class Attributes(Resource): resource_name = "attributes" dot_ignore = True idle_timeout = argument.Integer( default=30, field="ConnectionSettings", serializer=serializers.Dict(IdleTimeout=serializers.Identity(), ), ) connection_draining = argument.Integer( default=0, field="ConnectionDraining", serializer=serializers.Dict( Enabled=serializers.Expression(lambda runner, object: object > 0), Timeout=serializers.Identity(), )) cross_zone_load_balancing = argument.Boolean( default=True, field="CrossZoneLoadBalancing", serializer=serializers.Dict(Enabled=serializers.Identity(), )) access_log = argument.Resource( Bucket, field="AccessLog", serializer=serializers.Dict( Enabled=serializers.Expression( lambda runner, object: object is not None), S3BucketName=serializers.Identifier(), ))
class ErrorResponse(Resource): resource_name = "error_response" dot_ignore = True error_code = argument.Integer(field="ErrorCode") response_page_path = argument.String(field="ResponsePagePath") response_code = argument.Integer(field="ResponseCode") min_ttl = argument.Integer(field="ErrorCachingMinTTL")
class HealthCheck(Resource): resource_name = "health_check" dot_ignore = True interval = argument.Integer(field="Interval") check = argument.String(field="Target") healthy_threshold = argument.Integer(field="HealthyThreshold") unhealthy_threshold = argument.Integer(field="UnhealthyThreshold") timeout = argument.Integer(field="Timeout")
class Listener(Resource): resource_name = "listener" protocol = argument.String(field="Protocol") port = argument.Integer(field="LoadBalancerPort") instance_protocol = argument.String(field="InstanceProtocol") instance_port = argument.Integer(field="InstancePort") ssl_certificate = argument.Resource( ServerCertificate, field="SSLCertificiateId", serializer=serializers.Property("Arn"), )
class Connection(resource.Resource): resource_name = "ssh_connection" username = argument.String(default="root", field="username") password = argument.String(field="password") private_key = argument.String(field="pkey", serializer=serializers.Identity()) hostname = argument.String(field="hostname") instance = argument.Resource(Instance, field="hostname", serializer=serializers.Resource()) port = argument.Integer(field="port", default=22) proxy = argument.Resource("touchdown.ssh.Connection") root = argument.Resource(workspace.Workspace) def clean_private_key(self, private_key): if private_key: for cls in (paramiko.RSAKey, paramiko.ECDSAKey, paramiko.DSSKey): try: key = cls.from_private_key(six.BytesIO(private_key)) except paramiko.SSHException: continue return key raise errors.InvalidParameter("Invalid SSH private key")
class Redis(zone.Zone): resource_name = "redis" prefix = argument.Integer(default=28) def get_property(self, name): return Property(name, serializers.Const(self))
class Database(Resource): resource_name = "database" name = argument.String(field="DBInstanceIdentifier") db_name = argument.String(field="DBName") allocated_storage = argument.Integer(min=5, max=3072, field="AllocatedStorage") iops = argument.Integer(field="Iops") instance_class = argument.String(field="DBInstanceClass") engine = argument.String(default='postgres', field="Engine", aws_update=False) engine_version = argument.String(field="EngineVersion") license_model = argument.String() master_username = argument.String(field="MasterUsername") master_password = argument.String(field="MasterUserPassword") security_groups = argument.ResourceList(SecurityGroup, field="VpcSecurityGroupIds") publically_accessible = argument.Boolean(field="PubliclyAccessible", aws_update=False) availability_zone = argument.String(field="AvailabilityZone") subnet_group = argument.Resource(SubnetGroup, field="DBSubnetGroupName", aws_update=False) preferred_maintenance_window = argument.String( field="PreferredMaintenanceWindow") multi_az = argument.Boolean(field="MultiAZ") storage_type = argument.String(field="StorageType") allow_major_version_upgrade = argument.Boolean( field="AllowMajorVersionUpgrade") auto_minor_version_upgrade = argument.Boolean( field="AutoMinorVersionUpgrade") character_set_name = argument.String(field="CharacterSetName") backup_retention_period = argument.Integer(field="BackupRetentionPeriod") preferred_backup_window = argument.String(field="PreferredBackupWindow") license_model = argument.String(field="LicenseModel") port = argument.Integer(min=1, max=32768, field="Port") # paramter_group = argument.Resource(ParameterGroup, field="DBParameterGroupName") # option_group = argument.Resource(OptionGroup, field="OptionGroupName") apply_immediately = argument.Boolean(field="ApplyImmediately", aws_create=False) # tags = argument.Dict() account = argument.Resource(Account)
class CustomOrigin(Resource): resource_name = "custom_origin" dot_ignore = True extra_serializers = { "CustomOriginConfig": serializers.Dict( HTTPPort=serializers.Argument("http_port"), HTTPSPort=serializers.Argument("https_port"), OriginProtocolPolicy=serializers.Argument("origin_protocol"), ) } name = argument.String(field='Id') domain_name = argument.String(field='DomainName') http_port = argument.Integer(default=80) https_port = argument.Integer(default=443) origin_protocol = argument.String(choices=['http-only', 'match-viewer'], default='match-viewer')
class CustomerGateway(Resource): resource_name = "customer_gateway" name = argument.String() type = argument.String(default="ipsec.1", choices=["ipsec.1"], field="GatewayType") public_ip = argument.IPAddress(field="PublicIp") bgp_asn = argument.Integer(default=65000, field="BgpAsn") tags = argument.Dict() vpc = argument.Resource(VPC)
class AutoScalingGroup(Resource): resource_name = "auto_scaling_group" name = argument.String(field="AutoScalingGroupName") launch_configuration = argument.Resource(LaunchConfiguration, field="LaunchConfigurationName") min_size = argument.Integer(field="MinSize") max_size = argument.Integer(field="MaxSize") desired_capacity = argument.Integer(field="DesiredCapacity") default_cooldown = argument.Integer(default=300, field="DefaultCooldown") availability_zones = argument.List( field="AvailabilityZones", serializer=serializers.List(skip_empty=True)) subnets = argument.ResourceList( Subnet, field="VPCZoneIdentifier", serializer=serializers.CommaSeperatedList( serializers.List(serializers.Identifier())), ) load_balancers = argument.ResourceList(LoadBalancer, field="LoadBalancerNames", aws_update=False) health_check_type = argument.String( max=32, default=lambda instance: "ELB" if instance.load_balancers else None, field="HealthCheckType", ) health_check_grace_period = argument.Integer( default=lambda instance: 480 if instance.load_balancers else None, field="HealthCheckGracePeriod", ) placement_group = argument.String(max=255, field="PlacementGroup") termination_policies = argument.List(default=lambda i: ["Default"], field="TerminationPolicies") replacement_policy = argument.String(choices=['singleton', 'graceful'], default='graceful') account = argument.Resource(BaseAccount)
class Record(Resource): resource_name = "record" name = argument.String(field="Name") type = argument.String(field="Type") values = argument.List(field="ResourceRecords", serializer=serializers.List(serializers.Dict( Value=serializers.Identity(), ), skip_empty=True)) ttl = argument.Integer(min=0, field="TTL") set_identifier = argument.Integer(min=1, max=128, field="SetIdentifier") alias = argument.Resource( AliasTarget, field="AliasTarget", serializer=serializers.Resource(), ) def clean_name(self, name): return _normalize(name)
class Rule(Resource): resource_name = "rule" dot_ignore = True network = argument.IPNetwork(field="CidrBlock") protocol = argument.String(default='tcp', choices=['tcp', 'udp', 'icmp'], field="Protocol") port = argument.Integer(min=-1, max=65535) from_port = argument.Integer(default=lambda r: r.port if r.port != -1 else 1, min=-1, max=65535) to_port = argument.Integer(default=lambda r: r.port if r.port != -1 else 65535, min=-1, max=65535) action = argument.String(default="allow", choices=["allow", "deny"], field="RuleAction") extra_serializers = { "PortRange": serializers.Dict( From=serializers.Integer(serializers.Argument("from_port")), To=serializers.Integer(serializers.Argument("to_port")), ), } def __str__(self): name = super(Rule, self).__str__() if self.from_port == self.to_port: ports = "port {}".format(self.from_port) else: ports = "ports {} to {}".format(self.from_port, self.to_port) return "{}: {} {} from {}".format(name, self.protocol, ports, self.network)
class ReplicationGroup(BaseCacheCluster, Resource): resource_name = "replication_group" name = argument.String(regex=r"[a-z1-9\-]{1,20}", field="ReplicationGroupId") description = argument.String(default=lambda resource: resource.name, field="ReplicationGroupDescription") primary_cluster = argument.Resource( "touchdown.aws.elasticache.cache.CacheCluster", field="PrimaryClusterId") automatic_failover = argument.Boolean(field="AutomaticFailoverEnabled") num_cache_clusters = argument.Integer(field="NumCacheClusters")
class ExternalRole(BaseAccount): resource_name = "external_role" name = argument.String(field="RoleSessionName") arn = argument.String(field="RoleArn") policy = argument.String(field="Policy") duration = argument.Integer(min=900, max=3600, field="DurationSeconds") external_id = argument.String(field="ExternalId") mfa_device = argument.String(field="SerialNumber") mfa_token = argument.String(field="TokenCode") account = argument.Resource(Account)
class Zone(Resource): name = argument.String() prefix = argument.Integer(default=24) cidr_block = argument.IPNetwork() """ Is this zone on the public internet? """ public = argument.Boolean(default=False) """ The availability zones to create this zone in """ availability_zones = argument.List( argument.String(min=1, max=1), min=2, max=2, default=["a", "b"], ) environment = argument.Resource(Environment)
class DefaultCacheBehavior(Resource): resource_name = "default_cache_behaviour" dot_ignore = True extra_serializers = { # TrustedSigners are not supported yet, so include stub in serialized form "TrustedSigners": serializers.Const({ "Enabled": False, "Quantity": 0, }), "AllowedMethods": CloudFrontList( inner=serializers.Context(serializers.Argument("allowed_methods"), serializers.List()), CachedMethods=serializers.Context( serializers.Argument("cached_methods"), CloudFrontList()), ), } target_origin = argument.String(field='TargetOriginId') forwarded_values = argument.Resource( ForwardedValues, default=lambda instance: dict(), field="ForwardedValues", serializer=serializers.Resource(), ) viewer_protocol_policy = argument.String( choices=['allow-all', 'https-only', 'redirect-to-https'], default='allow-all', field="ViewerProtocolPolicy") min_ttl = argument.Integer(default=0, field="MinTTL") allowed_methods = argument.List(default=lambda x: ["GET", "HEAD"]) cached_methods = argument.List(default=lambda x: ["GET", "HEAD"]) smooth_streaming = argument.Boolean(default=False, field='SmoothStreaming')
def test_not_an_integer(self): self.assertRaises(errors.InvalidParameter, argument.Integer().clean, None, "five")
def test_integer(self): self.assertEqual(argument.Integer().clean(None, 0), 0)
def test_integer_from_string(self): self.assertEqual(argument.Integer().clean(None, "0"), 0)
class LoadBalancer(zone.Zone): resource_name = "load_balancer" prefix = argument.Integer(default=28)
class Rule(Resource): resource_name = "rule" @property def dot_ignore(self): return self.security_group is None protocol = argument.String(default='tcp', choices=['tcp', 'udp', 'icmp'], field="IpProtocol") port = argument.Integer(min=-1, max=32768) from_port = argument.Integer(default=lambda r: r.port, min=-1, max=32768, field="FromPort") to_port = argument.Integer(default=lambda r: r.port, min=-1, max=32768, field="ToPort") security_group = argument.Resource( "touchdown.aws.vpc.security_group.SecurityGroup", field="UserIdGroupPairs", serializer=serializers.ListOfOne( serializers.Dict( UserId=serializers.Property("OwnerId"), GroupId=serializers.Identifier(), )), ) network = argument.IPNetwork( field="IpRanges", serializer=serializers.ListOfOne( serializers.Dict(CidrIp=serializers.String(), )), ) def matches(self, runner, rule): sg = None if self.security_group: sg = runner.get_plan(self.security_group) # If the SecurityGroup doesn't exist yet then this rule can't exist # yet - so we can bail early! if not sg.resource_id: return False if self.protocol != rule['IpProtocol']: return False if self.from_port != rule.get('FromPort', None): return False if self.to_port != rule.get('ToPort', None): return False if sg and sg.object: for group in rule.get('UserIdGroupPairs', []): if group['GroupId'] == sg.resource_id and group[ 'UserId'] == sg.object['OwnerId']: return True if self.network: for network in rule.get('IpRanges', []): if network['CidrIp'] == str(self.network): return True return False def __str__(self): name = super(Rule, self).__str__() if self.from_port == self.to_port: ports = "port {}".format(self.from_port) else: ports = "ports {} to {}".format(self.from_port, self.to_port) return "{}: {} {} from {}".format( name, self.protocol, ports, self.network if self.network else self.security_group)