=resource_cluster_version,
node_role_arn=this_nodegroup_iam_role,
subnet_ids=eks_nodegroup_subnets_list,
instance_types=resource_nodegroup_instance_type,
capacity_type=resource_nodegroup_capacity_type,
disk_size=resource_nodegroup_instance_disk_size,
ami_type=resource_nodegroup_ami_type,
scaling_config=eks.NodeGroupScalingConfigArgs(
desired_size=resource_nodegroup_desired_size,
max_size=resource_nodegroup_max_size,
min_size=resource_nodegroup_min_size,
),
tags=nodegroup_tags_list)
# Export
pulumi.export(eks_node_group._name, eks_node_group.id)
def ALB(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
for alb_name, alb_configuration in resource_specs["alb"].items():
# AWS ALB Dynamic Variables
resource_specific_type = "alb"
resource_name = alb_name
resource_subnets = alb_configuration[
"subnets"] if "subnets" in alb_configuration else None
resource_security_groups = alb_configuration[
"security_groups"] if "security_groups" in alb_configuration else None
resource_deletion_protection = alb_configuration[
"deletion_protection"] if "deletion_protection" in alb_configuration else None
resource_exposure = alb_configuration[
"exposure"] if "exposure" in alb_configuration else None
resource_http2 = alb_configuration[
"http2"] if "http2" in alb_configuration else None
resource_idle_timeout = alb_configuration[
"idle_timeout"] if "idle_timeout" in alb_configuration else None
resource_listeners = alb_configuration[
"listeners"] if "listeners" in alb_configuration else None
resource_tags = None
resource_tags = alb_configuration[
"tags"] if "tags" in alb_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
resource_subnets_list = []
for each_subnet_found in resource_subnets:
resource_subnets_list.append(
aws_subnet_id[str(each_subnet_found)])
resource_security_groups_list = []
for each_security_group_found in resource_security_groups:
resource_security_groups_list.append(
aws_sg_id[str(each_security_group_found)])
# ALB exposure [internal|external]
# - internal for private connections (VPN, TGW etc.)
# - external for internet-facing / publicly exposed load balancers
if resource_exposure is not None:
if resource_exposure == "internal":
resource_exposure is False
elif resource_exposure == "external":
resource_exposure is True
else:
resource_exposure = None
# NOTE: Work in progress
# Listeners [http|https]
# if resource_listeners is not None:
# # print("Found listeners")
# for listener_protocol in resource_listeners.items():
# print(listener_protocol)
# if listener_protocol[0] == "http":
# print("HTTP Found")
# elif listener_protocol[0] == "https":
# print("HTTPS Found")
# else:
# print("No valid ALB listener found, must be 'http' or 'https'")
# FIXME:
# This needs to be reviewed as currently the subnets
# are being added in a non-dynamic fashion
alb = lb.LoadBalancer(
resource_name,
load_balancer_type="application",
name=resource_name,
subnet_mappings=[
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[0], ),
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[1], ),
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[2], ),
],
security_groups=resource_security_groups_list,
enable_deletion_protection=resource_deletion_protection,
internal=bool(resource_exposure),
enable_http2=resource_http2,
idle_timeout=resource_idle_timeout,
tags=tags_list)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_vpc_id = VPCs.VPCId()
aws_igw_id = InternetGateways.InternetGatewayId()
aws_natgw_id = NATGateways.NATGatewayId()
aws_subnet_id = Subnets.SubnetId()
for rtb_name, rtb_configuration in resource_specs.items():
# AWS Route Table Variables
resource_name = rtb_name
resource_vpc = rtb_configuration["vpc"]
resource_tags = None
resource_tags = rtb_configuration[
"tags"] if "tags" in rtb_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_vpc = aws_vpc_id[str(resource_vpc)]
#
# Create Route Table
#
aws_rtb = rtb.RouteTable(resource_name,
vpc_id=this_vpc,
tags=tags_list)
rtb_ids_dict.update({aws_rtb._name: aws_rtb.id})
# Export the name of each Route Table
pulumi.export(aws_rtb._name, aws_rtb.id)
#
# Route Table Routes
#
# Routes list
routes_list = []
for each_route_entry, each_route_entry_configuration in rtb_configuration[
"routes"].items():
# NAT Gateways
if each_route_entry_configuration[
"target_type"] == "nat_gateway":
this_natgw = aws_natgw_id[str(
each_route_entry_configuration["target"])]
routes_list.append(
rtb.Route(
(each_route_entry + "-route"),
route_table_id=aws_rtb.id,
destination_cidr_block=
each_route_entry_configuration["destination"],
nat_gateway_id=this_natgw))
# Internet Gateways
elif each_route_entry_configuration[
"target_type"] == "internet_gateway":
this_igw = aws_igw_id[str(
each_route_entry_configuration["target"])]
routes_list.append(
rtb.Route(
(each_route_entry + "-route"),
route_table_id=aws_rtb.id,
destination_cidr_block=
each_route_entry_configuration["destination"],
gateway_id=this_igw), )
else:
print("ERROR | Unsupported 'target_type' found")
for each_route_type in routes_list:
# print(each_route_entry)
rtb_route = (
each_route_type
# opts = pulumi.ResourceOptions(depends_on=[aws_rtb[resource_name]])
)
#
# Subnet Associations
#
# Checking if route-table: key is present
resource_associated_subnet = None
resource_associated_subnet = rtb_configuration[
"associated_subnets"] if "associated_subnets" in rtb_configuration else None
# If the key is present then we'll get the value
# and we'll invoke the association
if resource_associated_subnet is not None:
subnets_count = 0
for each_associated_subnet in resource_associated_subnet:
subnets_count = subnets_count + 1
this_subnet = aws_subnet_id[str(each_associated_subnet)]
route_table_association = rtb.RouteTableAssociation(
(resource_name + "-rtb-as-" +
str(subnets_count).zfill(2)),
subnet_id=this_subnet,
route_table_id=aws_rtb.id)
# Export the name of each Route Table Association
pulumi.export(route_table_association._name,
route_table_association.id)
def LaunchTemplate():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_sg_id = SecurityGroups.SecurityGroupId()
aws_keypair_id = KeyPairs.KeyPairId()
# Cheking if "auto-scaling-group:" is present in the configuration file
launch_template = resource_specs["launch-template"].items(
) if "launch-template" in resource_specs else None
# If "auto-scaling-group:" is present then we'll run all the code below
if launch_template is not None:
# Loop through all Launch Templates defined
for launch_template_name, launch_template_configuration in launch_template:
# If there's any configuration then we'll execute the
# code below, else we'll pass the execution
if launch_template_configuration is not None:
# AWS Launch Template Dynamic Variables
# Resource Name
resource_name = launch_template_name
# AWS Launch Template configuration and its Default values
resource_description = launch_template_configuration[
"description"] if "description" in launch_template_configuration else None
resource_instance_type = launch_template_configuration[
"instance-type"] if "instance-type" in launch_template_configuration else None
resource_ami = launch_template_configuration[
"ami"] if "ami" in launch_template_configuration else None
resource_key = launch_template_configuration[
"key"] if "key" in launch_template_configuration else None
resource_ebs_optimized = launch_template_configuration[
"ebs-optimized"] if "ebs-optimized" in launch_template_configuration else True
resource_termination_protection = launch_template_configuration[
"termination-protection"] if "termination-protection" in launch_template_configuration else False
resource_security_groups = launch_template_configuration[
"security-groups"] if "security-groups" in launch_template_configuration else None
resource_user_data = launch_template_configuration[
"user-data"] if "user-data" in launch_template_configuration else None
resource_update_default_version = launch_template_configuration[
"update-default-version"] if "update-default-version" in launch_template_configuration else True
# Resource Tags and its Default values
resource_tags = None
resource_tags = launch_template_configuration[
"tags"] if "tags" in launch_template_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items(
):
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
# Check if the KeyPair is provided or not
if resource_key is None:
this_keypair = None
else:
this_keypair = aws_keypair_id[str(resource_key)]
# Getting the list of security groups found
security_groups_list = []
for each_security_group_found in resource_security_groups:
this_security_group = aws_sg_id[str(
each_security_group_found)]
security_groups_list.append(this_security_group)
# Encode "user_data" to base64 format
# Ref: https://stackoverflow.com/a/42759842
user_data_base64 = b64encode(
resource_user_data.encode("ascii")).decode("ascii")
new_launch_template = ec2.LaunchTemplate(
resource_name,
description=resource_description,
instance_type=resource_instance_type,
image_id=resource_ami,
key_name=this_keypair,
ebs_optimized=resource_ebs_optimized,
disable_api_termination=resource_termination_protection,
vpc_security_group_ids=security_groups_list,
# It has to be base64 encoded
user_data=user_data_base64,
tags=tags_list,
update_default_version=resource_update_default_version)
# NOTE Launch Templates ID Dictionary
# Update resource dictionaries
lt_ids_dict.update(
{new_launch_template._name: new_launch_template.id})
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
# aws_keypair_id = KeyPairs.KeyPairId()
for efs_name, efs_configuration in resource_specs.items():
# Resource Name
resource_name = efs_name
# File System Configuration and its Default values
resource_file_system = efs_configuration["file-system"] if "file-system" in efs_configuration else None
resource_file_system_encryption = resource_file_system["encrypted"] if "encrypted" in resource_file_system else True
resource_file_system_performance_mode = resource_file_system["performance_mode"] if "performance_mode" in resource_file_system else "generalPurpose"
# Target Configuration and its Default values
resource_target = efs_configuration["target"] if "target" in efs_configuration else None
resource_target_vpc = resource_target["vpc"] if "vpc" in resource_target else None
resource_target_subnets = resource_target["subnets"] if "subnets" in resource_target else None
resource_target_security_groups = resource_target["security_groups"] if "security_groups" in resource_target else None
# Resource Tags and its Default values
resource_tags = None
resource_tags = efs_configuration["tags"] if "tags" in efs_configuration else None
# Get the list of subnets from the configuration file
# subnets_list = []
# for each_subnet_found in resource_target_subnets:
# this_subnet = aws_subnet_id[str(each_subnet_found)]
# subnets_list.append(this_subnet)
# Getting the list of security groups found
security_groups_list = []
for each_security_group_found in resource_target_security_groups:
this_security_group = aws_sg_id[str(each_security_group_found)]
security_groups_list.append(this_security_group)
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
#
# Create EFS Resource
#
# EFS File System
efs_file_system = efs.FileSystem(
resource_name,
encrypted = resource_file_system_encryption,
performance_mode = resource_file_system_performance_mode,
tags = tags_list,
)
# Return a list of all EFSs created
efs_ids_dict.update({efs_file_system._name: efs_file_system.id})
# Create Target(s) based on the number of
# Subnets found in the configuration file
target_index = 0
for each_subnet in resource_target_subnets:
target_index = target_index + 1
this_subnet = aws_subnet_id[str(each_subnet)]
target_name = (resource_name+str("-target-" + str(target_index).zfill(2)))
efs_target = efs.MountTarget(
target_name,
file_system_id = efs_file_system.id,
subnet_id = this_subnet,
security_groups = security_groups_list
)
def Redis(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_elasticache_subnet_group_id = Elasticache.SubnetGroupId()
aws_sg_id = SecurityGroups.SecurityGroupId()
for elasticache_redis_name, elasticache_redis_configuration in resource_specs[
"redis"].items():
# AWS EC2 Dynamic Variables
resource_specific_type = "redis"
resource_name = elasticache_redis_name
resource_number_of_nodes = elasticache_redis_configuration[
"number_of_nodes"]
resource_node_type = elasticache_redis_configuration["node_type"]
resource_engine_version = elasticache_redis_configuration[
"engine_version"]
resource_port = elasticache_redis_configuration["port"]
resource_subnet_group = elasticache_redis_configuration[
"subnet_group"]
resource_parameter_group = elasticache_redis_configuration[
"parameter_group"]
resource_security_groups = elasticache_redis_configuration[
"security_groups"]
resource_tags = None
resource_tags = elasticache_redis_configuration[
"tags"] if "tags" in elasticache_redis_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
resource_security_groups_list = []
this_subnet_group = aws_elasticache_subnet_group_id[str(
resource_subnet_group)]
for each_security_group_found in resource_security_groups:
resource_security_groups_list.append(
aws_sg_id[str(each_security_group_found)])
# this_security_group = aws_sg_id[str(resource_security_groups)]
redis = elasticache.Cluster(
resource_name,
engine=resource_specific_type,
num_cache_nodes=resource_number_of_nodes,
node_type=resource_node_type,
engine_version=resource_engine_version,
port=resource_port,
subnet_group_name=this_subnet_group,
parameter_group_name=resource_parameter_group,
security_group_ids=resource_security_groups_list,
tags=tags_list)
def Cluster(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_docdb_sng_id = DocumentDB.SubnetGroupId()
aws_docdb_pg_id = DocumentDB.ParameterGroupId()
aws_sg_id = SecurityGroups.SecurityGroupId()
for docdb_name, docdb_configuration in resource_specs["cluster"].items():
# AWS DocumentDB Dynamic Variables
resource_name = (docdb_name + "-cluster")
resource_identifier = (docdb_name + "-cluster")
resource_engine = docdb_configuration["engine"]
resource_engine_version = docdb_configuration["engine_version"]
resource_az = docdb_configuration["az"]
resource_subnet_group = docdb_configuration["subnet_group"]
resource_parameter_group = docdb_configuration["parameter_group"]
resource_security_groups = docdb_configuration["security_groups"]
resource_port = docdb_configuration["port"]
resource_master_username = docdb_configuration["master_username"]
resource_master_password = docdb_configuration["master_password"]
resource_backup_retention_period = docdb_configuration["backup_retention_period"]
resource_preferred_backup_window = docdb_configuration["preferred_backup_window"]
resource_preferred_maintenance_window = docdb_configuration["preferred_maintenance_window"]
resource_deletion_protection = docdb_configuration["deletion_protection"]
resource_apply_immediately = docdb_configuration["apply_immediately"]
resource_skip_final_snapshot = docdb_configuration["skip_final_snapshot"]
resource_tags = None
resource_tags = docdb_configuration["tags"] if "tags" in docdb_configuration else None
this_subnet_group = aws_docdb_sng_id[str(resource_subnet_group)]
this_parameter_group = aws_docdb_pg_id[str(resource_parameter_group)]
security_groups_list = []
# Get the password from Pulumi Config
resource_retrieved_password = config.require_secret(resource_master_password)
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
for each_security_group_found in resource_security_groups:
this_security_group = aws_sg_id[str(each_security_group_found)]
security_groups_list.append(this_security_group)
documentdb = docdb.Cluster(
resource_name,
cluster_identifier = resource_identifier,
engine = resource_engine,
engine_version = resource_engine_version,
availability_zones = resource_az,
db_subnet_group_name = this_subnet_group,
db_cluster_parameter_group_name = this_parameter_group,
vpc_security_group_ids = security_groups_list,
port = resource_port,
master_username = resource_master_username,
master_password = resource_retrieved_password,
backup_retention_period = resource_backup_retention_period,
preferred_backup_window = resource_preferred_backup_window,
preferred_maintenance_window = resource_preferred_maintenance_window,
deletion_protection = resource_deletion_protection,
skip_final_snapshot = resource_skip_final_snapshot,
apply_immediately = resource_apply_immediately,
tags = tags_list
)
for number_of_instances in range (1, int(docdb_configuration["instances"]["number_of_instances"])+1):
resource_instance_name = (docdb_name + "-instance" + str("-" + str(number_of_instances)).zfill(4))
resource_instance_class = docdb_configuration["instances"]["instance_class"]
instance_tags_list = {}
instance_tags_list.update({"Name": resource_instance_name})
instance_tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
instance_tags_list.update(resource_mandatory_tags)
cluster_instance = docdb.ClusterInstance(
resource_instance_name,
identifier = resource_instance_name,
cluster_identifier = documentdb.id,
instance_class = resource_instance_class,
tags = instance_tags_list
)
pulumi.export(documentdb._name, [("Cluster ID:", documentdb.id), ("Cluster Endpoint:", documentdb.endpoint)])
def Instance():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
aws_keypair_id = KeyPairs.KeyPairId()
for ec2_instance_name, ec2_instance_configuration in resource_specs[
"instance"].items():
# AWS EC2 Dynamic Variables
resource_name = ec2_instance_name
resource_number_of_instances = ec2_instance_configuration[
"number_of_instances"] if "number_of_instances" in ec2_instance_configuration else 1
resource_ami = ec2_instance_configuration[
"ami"] if "ami" in ec2_instance_configuration else None
resource_instance_type = ec2_instance_configuration[
"instance_type"] if "instance_type" in ec2_instance_configuration else None
resource_subnet = ec2_instance_configuration[
"subnet"] if "subnet" in ec2_instance_configuration else None
resource_security_groups = ec2_instance_configuration[
"security_groups"] if "security_groups" in ec2_instance_configuration else None
resource_ebs_optimization = ec2_instance_configuration[
"ebs_optimization"] if "ebs_optimization" in ec2_instance_configuration else None
resource_root_disk_volume_type = ec2_instance_configuration[
"root_disk"][
"volume_type"] if "volume_type" in ec2_instance_configuration[
"root_disk"] else None
resource_root_disk_volume_size = ec2_instance_configuration[
"root_disk"][
"volume_size"] if "volume_size" in ec2_instance_configuration[
"root_disk"] else None
resource_additional_disks = ec2_instance_configuration[
"additional_disks"] if "additional_disks" in ec2_instance_configuration else None
resource_public_ipv4_address = ec2_instance_configuration[
"public_ipv4_address"] if "public_ipv4_address" in ec2_instance_configuration else None
resource_keypair = ec2_instance_configuration[
"ssh_key"] if "ssh_key" in ec2_instance_configuration else None
resource_user_data = ec2_instance_configuration[
"user_data"] if "user_data" in ec2_instance_configuration else None
resource_password_data = ec2_instance_configuration[
"password"] if "password" in ec2_instance_configuration else None
resource_tags = None
resource_tags = ec2_instance_configuration[
"tags"] if "tags" in ec2_instance_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_subnet = aws_subnet_id[str(resource_subnet)]
# Check if the KeyPair is provided or not
if resource_keypair is not None:
this_keypair = aws_keypair_id[str(resource_keypair)]
# Getting the list of security groups found
security_groups_list = []
for each_security_group_found in resource_security_groups:
this_security_group = aws_sg_id[str(each_security_group_found)]
security_groups_list.append(this_security_group)
for number_of_instances in range(
1,
int(resource_number_of_instances) + 1):
if resource_number_of_instances > 1:
resource_final_name = (
resource_name +
str("-" + str(number_of_instances)).zfill(4))
else:
resource_final_name = resource_name
#
# Create EC2
#
ec2_instance = ec2.Instance(
resource_final_name,
ami=resource_ami,
instance_type=resource_instance_type,
associate_public_ip_address=resource_public_ipv4_address,
subnet_id=this_subnet,
vpc_security_group_ids=security_groups_list,
key_name=this_keypair,
ebs_optimized=resource_ebs_optimization,
root_block_device={
"volume_type": resource_root_disk_volume_type,
"volume_size": resource_root_disk_volume_size
},
user_data=resource_user_data,
get_password_data=resource_password_data,
tags=tags_list)
#
# Additional Disks (EBS Volumes)
#
if resource_additional_disks is not None:
# This variable is used down below
# by Volume Attachment
additional_disks_found = 0
for additional_disk_name, additional_disk_config in resource_additional_disks.items(
):
if additional_disk_name is not None:
# Setting up the default values
# for each individual EBS volume
default_additional_disk_config_az = ec2_instance.availability_zone
default_additional_disk_config_type = "gp2"
default_additional_disk_config_size = 20
if additional_disk_config is not None:
additional_disk_config_az = additional_disk_config[
"availability_zone"] if "availability_zone" in additional_disk_config else default_additional_disk_config_az
additional_disk_config_type = additional_disk_config[
"volume_type"] if "volume_type" in additional_disk_config else default_additional_disk_config_type
additional_disk_config_size = additional_disk_config[
"volume_size"] if "volume_size" in additional_disk_config else default_additional_disk_config_size
else:
additional_disk_config_az = default_additional_disk_config_az
additional_disk_config_type = default_additional_disk_config_type
additional_disk_config_size = default_additional_disk_config_size
# Create EBS Volume
ebs_volume = ebs.Volume(
additional_disk_name,
availability_zone=additional_disk_config_az,
type=additional_disk_config_type,
size=additional_disk_config_size,
tags={
"Name": additional_disk_name,
})
#
# EBS Volume Attachment
#
additional_disks_letter = range(
98, 123) # Getting a letter between 'b' and 'z'
additional_disk_assigned_letter = additional_disks_letter[
additional_disks_found]
additional_disk_device_lettet = "/dev/sd{:c}".format(
additional_disk_assigned_letter)
ebs_attachment = ec2.VolumeAttachment(
(additional_disk_name + "-attachment"),
device_name=additional_disk_device_lettet,
volume_id=ebs_volume.id,
instance_id=ec2_instance.id)
additional_disks_found = additional_disks_found + 1
# NOTE EC2 ID Dictionary
# Update resource dictionaries
ec2_ids_dict.update({ec2_instance._name: ec2_instance.id})
# NOTE Values Test
# Print statements below are used only for
# testing the functionality, can be ignored
# print("Instance name:", ec2_instance._name)
# print("Instance ID:", ec2_instance.id)
# Export the name of each EC2 Instance
pulumi.export(
ec2_instance._name,
[{
"ID": ec2_instance.id,
"ARN": ec2_instance.arn,
"State": ec2_instance.instance_state,
"Password (Windows)": ec2_instance.password_data,
"Private DNS": ec2_instance.private_dns,
"Public DNS": ec2_instance.public_dns,
"Public IP": ec2_instance.public_ip,
"Primary ENI":
ec2_instance.primary_network_interface_id
}])
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for sqs_queue_name, sqs_queue_configuration in resource_specs.items():
sqs_queue_configuration = sqs_queue_configuration if sqs_queue_configuration else {}
resource_name = sqs_queue_name
resource_tags = None
resource_tags = sqs_queue_configuration[
"tags"] if "tags" in sqs_queue_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
fifo_queue = sqs_queue_configuration[
"fifo_queue"] if "fifo_queue" in sqs_queue_configuration else None
content_based_deduplication = sqs_queue_configuration[
"content_based_deduplication"] if "content_based_deduplication" in sqs_queue_configuration else None
delay_seconds = sqs_queue_configuration[
"delay_seconds"] if "delay_seconds" in sqs_queue_configuration else None
max_message_size = sqs_queue_configuration[
"max_message_size_bytes"] if "max_message_size_bytes" in sqs_queue_configuration else None
message_retention_seconds = sqs_queue_configuration[
"message_retention_seconds"] if "message_retention_seconds" in sqs_queue_configuration else None
receive_wait_time_seconds = sqs_queue_configuration[
"receive_wait_time_seconds"] if "receive_wait_time_seconds" in sqs_queue_configuration else None
visibility_timeout_seconds = sqs_queue_configuration[
"visibility_timeout_seconds"] if "visibility_timeout_seconds" in sqs_queue_configuration else None
source_sns_topic_arn = sqs_queue_configuration[
"source_sns_topic_arn"] if "source_sns_topic_arn" in sqs_queue_configuration else None
# Create SQSs
queue = sqs.Queue(
resource_name,
fifo_queue=fifo_queue,
content_based_deduplication=content_based_deduplication,
delay_seconds=delay_seconds,
max_message_size=max_message_size,
message_retention_seconds=message_retention_seconds,
receive_wait_time_seconds=receive_wait_time_seconds,
visibility_timeout_seconds=visibility_timeout_seconds,
tags=tags_list)
sqs_queue_by_name[resource_name] = queue
# Export
pulumi.export(queue._name, queue.id)
if source_sns_topic_arn is not None:
arn = sqs_queue_by_name[resource_name].arn
sqs_policy = iam.get_policy_document(
policy_id="__default_policy_ID",
statements=[
iam.GetPolicyDocumentStatementArgs(
actions=["sqs:SendMessage"],
resources=[arn],
effect="Allow",
principals=[
iam.GetPolicyDocumentStatementPrincipalArgs(
type="Service",
identifiers=["sns.amazonaws.com"])
],
conditions=[
iam.GetPolicyDocumentStatementConditionArgs(
test="ArnEquals",
variable="aws:SourceArn",
values=source_sns_topic_arn,
)
],
)
])
policy = sqs.QueuePolicy(resource_name,
queue_url=queue.id,
policy=sqs_policy.json)
pulumi.export(resource_name + "-policy", policy.policy)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
for lambda_name, config in resource_specs.items():
config = config if config else {}
resource_name = lambda_name
resource_tags = config.get("tags")
resource_env = config.get("environment")
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Generating ENV vars
env_list = {}
if resource_env is not None:
for each_env_name, each_env_value in resource_env.items():
env_list.update({each_env_name: each_env_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
lambda_function = lambda_.Function(
lambda_name,
environment=lambda_.FunctionEnvironmentArgs(
variables=env_list),
handler=config.get("handler"),
s3_bucket=config.get("s3_bucket"),
s3_key=config.get("s3_key"),
s3_object_version=config.get("s3_object_version"),
memory_size=config.get("memory_size"),
publish=config.get("publish"),
reserved_concurrent_executions=config.get(
"reserved_concurrent_executions"),
role=IAM.RoleARN()[config.get("role")],
runtime=config.get("runtime"),
timeout=config.get("timeout"),
tags=tags_list)
# Export
pulumi.export(lambda_function._name, lambda_function.id)
# Event source mappings
for mapping_name, mapping_config in config.get(
"event_source_mapping").items():
event_source = mapping_config["event_source"]
assert event_source.get(
"type"
) == "sqs", "Just sqs is currently supported as event source mapping. You're welcome to implement more."
source_arn = SQS.ByName()[event_source["name"]].arn
mapping = lambda_.EventSourceMapping(
mapping_name,
event_source_arn=source_arn,
function_name=lambda_function.arn,
batch_size=mapping_config.get("batch_size"))
pulumi.export(mapping_name, mapping.id)
lambdas_by_name[lambda_name] = lambda_function
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_vpc_id = VPCs.VPCId()
for sg_name, sg_configuration in resource_specs.items():
# AWS Security Groups Dynamic Variables
resource_name = sg_name
resource_description = sg_configuration["description"]
resource_vpc = sg_configuration["vpc"]
resource_ingress_rules = sg_configuration["ingress"]
resource_egress_rules = sg_configuration["egress"]
resource_tags = None
resource_tags = sg_configuration[
"tags"] if "tags" in sg_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_vpc = aws_vpc_id[str(resource_vpc)]
# Empty dictionaries that'll be populated with rules
# coming from each individual security group,
# being ingress or egress
ingress_rules_list = {}
egress_rules_list = {}
# Gathering all ingress rules and return the results
# to the right dictionary defined above
for each_ingress_rule in resource_ingress_rules.items():
for each_ingress_rule_key, each_ingress_rule_value in [
each_ingress_rule
]:
ingress_rules_list.update(
{each_ingress_rule_key: each_ingress_rule_value})
combined_ingress_rules = list(ingress_rules_list.values())
# Gathering all egress rules and return the results
# to the right dictionary defined above
for each_egress_rule in resource_egress_rules.items():
for each_egress_rule_key, each_egress_rule_value in [
each_egress_rule
]:
egress_rules_list.update(
{each_egress_rule_key: each_egress_rule_value})
combined_egress_rules = list(egress_rules_list.values())
# Create Security Group
security_group = net.SecurityGroup(
resource_name,
description=resource_description,
name=resource_name,
vpc_id=this_vpc,
ingress=combined_ingress_rules,
egress=combined_egress_rules,
tags=tags_list)
# Update resource dictionary
sg_ids_dict.update({security_group._name: security_group.id})
# Exporting each security group created for future reference
pulumi.export(security_group._name, security_group.id)
