def test_get_resource_arn(self): _test_name = 'test_get_resource_arn' _test_node_properties = {'use_external_resource': False} _test_runtime_properties = {'resource_config': {}} _ctx = self.get_mock_ctx( _test_name, test_properties=_test_node_properties, test_runtime_properties=_test_runtime_properties, type_hierarchy=['cloudify.nodes.Root']) current_ctx.set(_ctx) self.assertEqual(utils.get_resource_arn(), None) with self.assertRaises(NonRecoverableError): utils.get_resource_arn(raise_on_missing=True)
def attach_to(ctx, iface, resource_config, **_): '''Attaches an IAM User to something else''' if utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.Group'): resource_config['UserName'] = iface.resource_id IAMGroup(ctx.target.node, logger=ctx.logger, resource_id=utils.get_resource_id( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True)).attach_user(resource_config) elif utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.LoginProfile'): iface.create_login_profile( resource_config or ctx.target.instance.runtime_properties.get('resource_config')) elif utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.AccessKey'): resp = iface.create_access_key( resource_config or ctx.target.instance.runtime_properties.get('resource_config')) utils.update_resource_id(ctx.target.instance, resp['AccessKeyId']) ctx.target.instance.runtime_properties['SecretAccessKey'] = \ resp['SecretAccessKey'] elif utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.Policy'): resource_config['PolicyArn'] = utils.get_resource_arn( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True) iface.attach_policy(resource_config)
def detach_from(ctx, iface, resource_config, **_): '''Detaches an IAM User from something else''' if utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.Group'): resource_config['UserName'] = iface.resource_id IAMGroup(ctx.target.node, logger=ctx.logger, resource_id=utils.get_resource_id( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True)).detach_user(resource_config) elif utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.LoginProfile'): iface.delete_login_profile(resource_config) elif utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.AccessKey'): resource_config['AccessKeyId'] = utils.get_resource_id( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True) iface.delete_access_key(resource_config) elif utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.Policy'): resource_config['PolicyArn'] = utils.get_resource_arn( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True) iface.detach_policy(resource_config)
def detach_from(ctx, iface, resource_config, **_): '''Detaches an IAM Role from something else''' if utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.Policy'): resource_config['PolicyArn'] = utils.get_resource_arn( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True) iface.detach_policy(resource_config)
def prepare_assoc(ctx, iface, resource_config, **_): '''Prepares to associate an Lambda Permission to something else''' if utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.lambda.Function'): ctx.source.instance.runtime_properties['resource_config'][ 'FunctionName'] = utils.get_resource_arn( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True)
def prepare_assoc(ctx, iface, resource_config, **_): '''Prepares to associate an Lambda Permission to something else''' if utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.lambda.Function'): ctx.source.instance.runtime_properties[ 'resource_config']['FunctionName'] = utils.get_resource_arn( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True)
def _get_iam_role_to_attach(ctx): role_arn = None iam_role = utils.find_rel_by_node_type(ctx.instance, 'cloudify.nodes.aws.iam.Role') if iam_role: role_arn = utils.get_resource_arn(node=iam_role.target.node, instance=iam_role.target.instance, raise_on_missing=True) return role_arn
def test_get_resource_arn(self): _test_name = 'test_get_resource_arn' _test_node_properties = { 'use_external_resource': False } _test_runtime_properties = { 'resource_config': {} } _ctx = self.get_mock_ctx( _test_name, test_properties=_test_node_properties, test_runtime_properties=_test_runtime_properties, type_hierarchy=['cloudify.nodes.Root'] ) current_ctx.set(_ctx) self.assertEqual(utils.get_resource_arn(), None) with self.assertRaises(NonRecoverableError): utils.get_resource_arn(raise_on_missing=True)
def delete(ctx, iface, resource_config, **_): """Deletes an AWS SNS Topic""" # Create a copy of the resource config for clean manipulation. params = dict() if not resource_config else resource_config.copy() if TOPIC_ARN not in params: params.update( {TOPIC_ARN: utils.get_resource_arn(ctx.node, ctx.instance)}) # Actually delete the resource iface.delete(params)
def attach_to(ctx, iface, resource_config, **_): '''Attaches an IAM Group to something else''' if utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.User'): resource_config['UserName'] = utils.get_resource_id( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True) iface.attach_user(resource_config) elif utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.Policy'): resource_config['PolicyArn'] = utils.get_resource_arn( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True) iface.attach_policy(resource_config)
def delete(ctx, iface, resource_config, **_): """Deletes an AWS SNS Subscription""" # Create a copy of the resource config for clean manipulation. params = dict() if not resource_config else resource_config.copy() # Add the required SubscriptionArn parameter. if SUB_ARN not in params: arn = \ utils.get_resource_arn( ctx.node, ctx.instance) params[SUB_ARN] = arn # Actually delete the resource iface.delete(params)
def delete(ctx, iface, resource_config, **_): """Deletes an AWS SNS Topic""" # Create a copy of the resource config for clean manipulation. params = \ dict() if not resource_config else resource_config.copy() if TOPIC_ARN not in params.keys(): params.update( {TOPIC_ARN: utils.get_resource_arn( ctx.node, ctx.instance)}) # Actually delete the resource iface.delete(params)
def detach_from(ctx, iface, resource_config, **_): '''Detaches an IAM Group from something else''' if utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.User'): resource_config['UserName'] = utils.get_resource_id( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True) iface.detach_user(resource_config) elif utils.is_node_type(ctx.target.node, 'cloudify.nodes.aws.iam.Policy'): resource_config['PolicyArn'] = utils.get_resource_arn( node=ctx.target.node, instance=ctx.target.instance, raise_on_missing=True) iface.detach_policy(resource_config)
def delete(ctx, iface, resource_config, **_): """Deletes an AWS SNS Subscription""" # Create a copy of the resource config for clean manipulation. params = \ dict() if not resource_config else resource_config.copy() # Add the required SubscriptionArn parameter. if SUB_ARN not in params.keys(): arn = \ utils.get_resource_arn( ctx.node, ctx.instance) params[SUB_ARN] = arn # Actually delete the resource iface.delete(params)
def start(ctx, iface, resource_config, **_): """Confirm an AWS SNS Subscription""" # Create a copy of the resource config for clean manipulation. params = dict() if not resource_config else resource_config.copy() # Add the required SubscriptionArn parameter. if SUB_ARN not in params: arn = \ utils.get_resource_arn( ctx.node, ctx.instance) params[SUB_ARN] = arn sub_attributes = iface.confirm(params) if CONFIRM_AUTHENTICATED not in sub_attributes: return ctx.operation.retry( 'Confirm has not been authenticated. Retrying...')
def start(ctx, iface, resource_config, **_): """Confirm an AWS SNS Subscription""" # Create a copy of the resource config for clean manipulation. params = \ dict() if not resource_config else resource_config.copy() # Add the required SubscriptionArn parameter. if SUB_ARN not in params.keys(): arn = \ utils.get_resource_arn( ctx.node, ctx.instance) params[SUB_ARN] = arn sub_attributes = iface.confirm(params) if CONFIRM_AUTHENTICATED not in sub_attributes: return ctx.operation.retry( 'Confirm has not been authenticated. Retrying...')
def create(ctx, iface, resource_config, **_): '''Creates an AWS Lambda Function''' # Build API params params = utils.clean_params( dict() if not resource_config else resource_config.copy()) if RESOURCE_ID not in params: params[RESOURCE_ID] = iface.resource_id vpc_config = params.get('VpcConfig', dict()) # Attach a Subnet Group if it exists subnet_ids = vpc_config.get('SubnetIds', list()) subnet_rels = \ utils.find_rels_by_node_type( ctx.instance, SUBNET_TYPE) or \ utils.find_rels_by_node_type( ctx.instance, SUBNET_TYPE) for rel in subnet_rels: subnet_ids.append(utils.get_resource_id( node=rel.target.node, instance=rel.target.instance, raise_on_missing=True)) vpc_config['SubnetIds'] = subnet_ids # Attach any security groups if they exist security_groups = vpc_config.get('SecurityGroupIds', list()) sg_rels = \ utils.find_rels_by_node_type( ctx.instance, SECGROUP_TYPE) or \ utils.find_rels_by_node_type( ctx.instance, SECGROUP_TYPE_DEPRECATED) for rel in sg_rels: security_groups.append( utils.get_resource_id( node=rel.target.node, instance=rel.target.instance, raise_on_missing=True)) vpc_config['SecurityGroupIds'] = security_groups params['VpcConfig'] = vpc_config # Attach an IAM Role if it exists iam_role = utils.find_rel_by_node_type( ctx.instance, 'cloudify.nodes.aws.iam.Role') if iam_role: params['Role'] = utils.get_resource_arn( node=iam_role.target.node, instance=iam_role.target.instance, raise_on_missing=True) # Handle user-profided code ZIP file if params.get('Code', dict()).get('ZipFile'): codezip = params['Code']['ZipFile'] ctx.logger.debug('ZipFile: "%s" (%s)' % (codezip, type(codezip))) if not path_exists(codezip): codezip = ctx.download_resource(codezip) ctx.logger.debug('Downloaded resource: "%s"' % codezip) with open(codezip, mode='rb') as _file: params['Code']['ZipFile'] = _file.read() ctx.logger.debug('Deleting resource: "%s"' % codezip) os_remove(codezip) else: with open(codezip, mode='rb') as _file: params['Code']['ZipFile'] = _file.read() # Actually create the resource create_response = iface.create(params) resource_id = create_response['FunctionName'] utils.update_resource_id(ctx.instance, resource_id) utils.update_resource_arn( ctx.instance, create_response['FunctionArn']) # Save vpc_config to be used later on when remove eni created by invoke # function if vpc_config and create_response.get('VpcConfig'): ctx.instance.runtime_properties['vpc_config'] =\ create_response['VpcConfig']
def delete(iface, resource_config, **_): '''Deletes an AWS IAM Policy''' iface.update_resource_id(utils.get_resource_arn()) iface.delete(resource_config)