class HostedZone(Resource): """ A DNS zone hosted at Amazon Route53 """ resource_name = "hosted_zone" extra_serializers = { "CallerReference": serializers.Expression(lambda x, y: str(uuid.uuid4())), } name = argument.String(field="Name") vpc = argument.Resource(VPC, field="VPC") comment = argument.String( field="HostedZoneConfig", serializer=serializers.Dict(Comment=serializers.Identity(), ), ) records = argument.ResourceList(Record) shared = argument.Boolean() """ If a hosted zone is shared then it won't be destroyed and DNS records will never be deleted """ account = argument.Resource(BaseAccount) def clean_name(self, name): return _normalize(name)
class Connection(resource.Resource): resource_name = "ssh_connection" username = argument.String(default="root", field="username") password = argument.String(field="password") private_key = argument.String(field="pkey", serializer=serializers.Identity()) hostname = argument.String(field="hostname") instance = argument.Resource(Instance, field="hostname", serializer=serializers.Resource()) port = argument.Integer(field="port", default=22) proxy = argument.Resource("touchdown.ssh.Connection") root = argument.Resource(workspace.Workspace) def clean_private_key(self, private_key): if private_key: for cls in (paramiko.RSAKey, paramiko.ECDSAKey, paramiko.DSSKey): try: key = cls.from_private_key(six.BytesIO(private_key)) except paramiko.SSHException: continue return key raise errors.InvalidParameter("Invalid SSH private key")
class Bundle(resource.Resource): resource_name = "fuselage_bundle" connection = argument.Resource(Connection) resources = argument.List() root = argument.Resource(workspace.Workspace)
class LaunchConfiguration(Resource): resource_name = "launch_configuration" name = argument.String(max=255, field="LaunchConfigurationName", update=False) image = argument.String(max=255, field="ImageId") key_pair = argument.Resource(KeyPair, field="KeyName") security_groups = argument.ResourceList(SecurityGroup, field="SecurityGroups") user_data = argument.Serializer(field="UserData") instance_type = argument.String(max=255, field="InstanceType") kernel = argument.String(max=255, field="KernelId") ramdisk = argument.String(max=255, field="RamdiskId") # block_devices = argument.Dict(field="BlockDeviceMappings") instance_monitoring = argument.Boolean( default=False, field="InstanceMonitoring", serializer=serializers.Dict(Enabled=serializers.Identity()), ) spot_price = argument.String(field="SpotPrice") instance_profile = argument.Resource( InstanceProfile, field="IamInstanceProfile", serializers=serializers.Property("Arn"), ) ebs_optimized = argument.Boolean(field="EbsOptimized") associate_public_ip_address = argument.Boolean(field="AssociatePublicIpAddress") placement_tenancy = argument.String( max=64, choices=[ "default", "dedicated", ], field="PlacementTenancy", ) account = argument.Resource(Account) def matches(self, runner, remote): if "UserData" in remote and remote["UserData"]: import base64 remote["UserData"] = base64.b64decode(remote["UserData"]) return super(LaunchConfiguration, self).matches(runner, remote)
class Pipeline(Resource): resource_name = "pipeline" name = argument.String(field="Name") input_bucket = argument.Resource(Bucket, field="InputBucket") output_bucket = argument.Resource(Bucket, field="OutputBucket") role = argument.Resource(Role, field="Role") # key = argument.Resource(KmsKey, field="AwsKmsKeyArn") # notifications = argument.Resource(Topic, field="Notifications") content_config = argument.Dict(field="ContentConfig") thumbnail_config = argument.Dict(field="ThumbnailConfig") account = argument.Resource(Account)
class Environment(Resource): resource_name = "environment" name = argument.String() cidr_block = argument.IPNetwork() account = argument.Resource(Account)
class Attributes(Resource): resource_name = "attributes" dot_ignore = True idle_timeout = argument.Integer( default=30, field="ConnectionSettings", serializer=serializers.Dict(IdleTimeout=serializers.Identity(), ), ) connection_draining = argument.Integer( default=0, field="ConnectionDraining", serializer=serializers.Dict( Enabled=serializers.Expression(lambda runner, object: object > 0), Timeout=serializers.Identity(), )) cross_zone_load_balancing = argument.Boolean( default=True, field="CrossZoneLoadBalancing", serializer=serializers.Dict(Enabled=serializers.Identity(), )) access_log = argument.Resource( Bucket, field="AccessLog", serializer=serializers.Dict( Enabled=serializers.Expression( lambda runner, object: object is not None), S3BucketName=serializers.Identifier(), ))
class InternetGateway(Resource): resource_name = "internet_gateway" name = argument.String() tags = argument.Dict() vpc = argument.Resource(VPC)
class Role(Resource): resource_name = "role" name = argument.String(field="RoleName") path = argument.String(field='Path') assume_role_policy = argument.Dict(field="AssumeRolePolicyDocument", serializer=serializers.Json()) policies = argument.Dict() account = argument.Resource(Account) def clean_assume_role_policy(self, policy): if frozenset(policy.keys()).difference(frozenset(("Version", "Statement"))): raise errors.InvalidParameter("Unexpected policy key") result = {} result['Version'] = policy.get('Version', '2012-10-17') result['Statement'] = [] for statement in policy.get("Statement", []): s = { "Action": statement["Action"], "Effect": statement["Effect"], "Principal": statement["Principal"], "Sid": statement.get("Sid", ""), } result['Statement'].append(s) return result
class InstanceProfile(Resource): resource_name = "instance_profile" name = argument.String(field="InstanceProfileName") path = argument.String(field='Path') roles = argument.ResourceList(Role) account = argument.Resource(Account)
class KeyPair(Resource): resource_name = "keypair" name = argument.String(field="KeyName") public_key = argument.String(field="PublicKeyMaterial") account = argument.Resource(Account)
class Database(Resource): resource_name = "database" name = argument.String(field="DBInstanceIdentifier") db_name = argument.String(field="DBName") allocated_storage = argument.Integer(min=5, max=3072, field="AllocatedStorage") iops = argument.Integer(field="Iops") instance_class = argument.String(field="DBInstanceClass") engine = argument.String(default='postgres', field="Engine", aws_update=False) engine_version = argument.String(field="EngineVersion") license_model = argument.String() master_username = argument.String(field="MasterUsername") master_password = argument.String(field="MasterUserPassword") security_groups = argument.ResourceList(SecurityGroup, field="VpcSecurityGroupIds") publically_accessible = argument.Boolean(field="PubliclyAccessible", aws_update=False) availability_zone = argument.String(field="AvailabilityZone") subnet_group = argument.Resource(SubnetGroup, field="DBSubnetGroupName", aws_update=False) preferred_maintenance_window = argument.String( field="PreferredMaintenanceWindow") multi_az = argument.Boolean(field="MultiAZ") storage_type = argument.String(field="StorageType") allow_major_version_upgrade = argument.Boolean( field="AllowMajorVersionUpgrade") auto_minor_version_upgrade = argument.Boolean( field="AutoMinorVersionUpgrade") character_set_name = argument.String(field="CharacterSetName") backup_retention_period = argument.Integer(field="BackupRetentionPeriod") preferred_backup_window = argument.String(field="PreferredBackupWindow") license_model = argument.String(field="LicenseModel") port = argument.Integer(min=1, max=32768, field="Port") # paramter_group = argument.Resource(ParameterGroup, field="DBParameterGroupName") # option_group = argument.Resource(OptionGroup, field="OptionGroupName") apply_immediately = argument.Boolean(field="ApplyImmediately", aws_create=False) # tags = argument.Dict() account = argument.Resource(Account)
class RouteTable(Resource): resource_name = "route_table" name = argument.String() routes = argument.ResourceList(Route) propagating_vpn_gateways = argument.ResourceList(VpnGateway) tags = argument.Dict() vpc = argument.Resource(VPC, field='VpcId')
class SubnetGroup(Resource): resource_name = "db_subnet_group" name = argument.String(field="DBSubnetGroupName") description = argument.String(field="DBSubnetGroupDescription") subnets = argument.ResourceList(Subnet, field="SubnetIds") # tags = argument.Dict() account = argument.Resource(Account)
class NetworkACL(Resource): resource_name = "network_acl" name = argument.String() inbound = argument.ResourceList(Rule) outbound = argument.ResourceList(Rule) tags = argument.Dict() vpc = argument.Resource(VPC, field="VpcId")
class Subnet(Resource): resource_name = "subnet" field_order = ["vpc"] name = argument.String() cidr_block = argument.IPNetwork(field='CidrBlock') availability_zone = argument.String(field='AvailabilityZone') route_table = argument.Resource(RouteTable) network_acl = argument.Resource(NetworkACL) tags = argument.Dict() vpc = argument.Resource(VPC, field='VpcId') def clean_cidr_block(self, cidr_block): if not cidr_block in self.vpc.cidr_block: raise errors.InvalidParameter("{} not inside network {}".format( self.cidr_block, self.vpc.cidr_block)) return cidr_block
class VpnConnection(Resource): resource_name = "vpn_connection" name = argument.String() customer_gateway = argument.Resource(CustomerGateway, field="CustomerGatewayId") vpn_gateway = argument.Resource(VpnGateway, field="VpnGatewayId") type = argument.String(default="ipsec.1", choices=["ipsec.1"], field="Type") static_routes_only = argument.Boolean( default=True, field="Options", serializer=serializers.Dict(StaticRoutesOnly=serializers.Boolean()), ) static_routes = argument.List() # FIXME: This should somehow be a list of argument.IPNetwork tags = argument.Dict() vpc = argument.Resource(VPC)
class ServerCertificate(Resource): resource_name = "server_certificate" name = argument.String(field="ServerCertificateName") path = argument.String(field='Path') certificate_body = argument.String(field="CertificateBody") private_key = argument.String(field="PrivateKey", secret=True) certificate_chain = argument.String(field="CertificateChain") account = argument.Resource(Account)
class VpnGateway(Resource): resource_name = "vpn_gateway" name = argument.String() type = argument.String(default="ipsec.1", choices=["ipsec.1"], field="Type") availability_zone = argument.String(field="AvailabilityZone") tags = argument.Dict() vpc = argument.Resource(VPC)
class CustomerGateway(Resource): resource_name = "customer_gateway" name = argument.String() type = argument.String(default="ipsec.1", choices=["ipsec.1"], field="GatewayType") public_ip = argument.IPAddress(field="PublicIp") bgp_asn = argument.Integer(default=65000, field="BgpAsn") tags = argument.Dict() vpc = argument.Resource(VPC)
class LoggingConfig(Resource): resource_name = "logging_config" dot_ignore = True enabled = argument.Boolean(field="Enabled", default=False) include_cookies = argument.Boolean(field="IncludeCookies", default=False) bucket = argument.Resource(Bucket, field="Bucket", serializer=serializers.Default(default=None), default="") prefix = argument.String(field="Prefix", default="")
class Bucket(Resource): resource_name = "bucket" name = argument.String(field="Bucket") region = argument.String( field="CreateBucketConfiguration", serializer=serializers.Dict( LocationConstraint=serializers.Identity(), ), ) account = argument.Resource(Account)
class AutoScalingGroup(Resource): resource_name = "auto_scaling_group" name = argument.String(field="AutoScalingGroupName") launch_configuration = argument.Resource(LaunchConfiguration, field="LaunchConfigurationName") min_size = argument.Integer(field="MinSize") max_size = argument.Integer(field="MaxSize") desired_capacity = argument.Integer(field="DesiredCapacity") default_cooldown = argument.Integer(default=300, field="DefaultCooldown") availability_zones = argument.List( field="AvailabilityZones", serializer=serializers.List(skip_empty=True)) subnets = argument.ResourceList( Subnet, field="VPCZoneIdentifier", serializer=serializers.CommaSeperatedList( serializers.List(serializers.Identifier())), ) load_balancers = argument.ResourceList(LoadBalancer, field="LoadBalancerNames", aws_update=False) health_check_type = argument.String( max=32, default=lambda instance: "ELB" if instance.load_balancers else None, field="HealthCheckType", ) health_check_grace_period = argument.Integer( default=lambda instance: 480 if instance.load_balancers else None, field="HealthCheckGracePeriod", ) placement_group = argument.String(max=255, field="PlacementGroup") termination_policies = argument.List(default=lambda i: ["Default"], field="TerminationPolicies") replacement_policy = argument.String(choices=['singleton', 'graceful'], default='graceful') account = argument.Resource(BaseAccount)
class Listener(Resource): resource_name = "listener" protocol = argument.String(field="Protocol") port = argument.Integer(field="LoadBalancerPort") instance_protocol = argument.String(field="InstanceProtocol") instance_port = argument.Integer(field="InstancePort") ssl_certificate = argument.Resource( ServerCertificate, field="SSLCertificiateId", serializer=serializers.Property("Arn"), )
class VPC(Resource): resource_name = "vpc" name = argument.String() cidr_block = argument.IPNetwork(field='CidrBlock') tenancy = argument.String(default="default", choices=["default", "dedicated"], field="InstanceTenancy") tags = argument.Dict() account = argument.Resource(Account)
class LoadBalancer(Resource): resource_name = "load_balancer" name = argument.String(field="LoadBalancerName") listeners = argument.ResourceList( Listener, field="Listeners", serializer=serializers.List(serializers.Resource()), ) availability_zones = argument.List(field="AvailabilityZones") scheme = argument.String(choices=["internet-facing", "private"], field="Scheme") subnets = argument.ResourceList(Subnet, field="Subnets") security_groups = argument.ResourceList(SecurityGroup, field="SecurityGroups") # tags = argument.Dict() health_check = argument.Resource(HealthCheck) attributes = argument.Resource(Attributes) account = argument.Resource(Account)
class ReplicationGroup(BaseCacheCluster, Resource): resource_name = "replication_group" name = argument.String(regex=r"[a-z1-9\-]{1,20}", field="ReplicationGroupId") description = argument.String(default=lambda resource: resource.name, field="ReplicationGroupDescription") primary_cluster = argument.Resource( "touchdown.aws.elasticache.cache.CacheCluster", field="PrimaryClusterId") automatic_failover = argument.Boolean(field="AutomaticFailoverEnabled") num_cache_clusters = argument.Integer(field="NumCacheClusters")
class Adapter(Resource): adapts = argument.Resource(Resource) input = None def get_serializer(self, runner): raise NotImplementedError(self.get_serializer) @classmethod def wrap(cls, parent, resource): for adapter in cls.__subclasses__(): if adapter.input and isinstance(resource, adapter.input): return adapter(parent, adapts=resource) raise errors.Error("Cannot turn {} into a {}".format(resource, cls))
class SecurityGroup(Resource): resource_name = "security_group" name = argument.String(field="GroupName") description = argument.String(field="Description") ingress = argument.ResourceList(Rule) egress = argument.ResourceList( Rule, default=lambda instance: [dict(protocol=-1, network=['0.0.0.0/0'])], ) tags = argument.Dict() vpc = argument.Resource(VPC, field="VpcId")
class ExternalRole(BaseAccount): resource_name = "external_role" name = argument.String(field="RoleSessionName") arn = argument.String(field="RoleArn") policy = argument.String(field="Policy") duration = argument.Integer(min=900, max=3600, field="DurationSeconds") external_id = argument.String(field="ExternalId") mfa_device = argument.String(field="SerialNumber") mfa_token = argument.String(field="TokenCode") account = argument.Resource(Account)