def get_soca_configuration():
secretsmanager_client = boto3.client('secretsmanager',
config=config.boto_extra_config())
configuration_secret_name = os.environ['SOCA_CONFIGURATION']
response = secretsmanager_client.get_secret_value(
SecretId=configuration_secret_name)
return json.loads(response['SecretString'], strict=False)
def post(self):
"""
Change password for a given user
---
tags:
- User Management
parameters:
- in: body
name: body
schema:
required:
- user
- password
properties:
user:
type: string
description: SOCA user
password:
type: string
description: New password to configure
responses:
200:
description: Pair of username/token is valid
203:
description: Invalid username/token pair
400:
description: Malformed client input
"""
parser = reqparse.RequestParser()
parser.add_argument("user", type=str, location="form")
parser.add_argument("password", type=str, location="form")
args = parser.parse_args()
user = args["user"]
password = args["password"]
logger.info(f"Received password reset request for {user}")
if user.lower() in password.lower():
return errors.all_errors("DS_PASSWORD_USERNAME_IN_PW")
ds_password_complexity = r"(?=^.{8,64}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9\s])(?=.*[a-z])|(?=.*[^A-Za-z0-9\s])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9\s]))^.*"
if not re.search(ds_password_complexity, password):
return errors.all_errors("DS_PASSWORD_COMPLEXITY_ERROR")
lambda_client = boto3.client("lambda", config=config.boto_extra_config())
if user is None or password is None:
return errors.all_errors("CLIENT_MISSING_PARAMETER", "user (str) and password (str) parameters are required")
ds_password_reset_lambda_arn = config.Config.DIRECTORY_SERVICE_RESET_LAMBDA_ARN
if not ds_password_reset_lambda_arn:
return errors.all_errors("MISSING_DS_RESET_LAMBDA")
try:
response = lambda_client.invoke(FunctionName=ds_password_reset_lambda_arn,
Payload=json.dumps({"Username": user, "Password": password, "DirectoryServiceId": config.Config.DIRECTORY_SERVICE_ID}, indent=2).encode("utf-8"))
logger.info(str(response['Payload'].read()))
return {"success": True, "message": "Password updated correctly."}, 200
except Exception as err:
return errors.all_errors(type(err).__name__, err)
from flask import request
from requests import get
import logging
from datetime import datetime
import json
import read_secretmanager
from decorators import private_api
import base64
import boto3
import os
import sys
import errors
from models import db, LinuxDCVSessions, WindowsDCVSessions
logger = logging.getLogger("api")
client_ec2 = boto3.client("ec2", config=config.boto_extra_config())
client_cfn = boto3.client("cloudformation", config=config.boto_extra_config())
def encrypt(message):
key = config.Config.DCV_TOKEN_SYMMETRIC_KEY
cipher_suite = Fernet(key)
return cipher_suite.encrypt(message.encode("utf-8"))
def get_host_info(tag_uuid, cluster_id, operating_system):
host_info = {}
token = True
next_token = ''
while token is True:
response = client_ec2.describe_instances(
import config
from flask_restful import Resource, reqparse
import logging
from decorators import admin_api, restricted_api, private_api
import botocore
import datetime
from models import db, AmiList
import boto3
import errors
from sqlalchemy import exc
from sqlalchemy.exc import SQLAlchemyError
logger = logging.getLogger("api")
session = boto3.session.Session()
aws_region = session.region_name
ec2_client = boto3.client('ec2', aws_region, config=config.boto_extra_config())
def get_ami_info():
ami_info = {}
for session_info in AmiList.query.filter_by(is_active=True).all():
ami_info[session_info.ami_label] = session_info.ami_id
return ami_info
class ManageImage(Resource):
@admin_api
def post(self):
"""
Register a new EC2 AMI as DCV image on SOCA
---
import logging
import os
import config
import re
from datetime import datetime, timezone, timedelta
import pytz
import json
import time
from dateutil.parser import parse
from models import db, WindowsDCVSessions, LinuxDCVSessions
from botocore.exceptions import ClientError
from models import db
from sqlalchemy import or_, and_
logger = logging.getLogger("scheduled_tasks")
client_ec2 = boto3.client("ec2", config=config.boto_extra_config())
client_ssm = boto3.client("ssm", config=config.boto_extra_config())
client_cloudformation = boto3.client("cloudformation",
config=config.boto_extra_config())
def now():
try:
tz = pytz.timezone(config.Config.TIMEZONE)
except pytz.exceptions.UnknownTimeZoneError:
logger.error(
"Timezone {} configured by the admin does not exist. Defaulting to UTC. Refer to https://en.wikipedia.org/wiki/List_of_tz_database_time_zones for a full list of supported timezones"
.format(config.Config.TIMEZONE))
tz = pytz.timezone("UTC")
server_time = datetime.now(timezone.utc).astimezone(tz)
def get_compute_pricing(ec2_instance_type):
pricing = {}
region_mapping = {
"ap-east-1": "APE1-",
"ap-northeast-1": "APN1-",
"ap-northeast-2": "APN2-",
"ap-south-1": "APS1-",
"ap-southeast-1": "APS1-",
"ap-southeast-2": "APS1-",
"ca-central-1": "CAC1-",
"eu-central-1": "EUC1-",
"eu-north-1": "EUN1-",
"eu-south-1": "EUS1-",
"eu-west-1": "EUW1-",
"eu-west-2": "EUW2-",
"eu-west-3": "EUW3-",
"me-south-1": "MES1-",
"us-east-1": "",
"us-east-2": "USE2-",
"us-west-1": "USW1-",
"us-west-2": "USW2-",
"sa-east-1": "SAE1-",
}
client_pricing = boto3.client("pricing",
region_name="us-east-1",
config=config.boto_extra_config())
session = boto3.session.Session()
region = session.region_name
response = client_pricing.get_products(
ServiceCode='AmazonEC2',
Filters=[
{
'Type': 'TERM_MATCH',
'Field': 'usageType',
'Value':
region_mapping[region] + 'BoxUsage:' + ec2_instance_type
},
],
)
for data in response['PriceList']:
data = ast.literal_eval(data)
for k, v in data['terms'].items():
if k == 'OnDemand':
for skus in v.keys():
for ratecode in v[skus]['priceDimensions'].keys():
instance_data = v[skus]['priceDimensions'][ratecode]
if 'on demand linux ' + str(
ec2_instance_type
) + ' instance hour' in instance_data[
'description'].lower():
pricing['ondemand'] = float(
instance_data['pricePerUnit']['USD'])
else:
for skus in v.keys():
if v[skus]['termAttributes']['OfferingClass'] == 'standard' \
and v[skus]['termAttributes']['LeaseContractLength'] == '1yr' \
and v[skus]['termAttributes']['PurchaseOption'] == 'No Upfront':
for ratecode in v[skus]['priceDimensions'].keys():
instance_data = v[skus]['priceDimensions'][
ratecode]
if 'Linux/UNIX (Amazon VPC)' in instance_data[
'description']:
pricing['reserved'] = float(
instance_data['pricePerUnit']['USD'])
return pricing
