class HostedZone(Resource):
""" A DNS zone hosted at Amazon Route53 """
resource_name = "hosted_zone"
extra_serializers = {
"CallerReference":
serializers.Expression(lambda x, y: str(uuid.uuid4())),
}
name = argument.String(field="Name")
vpc = argument.Resource(VPC, field="VPC")
comment = argument.String(
field="HostedZoneConfig",
serializer=serializers.Dict(Comment=serializers.Identity(), ),
)
records = argument.ResourceList(Record)
shared = argument.Boolean()
""" If a hosted zone is shared then it won't be destroyed and DNS records will never be deleted """
account = argument.Resource(BaseAccount)
def clean_name(self, name):
return _normalize(name)
class Connection(resource.Resource):
resource_name = "ssh_connection"
username = argument.String(default="root", field="username")
password = argument.String(field="password")
private_key = argument.String(field="pkey",
serializer=serializers.Identity())
hostname = argument.String(field="hostname")
instance = argument.Resource(Instance,
field="hostname",
serializer=serializers.Resource())
port = argument.Integer(field="port", default=22)
proxy = argument.Resource("touchdown.ssh.Connection")
root = argument.Resource(workspace.Workspace)
def clean_private_key(self, private_key):
if private_key:
for cls in (paramiko.RSAKey, paramiko.ECDSAKey, paramiko.DSSKey):
try:
key = cls.from_private_key(six.BytesIO(private_key))
except paramiko.SSHException:
continue
return key
raise errors.InvalidParameter("Invalid SSH private key")
class Bundle(resource.Resource):
resource_name = "fuselage_bundle"
connection = argument.Resource(Connection)
resources = argument.List()
root = argument.Resource(workspace.Workspace)
class LaunchConfiguration(Resource):
resource_name = "launch_configuration"
name = argument.String(max=255, field="LaunchConfigurationName", update=False)
image = argument.String(max=255, field="ImageId")
key_pair = argument.Resource(KeyPair, field="KeyName")
security_groups = argument.ResourceList(SecurityGroup, field="SecurityGroups")
user_data = argument.Serializer(field="UserData")
instance_type = argument.String(max=255, field="InstanceType")
kernel = argument.String(max=255, field="KernelId")
ramdisk = argument.String(max=255, field="RamdiskId")
# block_devices = argument.Dict(field="BlockDeviceMappings")
instance_monitoring = argument.Boolean(
default=False,
field="InstanceMonitoring",
serializer=serializers.Dict(Enabled=serializers.Identity()),
)
spot_price = argument.String(field="SpotPrice")
instance_profile = argument.Resource(
InstanceProfile,
field="IamInstanceProfile",
serializers=serializers.Property("Arn"),
)
ebs_optimized = argument.Boolean(field="EbsOptimized")
associate_public_ip_address = argument.Boolean(field="AssociatePublicIpAddress")
placement_tenancy = argument.String(
max=64,
choices=[
"default",
"dedicated",
],
field="PlacementTenancy",
)
account = argument.Resource(Account)
def matches(self, runner, remote):
if "UserData" in remote and remote["UserData"]:
import base64
remote["UserData"] = base64.b64decode(remote["UserData"])
return super(LaunchConfiguration, self).matches(runner, remote)
class Pipeline(Resource):
resource_name = "pipeline"
name = argument.String(field="Name")
input_bucket = argument.Resource(Bucket, field="InputBucket")
output_bucket = argument.Resource(Bucket, field="OutputBucket")
role = argument.Resource(Role, field="Role")
# key = argument.Resource(KmsKey, field="AwsKmsKeyArn")
# notifications = argument.Resource(Topic, field="Notifications")
content_config = argument.Dict(field="ContentConfig")
thumbnail_config = argument.Dict(field="ThumbnailConfig")
account = argument.Resource(Account)
class Environment(Resource):
resource_name = "environment"
name = argument.String()
cidr_block = argument.IPNetwork()
account = argument.Resource(Account)
class Attributes(Resource):
resource_name = "attributes"
dot_ignore = True
idle_timeout = argument.Integer(
default=30,
field="ConnectionSettings",
serializer=serializers.Dict(IdleTimeout=serializers.Identity(), ),
)
connection_draining = argument.Integer(
default=0,
field="ConnectionDraining",
serializer=serializers.Dict(
Enabled=serializers.Expression(lambda runner, object: object > 0),
Timeout=serializers.Identity(),
))
cross_zone_load_balancing = argument.Boolean(
default=True,
field="CrossZoneLoadBalancing",
serializer=serializers.Dict(Enabled=serializers.Identity(), ))
access_log = argument.Resource(
Bucket,
field="AccessLog",
serializer=serializers.Dict(
Enabled=serializers.Expression(
lambda runner, object: object is not None),
S3BucketName=serializers.Identifier(),
))
class InternetGateway(Resource):
resource_name = "internet_gateway"
name = argument.String()
tags = argument.Dict()
vpc = argument.Resource(VPC)
class Role(Resource):
resource_name = "role"
name = argument.String(field="RoleName")
path = argument.String(field='Path')
assume_role_policy = argument.Dict(field="AssumeRolePolicyDocument", serializer=serializers.Json())
policies = argument.Dict()
account = argument.Resource(Account)
def clean_assume_role_policy(self, policy):
if frozenset(policy.keys()).difference(frozenset(("Version", "Statement"))):
raise errors.InvalidParameter("Unexpected policy key")
result = {}
result['Version'] = policy.get('Version', '2012-10-17')
result['Statement'] = []
for statement in policy.get("Statement", []):
s = {
"Action": statement["Action"],
"Effect": statement["Effect"],
"Principal": statement["Principal"],
"Sid": statement.get("Sid", ""),
}
result['Statement'].append(s)
return result
class InstanceProfile(Resource):
resource_name = "instance_profile"
name = argument.String(field="InstanceProfileName")
path = argument.String(field='Path')
roles = argument.ResourceList(Role)
account = argument.Resource(Account)
class KeyPair(Resource):
resource_name = "keypair"
name = argument.String(field="KeyName")
public_key = argument.String(field="PublicKeyMaterial")
account = argument.Resource(Account)
class Database(Resource):
resource_name = "database"
name = argument.String(field="DBInstanceIdentifier")
db_name = argument.String(field="DBName")
allocated_storage = argument.Integer(min=5,
max=3072,
field="AllocatedStorage")
iops = argument.Integer(field="Iops")
instance_class = argument.String(field="DBInstanceClass")
engine = argument.String(default='postgres',
field="Engine",
aws_update=False)
engine_version = argument.String(field="EngineVersion")
license_model = argument.String()
master_username = argument.String(field="MasterUsername")
master_password = argument.String(field="MasterUserPassword")
security_groups = argument.ResourceList(SecurityGroup,
field="VpcSecurityGroupIds")
publically_accessible = argument.Boolean(field="PubliclyAccessible",
aws_update=False)
availability_zone = argument.String(field="AvailabilityZone")
subnet_group = argument.Resource(SubnetGroup,
field="DBSubnetGroupName",
aws_update=False)
preferred_maintenance_window = argument.String(
field="PreferredMaintenanceWindow")
multi_az = argument.Boolean(field="MultiAZ")
storage_type = argument.String(field="StorageType")
allow_major_version_upgrade = argument.Boolean(
field="AllowMajorVersionUpgrade")
auto_minor_version_upgrade = argument.Boolean(
field="AutoMinorVersionUpgrade")
character_set_name = argument.String(field="CharacterSetName")
backup_retention_period = argument.Integer(field="BackupRetentionPeriod")
preferred_backup_window = argument.String(field="PreferredBackupWindow")
license_model = argument.String(field="LicenseModel")
port = argument.Integer(min=1, max=32768, field="Port")
# paramter_group = argument.Resource(ParameterGroup, field="DBParameterGroupName")
# option_group = argument.Resource(OptionGroup, field="OptionGroupName")
apply_immediately = argument.Boolean(field="ApplyImmediately",
aws_create=False)
# tags = argument.Dict()
account = argument.Resource(Account)
class RouteTable(Resource):
resource_name = "route_table"
name = argument.String()
routes = argument.ResourceList(Route)
propagating_vpn_gateways = argument.ResourceList(VpnGateway)
tags = argument.Dict()
vpc = argument.Resource(VPC, field='VpcId')
class SubnetGroup(Resource):
resource_name = "db_subnet_group"
name = argument.String(field="DBSubnetGroupName")
description = argument.String(field="DBSubnetGroupDescription")
subnets = argument.ResourceList(Subnet, field="SubnetIds")
# tags = argument.Dict()
account = argument.Resource(Account)
class NetworkACL(Resource):
resource_name = "network_acl"
name = argument.String()
inbound = argument.ResourceList(Rule)
outbound = argument.ResourceList(Rule)
tags = argument.Dict()
vpc = argument.Resource(VPC, field="VpcId")
class Subnet(Resource):
resource_name = "subnet"
field_order = ["vpc"]
name = argument.String()
cidr_block = argument.IPNetwork(field='CidrBlock')
availability_zone = argument.String(field='AvailabilityZone')
route_table = argument.Resource(RouteTable)
network_acl = argument.Resource(NetworkACL)
tags = argument.Dict()
vpc = argument.Resource(VPC, field='VpcId')
def clean_cidr_block(self, cidr_block):
if not cidr_block in self.vpc.cidr_block:
raise errors.InvalidParameter("{} not inside network {}".format(
self.cidr_block, self.vpc.cidr_block))
return cidr_block
class VpnConnection(Resource):
resource_name = "vpn_connection"
name = argument.String()
customer_gateway = argument.Resource(CustomerGateway, field="CustomerGatewayId")
vpn_gateway = argument.Resource(VpnGateway, field="VpnGatewayId")
type = argument.String(default="ipsec.1", choices=["ipsec.1"], field="Type")
static_routes_only = argument.Boolean(
default=True,
field="Options",
serializer=serializers.Dict(StaticRoutesOnly=serializers.Boolean()),
)
static_routes = argument.List()
# FIXME: This should somehow be a list of argument.IPNetwork
tags = argument.Dict()
vpc = argument.Resource(VPC)
class ServerCertificate(Resource):
resource_name = "server_certificate"
name = argument.String(field="ServerCertificateName")
path = argument.String(field='Path')
certificate_body = argument.String(field="CertificateBody")
private_key = argument.String(field="PrivateKey", secret=True)
certificate_chain = argument.String(field="CertificateChain")
account = argument.Resource(Account)
class VpnGateway(Resource):
resource_name = "vpn_gateway"
name = argument.String()
type = argument.String(default="ipsec.1",
choices=["ipsec.1"],
field="Type")
availability_zone = argument.String(field="AvailabilityZone")
tags = argument.Dict()
vpc = argument.Resource(VPC)
class CustomerGateway(Resource):
resource_name = "customer_gateway"
name = argument.String()
type = argument.String(default="ipsec.1",
choices=["ipsec.1"],
field="GatewayType")
public_ip = argument.IPAddress(field="PublicIp")
bgp_asn = argument.Integer(default=65000, field="BgpAsn")
tags = argument.Dict()
vpc = argument.Resource(VPC)
class LoggingConfig(Resource):
resource_name = "logging_config"
dot_ignore = True
enabled = argument.Boolean(field="Enabled", default=False)
include_cookies = argument.Boolean(field="IncludeCookies", default=False)
bucket = argument.Resource(Bucket,
field="Bucket",
serializer=serializers.Default(default=None),
default="")
prefix = argument.String(field="Prefix", default="")
class Bucket(Resource):
resource_name = "bucket"
name = argument.String(field="Bucket")
region = argument.String(
field="CreateBucketConfiguration",
serializer=serializers.Dict(
LocationConstraint=serializers.Identity(), ),
)
account = argument.Resource(Account)
class AutoScalingGroup(Resource):
resource_name = "auto_scaling_group"
name = argument.String(field="AutoScalingGroupName")
launch_configuration = argument.Resource(LaunchConfiguration,
field="LaunchConfigurationName")
min_size = argument.Integer(field="MinSize")
max_size = argument.Integer(field="MaxSize")
desired_capacity = argument.Integer(field="DesiredCapacity")
default_cooldown = argument.Integer(default=300, field="DefaultCooldown")
availability_zones = argument.List(
field="AvailabilityZones",
serializer=serializers.List(skip_empty=True))
subnets = argument.ResourceList(
Subnet,
field="VPCZoneIdentifier",
serializer=serializers.CommaSeperatedList(
serializers.List(serializers.Identifier())),
)
load_balancers = argument.ResourceList(LoadBalancer,
field="LoadBalancerNames",
aws_update=False)
health_check_type = argument.String(
max=32,
default=lambda instance: "ELB" if instance.load_balancers else None,
field="HealthCheckType",
)
health_check_grace_period = argument.Integer(
default=lambda instance: 480 if instance.load_balancers else None,
field="HealthCheckGracePeriod",
)
placement_group = argument.String(max=255, field="PlacementGroup")
termination_policies = argument.List(default=lambda i: ["Default"],
field="TerminationPolicies")
replacement_policy = argument.String(choices=['singleton', 'graceful'],
default='graceful')
account = argument.Resource(BaseAccount)
class Listener(Resource):
resource_name = "listener"
protocol = argument.String(field="Protocol")
port = argument.Integer(field="LoadBalancerPort")
instance_protocol = argument.String(field="InstanceProtocol")
instance_port = argument.Integer(field="InstancePort")
ssl_certificate = argument.Resource(
ServerCertificate,
field="SSLCertificiateId",
serializer=serializers.Property("Arn"),
)
class VPC(Resource):
resource_name = "vpc"
name = argument.String()
cidr_block = argument.IPNetwork(field='CidrBlock')
tenancy = argument.String(default="default",
choices=["default", "dedicated"],
field="InstanceTenancy")
tags = argument.Dict()
account = argument.Resource(Account)
class LoadBalancer(Resource):
resource_name = "load_balancer"
name = argument.String(field="LoadBalancerName")
listeners = argument.ResourceList(
Listener,
field="Listeners",
serializer=serializers.List(serializers.Resource()),
)
availability_zones = argument.List(field="AvailabilityZones")
scheme = argument.String(choices=["internet-facing", "private"],
field="Scheme")
subnets = argument.ResourceList(Subnet, field="Subnets")
security_groups = argument.ResourceList(SecurityGroup,
field="SecurityGroups")
# tags = argument.Dict()
health_check = argument.Resource(HealthCheck)
attributes = argument.Resource(Attributes)
account = argument.Resource(Account)
class ReplicationGroup(BaseCacheCluster, Resource):
resource_name = "replication_group"
name = argument.String(regex=r"[a-z1-9\-]{1,20}",
field="ReplicationGroupId")
description = argument.String(default=lambda resource: resource.name,
field="ReplicationGroupDescription")
primary_cluster = argument.Resource(
"touchdown.aws.elasticache.cache.CacheCluster",
field="PrimaryClusterId")
automatic_failover = argument.Boolean(field="AutomaticFailoverEnabled")
num_cache_clusters = argument.Integer(field="NumCacheClusters")
class Adapter(Resource):
adapts = argument.Resource(Resource)
input = None
def get_serializer(self, runner):
raise NotImplementedError(self.get_serializer)
@classmethod
def wrap(cls, parent, resource):
for adapter in cls.__subclasses__():
if adapter.input and isinstance(resource, adapter.input):
return adapter(parent, adapts=resource)
raise errors.Error("Cannot turn {} into a {}".format(resource, cls))
class SecurityGroup(Resource):
resource_name = "security_group"
name = argument.String(field="GroupName")
description = argument.String(field="Description")
ingress = argument.ResourceList(Rule)
egress = argument.ResourceList(
Rule,
default=lambda instance: [dict(protocol=-1, network=['0.0.0.0/0'])],
)
tags = argument.Dict()
vpc = argument.Resource(VPC, field="VpcId")
class ExternalRole(BaseAccount):
resource_name = "external_role"
name = argument.String(field="RoleSessionName")
arn = argument.String(field="RoleArn")
policy = argument.String(field="Policy")
duration = argument.Integer(min=900, max=3600, field="DurationSeconds")
external_id = argument.String(field="ExternalId")
mfa_device = argument.String(field="SerialNumber")
mfa_token = argument.String(field="TokenCode")
account = argument.Resource(Account)
