def SubnetGroup(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
for subnetgroup_name, subnetgroup_configuration in resource_specs[
"subnet-group"].items():
# AWS Elasticache Subnet Group Dynamic Variables
resource_name = subnetgroup_name
resource_description = subnetgroup_configuration["description"]
resource_subnet_ids = subnetgroup_configuration["subnets"]
resource_subnets_list = []
for each_subnet_found in resource_subnet_ids:
resource_subnets_list.append(
aws_subnet_id[str(each_subnet_found)])
subnetgroup = elasticache.SubnetGroup(
resource_name,
description=resource_description,
subnet_ids=resource_subnets_list)
subnetgroup_ids_dict.update({subnetgroup._name: subnetgroup.id})
# Exporting each Elasticache Subnet Group created for future reference
pulumi.export(subnetgroup._name, subnetgroup.id)
def SubnetGroup(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
for subnetgroup_name, subnetgroup_configuration in resource_specs["subnet-group"].items():
# AWS DocumentDB Subnet Group Dynamic Variables
resource_name = subnetgroup_name
resource_description = subnetgroup_configuration["description"]
resource_subnet_ids = subnetgroup_configuration["subnets"]
resource_tags = None
resource_tags = subnetgroup_configuration["tags"] if "tags" in subnetgroup_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
resource_subnets_list = []
for each_subnet_found in resource_subnet_ids:
resource_subnets_list.append(aws_subnet_id[str(each_subnet_found)])
subnetgroup = docdb.SubnetGroup(
resource_name,
description = resource_description,
subnet_ids = resource_subnets_list,
tags = tags_list
)
# Update resource dictionaries
subnetgroup_ids_dict.update({subnetgroup._name: subnetgroup.id})
# Export
pulumi.export(subnetgroup._name, subnetgroup.id)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_eip_id = ElasticIPs.ElasticIPId()
for natgw_name, natgw_configuration in resource_specs.items():
# AWS NAT Gateway Variables
resource_name = natgw_name
resource_subnet = natgw_configuration["subnet"]
resource_eip = natgw_configuration["elastic_ip"]
resource_tags = None
resource_tags = natgw_configuration[
"tags"] if "tags" in natgw_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_subnet = aws_subnet_id[str(resource_subnet)]
this_eip = aws_eip_id[str(resource_eip)]
aws_natgw = net.NatGateway(resource_name,
subnet_id=this_subnet,
allocation_id=this_eip,
tags=tags_list)
# Update resource dictionaries
natgw_ids_dict.update({aws_natgw._name: aws_natgw.id})
# Export
pulumi.export(aws_natgw._name, aws_natgw.id)
def Cluster():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_iam_role_arn = IAM.RoleARN()
aws_sgs_ids = SecurityGroups.SecurityGroupId()
#
# EKS Cluster
#
for eks_cluster_name, eks_cluster_configuration in resource_specs[
"cluster"].items():
# AWS EKS Cluster Dynamic Variables
resource_cluster_name = eks_cluster_name
resource_cluster_version = eks_cluster_configuration[
"version"] if "version" in eks_cluster_configuration else None
resource_cluster_role_arn = eks_cluster_configuration[
"role"] if "role" in eks_cluster_configuration else None
resource_cluster_subnets = eks_cluster_configuration[
"subnets"] if "subnets" in eks_cluster_configuration else None
resource_cluster_security_groups = eks_cluster_configuration[
"security_groups"] if "security_groups" in eks_cluster_configuration else None
resource_cluster_endpoint_private_access = eks_cluster_configuration[
"endpoint_private_access"] if "endpoint_private_access" in eks_cluster_configuration else None
resource_cluster_endpoint_public_access = eks_cluster_configuration[
"endpoint_public_access"] if "endpoint_public_access" in eks_cluster_configuration else None
resource_cluster_public_access_cidrs = eks_cluster_configuration[
"public_access_cidrs"] if "public_access_cidrs" in eks_cluster_configuration else None
resource_cluster_tags = None
resource_cluster_tags = eks_cluster_configuration[
"tags"] if "tags" in eks_cluster_configuration else None
# Getting list of tags from configuration file
cluster_tags_list = {}
if resource_cluster_tags is not None:
for each_tag_name, each_tag_value in resource_cluster_tags.items(
):
cluster_tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
cluster_tags_list.update({"Name": resource_cluster_name})
cluster_tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
cluster_tags_list.update(resource_mandatory_tags)
# Get EKS Cluster IAM Role
this_cluster_iam_role = aws_iam_role_arn[str(
resource_cluster_role_arn)]
# Getting the list of subnets needed for EKS Cluster
eks_cluster_subnets_list = []
for each_eks_cluster_subnet in resource_cluster_subnets:
eks_cluster_subnets_list.append(
aws_subnet_id[str(each_eks_cluster_subnet)])
# Getting security groups for EKS Cluster
eks_cluster_security_groups_list = []
for each_eks_cluster_security_group in resource_cluster_security_groups:
eks_cluster_security_groups_list.append(
aws_sgs_ids[str(each_eks_cluster_security_group)])
# Getting the list of public access cidrs for EKS Cluster
eks_cluster_public_access_cidrs_list = []
for each_eks_cluster_public_access_cidr in resource_cluster_public_access_cidrs:
eks_cluster_public_access_cidrs_list.append(
str(each_eks_cluster_public_access_cidr))
eks_cluster = eks.Cluster(
resource_cluster_name,
name=resource_cluster_name,
version=resource_cluster_version,
role_arn=this_cluster_iam_role,
vpc_config={
'endpoint_private_access':
resource_cluster_endpoint_private_access,
'endpoint_public_access':
resource_cluster_endpoint_public_access,
'subnet_ids': eks_cluster_subnets_list,
'security_group_ids': eks_cluster_security_groups_list,
'publicAccessCidrs': eks_cluster_public_access_cidrs_list,
},
tags=cluster_tags_list)
pulumi.export(eks_cluster._name, [
eks_cluster.id, eks_cluster.arn, eks_cluster.endpoint,
eks_cluster.certificate_authority
])
#
# EKS Node Groups
#
for eks_nodegroup_name, eks_nodegroup_configuration in eks_cluster_configuration[
"nodegroup"].items():
# AWS EKS Node Group Dynamic Variables
resource_nodegroup_name = eks_nodegroup_name
resource_nodegroup_role_arn = eks_nodegroup_configuration[
"role"] if "role" in eks_nodegroup_configuration else None
resource_nodegroup_subnets = eks_nodegroup_configuration[
"subnets"] if "subnets" in eks_nodegroup_configuration else None
resource_nodegroup_instance_type = eks_nodegroup_configuration[
"instance_type"] if "instance_type" in eks_nodegroup_configuration else None
resource_nodegroup_instance_disk_size = eks_nodegroup_configuration[
"instance_disk_size"] if "instance_disk_size" in eks_nodegroup_configuration else 40
resource_nodegroup_desired_size = eks_nodegroup_configuration[
"scaling"][
"desired_size"] if "desired_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_max_size = eks_nodegroup_configuration[
"scaling"][
"max_size"] if "max_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_min_size = eks_nodegroup_configuration[
"scaling"][
"min_size"] if "min_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_ami_type = eks_nodegroup_configuration[
"ami_type"] if "ami_type" in eks_nodegroup_configuration else None
resource_nodegroup_capacity_type = eks_nodegroup_configuration[
"capacity_type"] if "capacity_type" in eks_nodegroup_configuration else None
resource_tags = None
resource_tags = eks_nodegroup_configuration[
"tags"] if "tags" in eks_nodegroup_configuration else None
# Getting list of tags from configuration file
nodegroup_tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
nodegroup_tags_list.update(
{each_tag_name: each_tag_value})
# Adding mandatory tags
nodegroup_tags_list.update({"Name": resource_nodegroup_name})
nodegroup_tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
nodegroup_tags_list.update(resource_mandatory_tags)
# Getting the list of subnets needed for EKS Node Group
eks_nodegroup_subnets_list = []
if resource_nodegroup_subnets is not None:
for each_eks_nodegroup_subnet in resource_nodegroup_subnets:
eks_nodegroup_subnets_list.append(
aws_subnet_id[str(each_eks_nodegroup_subnet)])
# Get EKS Node Group IAM Role
this_nodegroup_iam_role = aws_iam_role_arn[str(
resource_nodegroup_role_arn)]
eks_node_group = eks.NodeGroup(
resource_nodegroup_name,
cluster_name=eks_cluster.name,
node_group_name=resource_nodegroup_name,
version=resource_cluster_version,
node_role_arn=this_nodegroup_iam_role,
subnet_ids=eks_nodegroup_subnets_list,
instance_types=resource_nodegroup_instance_type,
capacity_type=resource_nodegroup_capacity_type,
disk_size=resource_nodegroup_instance_disk_size,
ami_type=resource_nodegroup_ami_type,
scaling_config=eks.NodeGroupScalingConfigArgs(
desired_size=resource_nodegroup_desired_size,
max_size=resource_nodegroup_max_size,
min_size=resource_nodegroup_min_size,
),
tags=nodegroup_tags_list)
# Export
pulumi.export(eks_node_group._name, eks_node_group.id)
def Instance():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
aws_keypair_id = KeyPairs.KeyPairId()
for ec2_instance_name, ec2_instance_configuration in resource_specs[
"instance"].items():
# AWS EC2 Dynamic Variables
resource_name = ec2_instance_name
resource_number_of_instances = ec2_instance_configuration[
"number_of_instances"] if "number_of_instances" in ec2_instance_configuration else 1
resource_ami = ec2_instance_configuration[
"ami"] if "ami" in ec2_instance_configuration else None
resource_instance_type = ec2_instance_configuration[
"instance_type"] if "instance_type" in ec2_instance_configuration else None
resource_subnet = ec2_instance_configuration[
"subnet"] if "subnet" in ec2_instance_configuration else None
resource_security_groups = ec2_instance_configuration[
"security_groups"] if "security_groups" in ec2_instance_configuration else None
resource_ebs_optimization = ec2_instance_configuration[
"ebs_optimization"] if "ebs_optimization" in ec2_instance_configuration else None
resource_root_disk_volume_type = ec2_instance_configuration[
"root_disk"][
"volume_type"] if "volume_type" in ec2_instance_configuration[
"root_disk"] else None
resource_root_disk_volume_size = ec2_instance_configuration[
"root_disk"][
"volume_size"] if "volume_size" in ec2_instance_configuration[
"root_disk"] else None
resource_additional_disks = ec2_instance_configuration[
"additional_disks"] if "additional_disks" in ec2_instance_configuration else None
resource_public_ipv4_address = ec2_instance_configuration[
"public_ipv4_address"] if "public_ipv4_address" in ec2_instance_configuration else None
resource_keypair = ec2_instance_configuration[
"ssh_key"] if "ssh_key" in ec2_instance_configuration else None
resource_user_data = ec2_instance_configuration[
"user_data"] if "user_data" in ec2_instance_configuration else None
resource_password_data = ec2_instance_configuration[
"password"] if "password" in ec2_instance_configuration else None
resource_tags = None
resource_tags = ec2_instance_configuration[
"tags"] if "tags" in ec2_instance_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_subnet = aws_subnet_id[str(resource_subnet)]
# Check if the KeyPair is provided or not
if resource_keypair is not None:
this_keypair = aws_keypair_id[str(resource_keypair)]
# Getting the list of security groups found
security_groups_list = []
for each_security_group_found in resource_security_groups:
this_security_group = aws_sg_id[str(each_security_group_found)]
security_groups_list.append(this_security_group)
for number_of_instances in range(
1,
int(resource_number_of_instances) + 1):
if resource_number_of_instances > 1:
resource_final_name = (
resource_name +
str("-" + str(number_of_instances)).zfill(4))
else:
resource_final_name = resource_name
#
# Create EC2
#
ec2_instance = ec2.Instance(
resource_final_name,
ami=resource_ami,
instance_type=resource_instance_type,
associate_public_ip_address=resource_public_ipv4_address,
subnet_id=this_subnet,
vpc_security_group_ids=security_groups_list,
key_name=this_keypair,
ebs_optimized=resource_ebs_optimization,
root_block_device={
"volume_type": resource_root_disk_volume_type,
"volume_size": resource_root_disk_volume_size
},
user_data=resource_user_data,
get_password_data=resource_password_data,
tags=tags_list)
#
# Additional Disks (EBS Volumes)
#
if resource_additional_disks is not None:
# This variable is used down below
# by Volume Attachment
additional_disks_found = 0
for additional_disk_name, additional_disk_config in resource_additional_disks.items(
):
if additional_disk_name is not None:
# Setting up the default values
# for each individual EBS volume
default_additional_disk_config_az = ec2_instance.availability_zone
default_additional_disk_config_type = "gp2"
default_additional_disk_config_size = 20
if additional_disk_config is not None:
additional_disk_config_az = additional_disk_config[
"availability_zone"] if "availability_zone" in additional_disk_config else default_additional_disk_config_az
additional_disk_config_type = additional_disk_config[
"volume_type"] if "volume_type" in additional_disk_config else default_additional_disk_config_type
additional_disk_config_size = additional_disk_config[
"volume_size"] if "volume_size" in additional_disk_config else default_additional_disk_config_size
else:
additional_disk_config_az = default_additional_disk_config_az
additional_disk_config_type = default_additional_disk_config_type
additional_disk_config_size = default_additional_disk_config_size
# Create EBS Volume
ebs_volume = ebs.Volume(
additional_disk_name,
availability_zone=additional_disk_config_az,
type=additional_disk_config_type,
size=additional_disk_config_size,
tags={
"Name": additional_disk_name,
})
#
# EBS Volume Attachment
#
additional_disks_letter = range(
98, 123) # Getting a letter between 'b' and 'z'
additional_disk_assigned_letter = additional_disks_letter[
additional_disks_found]
additional_disk_device_lettet = "/dev/sd{:c}".format(
additional_disk_assigned_letter)
ebs_attachment = ec2.VolumeAttachment(
(additional_disk_name + "-attachment"),
device_name=additional_disk_device_lettet,
volume_id=ebs_volume.id,
instance_id=ec2_instance.id)
additional_disks_found = additional_disks_found + 1
# NOTE EC2 ID Dictionary
# Update resource dictionaries
ec2_ids_dict.update({ec2_instance._name: ec2_instance.id})
# NOTE Values Test
# Print statements below are used only for
# testing the functionality, can be ignored
# print("Instance name:", ec2_instance._name)
# print("Instance ID:", ec2_instance.id)
# Export the name of each EC2 Instance
pulumi.export(
ec2_instance._name,
[{
"ID": ec2_instance.id,
"ARN": ec2_instance.arn,
"State": ec2_instance.instance_state,
"Password (Windows)": ec2_instance.password_data,
"Private DNS": ec2_instance.private_dns,
"Public DNS": ec2_instance.public_dns,
"Public IP": ec2_instance.public_ip,
"Primary ENI":
ec2_instance.primary_network_interface_id
}])
def AutoScalingGroup():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_launch_template_id = EC2.LTId()
# aws_target_group_arn = LoadBalancer.TargetGroupArn()
# Cheking if "auto-scaling-group:" is present in the configuration file
autoscaling_group = resource_specs["auto-scaling-group"].items(
) if "auto-scaling-group" in resource_specs else None
# If "auto-scaling-group:" is present then we'll run all the code below
if autoscaling_group is not None:
for autoscaling_group_name, autoscaling_group_configuration in autoscaling_group:
# AWS Autoscaling Group Dynamic Variables
# Resource Name
resource_name = autoscaling_group_name
# Autoscaling Group Configuration and its Default values
resource_min_size = autoscaling_group_configuration[
"min-size"] if "min-size" in autoscaling_group_configuration else 1
resource_max_size = autoscaling_group_configuration[
"max-size"] if "max-size" in autoscaling_group_configuration else 1
resource_desired_capacity = autoscaling_group_configuration[
"desired-capacity"] if "desired-capacity" in autoscaling_group_configuration else 1
resource_subnets = autoscaling_group_configuration[
"subnets"] if "subnets" in autoscaling_group_configuration else None
resource_capacity_rebalance = autoscaling_group_configuration[
"capacity-rebalance"] if "capacity-rebalance" in autoscaling_group_configuration else False
resource_cooldown_period = autoscaling_group_configuration[
"cooldown-period"] if "cooldown-period" in autoscaling_group_configuration else 300
resource_health_check_type = autoscaling_group_configuration[
"health-check-type"] if "health-check-type" in autoscaling_group_configuration else None
resource_launch_template = autoscaling_group_configuration[
"launch-template"] if "launch-template" in autoscaling_group_configuration else None
resource_target_groups = autoscaling_group_configuration[
"target-groups"] if "target-groups" in autoscaling_group_configuration else None
# Resource Tags and its Default values
resource_tags = None
resource_tags = autoscaling_group_configuration[
"tags"] if "tags" in autoscaling_group_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
# List of all Subnets gathered from "subnets:" key
resource_subnets_list = []
for each_subnet_found in resource_subnets:
individual_subnet_id = aws_subnet_id[str(
each_subnet_found)]
resource_subnets_list.append(individual_subnet_id)
# Check if "launch-template" is provided or not
if resource_launch_template is not None:
this_launch_template_id = aws_launch_template_id[str(
resource_launch_template)]
# FIXME It complains about circular import
# Check if "target-groups:" is provided or not
# resource_target_group_arns = []
# if resource_target_groups is not None:
# individual_tg_arn = aws_target_group_arn[str(resource_target_groups)]
# resource_target_group_arns.append(individual_tg_arn)
# Create the Autoscaling Group
autoscaling_group = autoscaling.Group(
autoscaling_group_name,
min_size=resource_min_size,
max_size=resource_max_size,
desired_capacity=resource_desired_capacity,
vpc_zone_identifiers=resource_subnets_list,
capacity_rebalance=resource_capacity_rebalance,
default_cooldown=resource_cooldown_period,
health_check_type=resource_health_check_type,
launch_template={
"id": this_launch_template_id,
},
# NOT available using this module version
instance_refresh=autoscaling.GroupInstanceRefreshArgs(
strategy="Rolling",
# This triggers Instance Refresh everytime invoked
# triggers = ["launch_template"]
),
# tags = tags_list,
# target_group_arns = resource_target_group_arns
)
# NOTE Auto Scaling Group ID Dictionary
# Update resource dictionaries
asg_ids_dict.update(
{autoscaling_group._name: autoscaling_group.id})
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
# aws_keypair_id = KeyPairs.KeyPairId()
for efs_name, efs_configuration in resource_specs.items():
# Resource Name
resource_name = efs_name
# File System Configuration and its Default values
resource_file_system = efs_configuration["file-system"] if "file-system" in efs_configuration else None
resource_file_system_encryption = resource_file_system["encrypted"] if "encrypted" in resource_file_system else True
resource_file_system_performance_mode = resource_file_system["performance_mode"] if "performance_mode" in resource_file_system else "generalPurpose"
# Target Configuration and its Default values
resource_target = efs_configuration["target"] if "target" in efs_configuration else None
resource_target_vpc = resource_target["vpc"] if "vpc" in resource_target else None
resource_target_subnets = resource_target["subnets"] if "subnets" in resource_target else None
resource_target_security_groups = resource_target["security_groups"] if "security_groups" in resource_target else None
# Resource Tags and its Default values
resource_tags = None
resource_tags = efs_configuration["tags"] if "tags" in efs_configuration else None
# Get the list of subnets from the configuration file
# subnets_list = []
# for each_subnet_found in resource_target_subnets:
# this_subnet = aws_subnet_id[str(each_subnet_found)]
# subnets_list.append(this_subnet)
# Getting the list of security groups found
security_groups_list = []
for each_security_group_found in resource_target_security_groups:
this_security_group = aws_sg_id[str(each_security_group_found)]
security_groups_list.append(this_security_group)
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
#
# Create EFS Resource
#
# EFS File System
efs_file_system = efs.FileSystem(
resource_name,
encrypted = resource_file_system_encryption,
performance_mode = resource_file_system_performance_mode,
tags = tags_list,
)
# Return a list of all EFSs created
efs_ids_dict.update({efs_file_system._name: efs_file_system.id})
# Create Target(s) based on the number of
# Subnets found in the configuration file
target_index = 0
for each_subnet in resource_target_subnets:
target_index = target_index + 1
this_subnet = aws_subnet_id[str(each_subnet)]
target_name = (resource_name+str("-target-" + str(target_index).zfill(2)))
efs_target = efs.MountTarget(
target_name,
file_system_id = efs_file_system.id,
subnet_id = this_subnet,
security_groups = security_groups_list
)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_vpc_id = VPCs.VPCId()
aws_igw_id = InternetGateways.InternetGatewayId()
aws_natgw_id = NATGateways.NATGatewayId()
aws_subnet_id = Subnets.SubnetId()
for rtb_name, rtb_configuration in resource_specs.items():
# AWS Route Table Variables
resource_name = rtb_name
resource_vpc = rtb_configuration["vpc"]
resource_tags = None
resource_tags = rtb_configuration[
"tags"] if "tags" in rtb_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_vpc = aws_vpc_id[str(resource_vpc)]
#
# Create Route Table
#
aws_rtb = rtb.RouteTable(resource_name,
vpc_id=this_vpc,
tags=tags_list)
rtb_ids_dict.update({aws_rtb._name: aws_rtb.id})
# Export the name of each Route Table
pulumi.export(aws_rtb._name, aws_rtb.id)
#
# Route Table Routes
#
# Routes list
routes_list = []
for each_route_entry, each_route_entry_configuration in rtb_configuration[
"routes"].items():
# NAT Gateways
if each_route_entry_configuration[
"target_type"] == "nat_gateway":
this_natgw = aws_natgw_id[str(
each_route_entry_configuration["target"])]
routes_list.append(
rtb.Route(
(each_route_entry + "-route"),
route_table_id=aws_rtb.id,
destination_cidr_block=
each_route_entry_configuration["destination"],
nat_gateway_id=this_natgw))
# Internet Gateways
elif each_route_entry_configuration[
"target_type"] == "internet_gateway":
this_igw = aws_igw_id[str(
each_route_entry_configuration["target"])]
routes_list.append(
rtb.Route(
(each_route_entry + "-route"),
route_table_id=aws_rtb.id,
destination_cidr_block=
each_route_entry_configuration["destination"],
gateway_id=this_igw), )
else:
print("ERROR | Unsupported 'target_type' found")
for each_route_type in routes_list:
# print(each_route_entry)
rtb_route = (
each_route_type
# opts = pulumi.ResourceOptions(depends_on=[aws_rtb[resource_name]])
)
#
# Subnet Associations
#
# Checking if route-table: key is present
resource_associated_subnet = None
resource_associated_subnet = rtb_configuration[
"associated_subnets"] if "associated_subnets" in rtb_configuration else None
# If the key is present then we'll get the value
# and we'll invoke the association
if resource_associated_subnet is not None:
subnets_count = 0
for each_associated_subnet in resource_associated_subnet:
subnets_count = subnets_count + 1
this_subnet = aws_subnet_id[str(each_associated_subnet)]
route_table_association = rtb.RouteTableAssociation(
(resource_name + "-rtb-as-" +
str(subnets_count).zfill(2)),
subnet_id=this_subnet,
route_table_id=aws_rtb.id)
# Export the name of each Route Table Association
pulumi.export(route_table_association._name,
route_table_association.id)
def ALB(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
for alb_name, alb_configuration in resource_specs["alb"].items():
# AWS ALB Dynamic Variables
resource_specific_type = "alb"
resource_name = alb_name
resource_subnets = alb_configuration[
"subnets"] if "subnets" in alb_configuration else None
resource_security_groups = alb_configuration[
"security_groups"] if "security_groups" in alb_configuration else None
resource_deletion_protection = alb_configuration[
"deletion_protection"] if "deletion_protection" in alb_configuration else None
resource_exposure = alb_configuration[
"exposure"] if "exposure" in alb_configuration else None
resource_http2 = alb_configuration[
"http2"] if "http2" in alb_configuration else None
resource_idle_timeout = alb_configuration[
"idle_timeout"] if "idle_timeout" in alb_configuration else None
resource_listeners = alb_configuration[
"listeners"] if "listeners" in alb_configuration else None
resource_tags = None
resource_tags = alb_configuration[
"tags"] if "tags" in alb_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
resource_subnets_list = []
for each_subnet_found in resource_subnets:
resource_subnets_list.append(
aws_subnet_id[str(each_subnet_found)])
resource_security_groups_list = []
for each_security_group_found in resource_security_groups:
resource_security_groups_list.append(
aws_sg_id[str(each_security_group_found)])
# ALB exposure [internal|external]
# - internal for private connections (VPN, TGW etc.)
# - external for internet-facing / publicly exposed load balancers
if resource_exposure is not None:
if resource_exposure == "internal":
resource_exposure is False
elif resource_exposure == "external":
resource_exposure is True
else:
resource_exposure = None
# NOTE: Work in progress
# Listeners [http|https]
# if resource_listeners is not None:
# # print("Found listeners")
# for listener_protocol in resource_listeners.items():
# print(listener_protocol)
# if listener_protocol[0] == "http":
# print("HTTP Found")
# elif listener_protocol[0] == "https":
# print("HTTPS Found")
# else:
# print("No valid ALB listener found, must be 'http' or 'https'")
# FIXME:
# This needs to be reviewed as currently the subnets
# are being added in a non-dynamic fashion
alb = lb.LoadBalancer(
resource_name,
load_balancer_type="application",
name=resource_name,
subnet_mappings=[
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[0], ),
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[1], ),
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[2], ),
],
security_groups=resource_security_groups_list,
enable_deletion_protection=resource_deletion_protection,
internal=bool(resource_exposure),
enable_http2=resource_http2,
idle_timeout=resource_idle_timeout,
tags=tags_list)