Esempio n. 1
0
    def delete_schedule(self, request_user: UserModel, tenant: TenantModel, aws_environment: AwsEnvironmentModel,
                        event_id: int):
        self.logger.info("START: delete")
        if not request_user.is_belong_to_tenant(tenant):
            raise PermissionDenied("request user is not belong to tenant. user_id:{} tenant_id:{}"
                                   .format(request_user.id, tenant.id))

        if not request_user.has_aws_env(aws_environment):
            raise PermissionDenied("request user doesn't have aws environments. id:{}".format(request_user.id))

        EventRepository.delete(event_id)

        self.logger.info("END: delete")
    def billing_graph(self, request_user: UserModel, aws: AwsEnvironmentModel,
                      start_time, end_time, period, stat):
        self.logger.info("START: graph")

        # 使用できるAWSアカウントか
        if not request_user.has_aws_env(aws):
            raise PermissionDenied(
                "request user can't use aws account. user_id: {}, aws_id: {}".
                format(request_user.id, aws.id))

        # 請求情報を取得する権限を持っているか
        if not request_user.can_fetch_billing():
            raise PermissionDenied(
                "request user can't fetch aws_environments. id:{}".format(
                    request_user.id))

        # 請求情報のリストメトリクスを一覧で取得
        metrics = CloudWatch(aws,
                             'us-east-1').list_metrics('AWS/Billing',
                                                       'EstimatedCharges', [])
        # APIの引数を充足
        # ここは配列じゃなくて辞書型にして、どのサービスかわかるように!
        metric_data_queries = []
        for metric in metrics:
            metric_data_queries.append(
                dict(metric_name=metric['MetricName'],
                     dimensions=metric['Dimensions']))
        params = dict(name_space='AWS/Billing',
                      period=period,
                      stat=stat,
                      start_time=start_time,
                      end_time=end_time,
                      metric_data_queries=metric_data_queries)
        monitor_graphs = CloudWatch(aws,
                                    'us-east-1').get_multi_charts(**params)

        self.logger.info("END: graph")

        # 成型を行う config内から情報を絞りこむ
        # 総計はserviceがUSDとなるので、これをTotalに変換
        def pick_service_name(dimensions):
            return next((dimension['Value'] for dimension in dimensions
                         if dimension['Name'] == 'ServiceName'), 'Total')

        result = map(
            lambda graph: dict(service=pick_service_name(graph['config'][
                'dimensions']),
                               timestamps=graph['timestamps'],
                               values=graph['values']), monitor_graphs)

        return list(result)
Esempio n. 3
0
    def fetch_schedules(self, request_user: UserModel, tenant: TenantModel, aws_environment: AwsEnvironmentModel,
                        resource: Resource):
        self.logger.info("START: fetch_schedules")
        if not request_user.is_belong_to_tenant(tenant):
            raise PermissionDenied("request user is not belong to tenant. user_id:{} tenant_id:{}"
                                   .format(request_user.id, tenant.id))

        if not request_user.has_aws_env(aws_environment):
            raise PermissionDenied("request user doesn't have aws environments. id:{}".format(request_user.id))

        schedules = EventRepository.fetch_schedules_by_resource(resource, aws_environment)

        self.logger.info("END: fetch_schedules")
        return schedules
Esempio n. 4
0
    def fetch_monitors(self, request_user: UserModel, aws: AwsEnvironmentModel,
                       resource: Resource):
        self.logger.info("START: fetch_monitors")

        # 使用できるAWSアカウントか
        if not request_user.has_aws_env(aws):
            raise PermissionDenied(
                "request user can't use aws account. user_id: {}, aws_id: {}".
                format(request_user.id, aws.id))

        monitors = CloudWatch(
            aws, resource.region).describe_resource_monitors(resource)

        self.logger.info("END: fetch_monitors")
        return monitors
Esempio n. 5
0
    def stop_resource(self, request_user: UserModel,
                      aws_environment: AwsEnvironmentModel,
                      resource: Resource):
        self.logger.info("START: stop_resource")
        tenant = aws_environment.tenant
        if not request_user.is_belong_to_tenant(tenant):
            raise PermissionDenied(
                "request user is not belong to tenant. user_id:{} tenant_id:{}"
                .format(request_user.id, tenant.id))

        if not request_user.has_aws_env(aws_environment):
            raise PermissionDenied(
                "request user doesn't have aws environments. id:{}".format(
                    request_user.id))

        resource.stop(aws_environment)
        self.logger.info("END: stop_resource")
Esempio n. 6
0
    def run_command(self, request_user: UserModel,
                    aws_environment: AwsEnvironmentModel, command: Command):
        self.logger.info("START: run_command")
        tenant = aws_environment.tenant
        if not request_user.is_belong_to_tenant(tenant):
            raise PermissionDenied(
                "request user is not belong to tenant. user_id:{} tenant_id:{}"
                .format(request_user.id, tenant.id))

        if not request_user.has_aws_env(aws_environment):
            raise PermissionDenied(
                "request user doesn't have aws environments. id:{}".format(
                    request_user.id))

        command.run(aws_environment)

        self.logger.info("END: run_command")
        return command
Esempio n. 7
0
    def create_backup(self, request_user: UserModel,
                      aws_environment: AwsEnvironmentModel, resource: Resource,
                      no_reboot: bool):
        self.logger.info("START: create_backup")
        tenant = aws_environment.tenant
        if not request_user.is_belong_to_tenant(tenant):
            raise PermissionDenied(
                "request user is not belong to tenant. user_id:{} tenant_id:{}"
                .format(request_user.id, tenant.id))

        if not request_user.has_aws_env(aws_environment):
            raise PermissionDenied(
                "request user doesn't have aws environments. id:{}".format(
                    request_user.id))

        backup_id = resource.create_backup(aws_environment,
                                           no_reboot=no_reboot)
        self.logger.info("END: create_backup")
        return backup_id
Esempio n. 8
0
    def graph(self, request_user: UserModel, resource: Resource,
              aws: AwsEnvironmentModel, monitor_graph: MonitorGraph):
        self.logger.info("START: graph")

        # 使用できるAWSアカウントか
        if not request_user.has_aws_env(aws):
            raise PermissionDenied(
                "request user can't use aws account. user_id: {}, aws_id: {}".
                format(request_user.id, aws.id))

        if monitor_graph.metric_name not in resource.get_metrics():
            raise ObjectDoesNotExist(
                "service doesn't have metric service_type: {} metric: {}".
                format(resource.get_service_name(), monitor_graph.metric_name))

        monitor_graph = CloudWatch(aws, resource.region).get_chart(
            monitor_graph, resource)

        self.logger.info("END: graph")
        return monitor_graph
Esempio n. 9
0
    def describe_document(self, request_user: UserModel,
                          aws_environment: AwsEnvironmentModel, region: str,
                          document_name: str):
        self.logger.info("START: describe_document")
        tenant = aws_environment.tenant
        if not request_user.is_belong_to_tenant(tenant):
            raise PermissionDenied(
                "request user is not belong to tenant. user_id:{} tenant_id:{}"
                .format(request_user.id, tenant.id))

        if not request_user.has_aws_env(aws_environment):
            raise PermissionDenied(
                "request user doesn't have aws environments. id:{}".format(
                    request_user.id))

        ssm = Ssm(aws_environment=aws_environment, region=region)
        document = ssm.describe_document(document_name)

        self.logger.info("END: describe_document")
        return document
Esempio n. 10
0
    def fetch_documents(self, request_user: UserModel,
                        aws_environment: AwsEnvironmentModel, region: str):
        self.logger.info("START: fetch_documents")
        tenant = aws_environment.tenant
        if not request_user.is_belong_to_tenant(tenant):
            raise PermissionDenied(
                "request user is not belong to tenant. user_id:{} tenant_id:{}"
                .format(request_user.id, tenant.id))

        if not request_user.has_aws_env(aws_environment):
            raise PermissionDenied(
                "request user doesn't have aws environments. id:{}".format(
                    request_user.id))

        ssm = Ssm(aws_environment=aws_environment, region=region)
        documents = []
        for generator in ssm.list_documents():
            documents.extend(generator)

        self.logger.info("END: fetch_documents")
        return documents
Esempio n. 11
0
    def fetch_resources(self, request_user: UserModel,
                        aws_environment: AwsEnvironmentModel,
                        region: str) -> list:
        self.logger.info("START: fetch resources")
        if not request_user.is_belong_to_tenant(aws_environment.tenant):
            raise PermissionDenied(
                "request user is not belong to tenant. user_id:{} tenant_id:{}"
                .format(request_user.id, aws_environment.tenant.id))

        if not request_user.has_aws_env(aws_environment):
            raise PermissionDenied(
                "request user doesn't have aws environments. id:{}".format(
                    request_user.id))

        tagging = ResourceGroupTagging(aws_environment=aws_environment,
                                       region=region)
        self.logger.info("ResourceGroupTagging Client Created.")

        resources = []

        resources_status = None
        for get_resources in tagging.get_resources(
                Resource.get_all_services()):
            self.logger.info("got resource tags")
            if resources_status is None and get_resources:
                resources_status = CloudWatch(
                    aws_environment=aws_environment,
                    region=region).get_resources_status()
                self.logger.info("got cloudwatch alarms")
            for get_resource in get_resources:
                self.logger.info("resource tag convert response")
                # アラームがなければ未設定とする
                get_resource.status = resources_status[get_resource.get_service_name()].\
                    get(get_resource.resource_id, "UNSET")
                resources.append(get_resource)

        self.logger.info("END: fetch resources")
        return resources
Esempio n. 12
0
    def save_monitor(self, request_user: UserModel, resource: Resource,
                     aws: AwsEnvironmentModel) -> Resource:
        self.logger.info("START: save_monitor")

        # 使用できるAWSアカウントか
        if not request_user.has_aws_env(aws):
            raise PermissionDenied(
                "request user can't use aws account. user_id: {}, aws_id: {}".
                format(request_user.id, aws.id))

        # SNS連携許可
        self.logger.info("sns add permission... aws: {}".format(aws.id))
        sns = Sns(resource.region)
        sns.add_permission(aws)
        self.logger.info("sns add permission... DONE")

        # アラーム作成
        self.logger.info("cloudwatch put metric alarms ...")
        CloudWatch(aws, resource.region).put_metric_alarms(resource, sns.arn)
        self.logger.info("cloudwatch put metric alarms ... DONE")

        self.logger.info("END: save_monitor")
        return resource