def delete_schedule(self, request_user: UserModel, tenant: TenantModel, aws_environment: AwsEnvironmentModel, event_id: int): self.logger.info("START: delete") if not request_user.is_belong_to_tenant(tenant): raise PermissionDenied("request user is not belong to tenant. user_id:{} tenant_id:{}" .format(request_user.id, tenant.id)) if not request_user.has_aws_env(aws_environment): raise PermissionDenied("request user doesn't have aws environments. id:{}".format(request_user.id)) EventRepository.delete(event_id) self.logger.info("END: delete")
def billing_graph(self, request_user: UserModel, aws: AwsEnvironmentModel, start_time, end_time, period, stat): self.logger.info("START: graph") # 使用できるAWSアカウントか if not request_user.has_aws_env(aws): raise PermissionDenied( "request user can't use aws account. user_id: {}, aws_id: {}". format(request_user.id, aws.id)) # 請求情報を取得する権限を持っているか if not request_user.can_fetch_billing(): raise PermissionDenied( "request user can't fetch aws_environments. id:{}".format( request_user.id)) # 請求情報のリストメトリクスを一覧で取得 metrics = CloudWatch(aws, 'us-east-1').list_metrics('AWS/Billing', 'EstimatedCharges', []) # APIの引数を充足 # ここは配列じゃなくて辞書型にして、どのサービスかわかるように! metric_data_queries = [] for metric in metrics: metric_data_queries.append( dict(metric_name=metric['MetricName'], dimensions=metric['Dimensions'])) params = dict(name_space='AWS/Billing', period=period, stat=stat, start_time=start_time, end_time=end_time, metric_data_queries=metric_data_queries) monitor_graphs = CloudWatch(aws, 'us-east-1').get_multi_charts(**params) self.logger.info("END: graph") # 成型を行う config内から情報を絞りこむ # 総計はserviceがUSDとなるので、これをTotalに変換 def pick_service_name(dimensions): return next((dimension['Value'] for dimension in dimensions if dimension['Name'] == 'ServiceName'), 'Total') result = map( lambda graph: dict(service=pick_service_name(graph['config'][ 'dimensions']), timestamps=graph['timestamps'], values=graph['values']), monitor_graphs) return list(result)
def fetch_schedules(self, request_user: UserModel, tenant: TenantModel, aws_environment: AwsEnvironmentModel, resource: Resource): self.logger.info("START: fetch_schedules") if not request_user.is_belong_to_tenant(tenant): raise PermissionDenied("request user is not belong to tenant. user_id:{} tenant_id:{}" .format(request_user.id, tenant.id)) if not request_user.has_aws_env(aws_environment): raise PermissionDenied("request user doesn't have aws environments. id:{}".format(request_user.id)) schedules = EventRepository.fetch_schedules_by_resource(resource, aws_environment) self.logger.info("END: fetch_schedules") return schedules
def fetch_monitors(self, request_user: UserModel, aws: AwsEnvironmentModel, resource: Resource): self.logger.info("START: fetch_monitors") # 使用できるAWSアカウントか if not request_user.has_aws_env(aws): raise PermissionDenied( "request user can't use aws account. user_id: {}, aws_id: {}". format(request_user.id, aws.id)) monitors = CloudWatch( aws, resource.region).describe_resource_monitors(resource) self.logger.info("END: fetch_monitors") return monitors
def stop_resource(self, request_user: UserModel, aws_environment: AwsEnvironmentModel, resource: Resource): self.logger.info("START: stop_resource") tenant = aws_environment.tenant if not request_user.is_belong_to_tenant(tenant): raise PermissionDenied( "request user is not belong to tenant. user_id:{} tenant_id:{}" .format(request_user.id, tenant.id)) if not request_user.has_aws_env(aws_environment): raise PermissionDenied( "request user doesn't have aws environments. id:{}".format( request_user.id)) resource.stop(aws_environment) self.logger.info("END: stop_resource")
def run_command(self, request_user: UserModel, aws_environment: AwsEnvironmentModel, command: Command): self.logger.info("START: run_command") tenant = aws_environment.tenant if not request_user.is_belong_to_tenant(tenant): raise PermissionDenied( "request user is not belong to tenant. user_id:{} tenant_id:{}" .format(request_user.id, tenant.id)) if not request_user.has_aws_env(aws_environment): raise PermissionDenied( "request user doesn't have aws environments. id:{}".format( request_user.id)) command.run(aws_environment) self.logger.info("END: run_command") return command
def create_backup(self, request_user: UserModel, aws_environment: AwsEnvironmentModel, resource: Resource, no_reboot: bool): self.logger.info("START: create_backup") tenant = aws_environment.tenant if not request_user.is_belong_to_tenant(tenant): raise PermissionDenied( "request user is not belong to tenant. user_id:{} tenant_id:{}" .format(request_user.id, tenant.id)) if not request_user.has_aws_env(aws_environment): raise PermissionDenied( "request user doesn't have aws environments. id:{}".format( request_user.id)) backup_id = resource.create_backup(aws_environment, no_reboot=no_reboot) self.logger.info("END: create_backup") return backup_id
def graph(self, request_user: UserModel, resource: Resource, aws: AwsEnvironmentModel, monitor_graph: MonitorGraph): self.logger.info("START: graph") # 使用できるAWSアカウントか if not request_user.has_aws_env(aws): raise PermissionDenied( "request user can't use aws account. user_id: {}, aws_id: {}". format(request_user.id, aws.id)) if monitor_graph.metric_name not in resource.get_metrics(): raise ObjectDoesNotExist( "service doesn't have metric service_type: {} metric: {}". format(resource.get_service_name(), monitor_graph.metric_name)) monitor_graph = CloudWatch(aws, resource.region).get_chart( monitor_graph, resource) self.logger.info("END: graph") return monitor_graph
def describe_document(self, request_user: UserModel, aws_environment: AwsEnvironmentModel, region: str, document_name: str): self.logger.info("START: describe_document") tenant = aws_environment.tenant if not request_user.is_belong_to_tenant(tenant): raise PermissionDenied( "request user is not belong to tenant. user_id:{} tenant_id:{}" .format(request_user.id, tenant.id)) if not request_user.has_aws_env(aws_environment): raise PermissionDenied( "request user doesn't have aws environments. id:{}".format( request_user.id)) ssm = Ssm(aws_environment=aws_environment, region=region) document = ssm.describe_document(document_name) self.logger.info("END: describe_document") return document
def fetch_documents(self, request_user: UserModel, aws_environment: AwsEnvironmentModel, region: str): self.logger.info("START: fetch_documents") tenant = aws_environment.tenant if not request_user.is_belong_to_tenant(tenant): raise PermissionDenied( "request user is not belong to tenant. user_id:{} tenant_id:{}" .format(request_user.id, tenant.id)) if not request_user.has_aws_env(aws_environment): raise PermissionDenied( "request user doesn't have aws environments. id:{}".format( request_user.id)) ssm = Ssm(aws_environment=aws_environment, region=region) documents = [] for generator in ssm.list_documents(): documents.extend(generator) self.logger.info("END: fetch_documents") return documents
def fetch_resources(self, request_user: UserModel, aws_environment: AwsEnvironmentModel, region: str) -> list: self.logger.info("START: fetch resources") if not request_user.is_belong_to_tenant(aws_environment.tenant): raise PermissionDenied( "request user is not belong to tenant. user_id:{} tenant_id:{}" .format(request_user.id, aws_environment.tenant.id)) if not request_user.has_aws_env(aws_environment): raise PermissionDenied( "request user doesn't have aws environments. id:{}".format( request_user.id)) tagging = ResourceGroupTagging(aws_environment=aws_environment, region=region) self.logger.info("ResourceGroupTagging Client Created.") resources = [] resources_status = None for get_resources in tagging.get_resources( Resource.get_all_services()): self.logger.info("got resource tags") if resources_status is None and get_resources: resources_status = CloudWatch( aws_environment=aws_environment, region=region).get_resources_status() self.logger.info("got cloudwatch alarms") for get_resource in get_resources: self.logger.info("resource tag convert response") # アラームがなければ未設定とする get_resource.status = resources_status[get_resource.get_service_name()].\ get(get_resource.resource_id, "UNSET") resources.append(get_resource) self.logger.info("END: fetch resources") return resources
def save_monitor(self, request_user: UserModel, resource: Resource, aws: AwsEnvironmentModel) -> Resource: self.logger.info("START: save_monitor") # 使用できるAWSアカウントか if not request_user.has_aws_env(aws): raise PermissionDenied( "request user can't use aws account. user_id: {}, aws_id: {}". format(request_user.id, aws.id)) # SNS連携許可 self.logger.info("sns add permission... aws: {}".format(aws.id)) sns = Sns(resource.region) sns.add_permission(aws) self.logger.info("sns add permission... DONE") # アラーム作成 self.logger.info("cloudwatch put metric alarms ...") CloudWatch(aws, resource.region).put_metric_alarms(resource, sns.arn) self.logger.info("cloudwatch put metric alarms ... DONE") self.logger.info("END: save_monitor") return resource