def tag_resources(): #if request.form.get('tag_key1') or request.form.get('tag_key2'): if request.form.get('resource_type'): filter_elements = dict() if request.form.get('tag_key1'): filter_elements['tag_key1'] = request.form.get('tag_key1') if request.form.get('tag_value1'): filter_elements['tag_value1'] = request.form.get('tag_value1') if request.form.get('tag_key2'): filter_elements['tag_key2'] = request.form.get('tag_key2') if request.form.get('tag_value2'): filter_elements['tag_value2'] = request.form.get('tag_value2') if request.form.get('conjunction'): filter_elements['conjunction'] = request.form.get('conjunction') resource_type, unit = get_resource_type_unit( request.form.get('resource_type')) chosen_resource_inventory = resources_tags(resource_type, unit, region) chosen_resources = OrderedDict() chosen_resources = chosen_resource_inventory.get_resources( **filter_elements) tag_group_inventory = get_tag_groups(region) tag_groups_all_info = tag_group_inventory.get_all_tag_groups_key_values( ) return render_template('tag-resources.html', resource_type=resource_type, resource_inventory=chosen_resources, tag_groups_all_info=tag_groups_all_info) else: return render_template('blank.html')
def set_config_rules(): if request.form.getlist('tag_groups_to_assign') and request.form.getlist( 'chosen_config_rule_ids'): selected_tag_groups = list() selected_tag_groups = request.form.getlist('tag_groups_to_assign') selected_config_rules = list() selected_config_rules = request.form.getlist('chosen_config_rule_ids') config_rule_id = selected_config_rules[0] tag_groups = get_tag_groups(region) tag_group_key_values = dict() tag_groups_keys_values = dict() tag_count = 1 for group in selected_tag_groups: # A Required_Tags Config Rule instance accepts up to 6 Tag Groups if tag_count < 7: tag_group_key_values = tag_groups.get_tag_group_key_values( group) key_name = "tag{}Key".format(tag_count) value_name = "tag{}Value".format(tag_count) tag_groups_keys_values[key_name] = tag_group_key_values[ 'tag_group_key'] tag_group_values_string = ",".join( tag_group_key_values['tag_group_values']) tag_groups_keys_values[value_name] = tag_group_values_string tag_count += 1 config_rules = config(region) config_rules.set_config_rules(tag_groups_keys_values, config_rule_id) updated_config_rule = config_rules.get_config_rule(config_rule_id) return render_template('updated-config-rules.html', updated_config_rule=updated_config_rule) else: return redirect(url_for('find_config_rules'))
def edit_tag_group(): resource_type, unit = get_resource_type_unit( request.form.get('resource_type')) inventory = resources_tags(resource_type, unit, region) sorted_tag_values_inventory = inventory.get_tag_values() # If user does not select an existing Tag Group or enter # a new Tag Group name reload this route until valid user input given if request.form.get('tag_group_name'): selected_tag_group_name = request.form.get('tag_group_name') tag_group = get_tag_groups(region) tag_group_key_values = tag_group.get_tag_group_key_values( selected_tag_group_name) return render_template( 'edit-tag-group.html', resource_type=resource_type, selected_tag_group_name=selected_tag_group_name, selected_tag_group_attributes=tag_group_key_values, selected_resource_type_tag_values_inventory= sorted_tag_values_inventory) elif request.form.get('new_tag_group_name'): selected_tag_group_name = request.form.get('new_tag_group_name') tag_group_key_values = {} return render_template( 'edit-tag-group.html', resource_type=resource_type, selected_tag_group_name=selected_tag_group_name, selected_tag_group_attributes=tag_group_key_values, selected_resource_type_tag_values_inventory= sorted_tag_values_inventory) else: return render_template('type-to-tag-group.html')
def get_tag_group_names(): all_tag_groups = get_tag_groups(region) tag_group_names = all_tag_groups.get_tag_group_names() resource_type, _ = get_resource_type_unit( request.form.get('resource_type')) return render_template('display-tag-groups.html', inventory=tag_group_names, resource_type=resource_type)
def add_update_tag_group(): new_tag_group_name = request.form.get('new_tag_group_name') if new_tag_group_name: tag_group_name = request.form.get('new_tag_group_name') tag_group_key_name = request.form.get('new_tag_group_key_name') tag_group_action = "create" else: tag_group_name = request.form.get('selected_tag_group_name') tag_group_key_name = request.form.get('selected_tag_group_key_name') tag_group_action = "update" tag_group_value_options = [] form_contents = request.form.to_dict() for key, value in form_contents.items(): if value == "checked": tag_group_value_options.append(key) if request.form.get("new_tag_group_values"): new_tag_group_values = request.form.get("new_tag_group_values").split( ",") new_tag_group_values = [ value.strip(" ") for value in new_tag_group_values ] tag_group_value_options.extend(new_tag_group_values) tag_group = set_tag_group(region) if tag_group_action == "create": new_tag_group = tag_group.create_tag_group(tag_group_name, tag_group_key_name, tag_group_value_options) else: updated_tag_group = tag_group.update_tag_group( tag_group_name, tag_group_key_name, tag_group_value_options) tag_groups = get_tag_groups(region) tag_group_key_values = tag_groups.get_tag_group_key_values(tag_group_name) if request.form.get('resource_type') == "ebs": resource_type = 'ec2' unit = 'volumes' elif request.form.get('resource_type') == "ec2": resource_type = 'ec2' unit = 'instances' elif request.form.get('resource_type') == "s3": resource_type = 's3' unit = 'buckets' inventory = resources_tags(resource_type, unit, region) sorted_tag_values_inventory = inventory.get_tag_values() return render_template( 'edit-tag-group.html', resource_type=resource_type, selected_tag_group_name=tag_group_name, selected_tag_group_attributes=tag_group_key_values, selected_resource_type_tag_values_inventory=sorted_tag_values_inventory )
def select_roles_tags(): tag_group_inventory = get_tag_groups(region) tag_groups_all_info = tag_group_inventory.get_all_tag_groups_key_values() iam_roles = roles(region) #Initially get AWS SSO Roles path_prefix = "/aws-reserved/sso.amazonaws.com/" roles_inventory = iam_roles.get_roles(path_prefix) return render_template('tag-roles.html', roles_inventory=roles_inventory, tag_groups_all_info=tag_groups_all_info)
def get_tag_group_names(): all_tag_groups = get_tag_groups(region) tag_group_names = all_tag_groups.get_tag_group_names() if request.form.get('resource_type') == "ebs": resource_type = 'ebs' elif request.form.get('resource_type') == "ec2": resource_type = 'ec2' elif request.form.get('resource_type') == "s3": resource_type = 's3' return render_template('display-tag-groups.html', inventory=tag_group_names, resource_type=resource_type)
def find_config_rules(): #Get the Tag Group names & associated tag keys tag_group_inventory = dict() tag_groups = get_tag_groups(region) tag_group_inventory = tag_groups.get_tag_group_names() #Get the AWS Config Rules config_rules_ids_names = dict() config_rules = config(region) config_rules_ids_names = config_rules.get_config_rules_ids_names() return render_template('find-config-rules.html', tag_group_inventory=tag_group_inventory, config_rules_ids_names=config_rules_ids_names)
def get_service_catalog(): #Get the Tag Group names & associated tag keys tag_group_inventory = dict() tag_groups = get_tag_groups(region) tag_group_inventory = tag_groups.get_tag_group_names() #Get the Service Catalog product templates sc_product_ids_names = dict() #sc_product_names = list() sc_products = service_catalog(region) sc_product_ids_names = sc_products.get_sc_product_templates() return render_template('update-service-catalog.html', tag_group_inventory=tag_group_inventory, sc_product_ids_names=sc_product_ids_names)
def tag_resources(): inbound_resource_type = request.form.get('resource_type') if request.form.get('resource_type') == "ebs": resource_type = 'ec2' unit = 'volumes' elif request.form.get('resource_type') == "ec2": resource_type = 'ec2' unit = 'instances' elif request.form.get('resource_type') == "s3": resource_type = 's3' unit = 'buckets' chosen_resource_inventory = resources_tags(resource_type, unit, region) chosen_resource_ids = chosen_resource_inventory.get_resources() tag_group_inventory = get_tag_groups(region) tag_groups_all_info = tag_group_inventory.get_all_tag_groups_key_values() return render_template('tag-resources.html', resource_type=inbound_resource_type, resource_inventory=chosen_resource_ids, tag_groups_all_info=tag_groups_all_info)
def edit_tag_group(): if request.form.get('resource_type') == "ebs": resource_type = 'ec2' unit = 'volumes' elif request.form.get('resource_type') == "ec2": resource_type = 'ec2' unit = 'instances' elif request.form.get('resource_type') == "s3": resource_type = 's3' unit = 'buckets' inventory = resources_tags(resource_type, unit, region) sorted_tag_values_inventory = inventory.get_tag_values() if request.form.get('tag_group_name'): selected_tag_group_name = request.form.get('tag_group_name') tag_group = get_tag_groups(region) tag_group_key_values = tag_group.get_tag_group_key_values( selected_tag_group_name) return render_template( 'edit-tag-group.html', resource_type=resource_type, selected_tag_group_name=selected_tag_group_name, selected_tag_group_attributes=tag_group_key_values, selected_resource_type_tag_values_inventory= sorted_tag_values_inventory) elif request.form.get('new_tag_group_name'): selected_tag_group_name = request.form.get('new_tag_group_name') tag_group_key_values = {} return render_template( 'edit-tag-group.html', resource_type=resource_type, selected_tag_group_name=selected_tag_group_name, selected_tag_group_attributes=tag_group_key_values, selected_resource_type_tag_values_inventory= sorted_tag_values_inventory) else: return render_template('type-to-tag-group.html')
def assign_tg_sc_product_template(self, tag_group_name, sc_product_template_id, **session_credentials): self.my_status = execution_status() all_sc_tag_options = dict() tag_group_contents = dict() this_sc_tag_option_values_ids = dict() # Instantiate a service catalog class instance sc_instance = service_catalog(self.region, **session_credentials) # Get the key & values list for the requested Tag Group tag_group = get_tag_groups(self.region, **session_credentials) ( tag_group_contents, tag_group_execution_status, ) = tag_group.get_tag_group_key_values(tag_group_name) # Get the dictionary of current SC TagOptions all_sc_tag_options, sc_tag_execution_status = sc_instance.get_sc_tag_options( key=tag_group_contents["tag_group_key"]) # Get the TagOption ID's of all SC TagOptions that have the same key as the Tag Group parameter # If there's a key match, remember the corresponding value to determine if any Tag Group values are missing from SC for sc_tag_option in all_sc_tag_options["TagOptionDetails"]: if sc_tag_option["Key"] == tag_group_contents["tag_group_key"]: this_sc_tag_option_values_ids[ sc_tag_option["Value"]] = sc_tag_option["Id"] # Delete Service Catalog TagOptions values that are not included in selected Tag Group if this_sc_tag_option_values_ids: temp_tag_option_values_ids = this_sc_tag_option_values_ids.copy() for value, option_id in temp_tag_option_values_ids.items(): if value not in tag_group_contents["tag_group_values"]: try: response = self.service_catalog_client.disassociate_tag_option_from_resource( ResourceId=sc_product_template_id, TagOptionId=option_id) response = self.service_catalog_client.delete_tag_option( Id=option_id) this_sc_tag_option_values_ids.pop(value) self.my_status.success( message="Service Catalog TagOption deleted!") except botocore.exceptions.ClientError as error: log.error('Boto3 API returned error: "%s"', error) if (error.response["Error"]["Code"] == "AccessDeniedException" or error.response["Error"]["Code"] == "UnauthorizedOperation"): self.my_status.error( message= "You are not authorized to update these resources" ) elif (error.response["Error"]["Code"] == "ResourceInUseException"): self.my_status.warning( message='The TagOption Key: "' + tag_group_contents["tag_group_key"] + '" and Value: "' + value + '" is in use on another Product Template.') else: self.my_status.error() else: self.my_status.success() # Create SC TagOptions for the selected Tag Group's values if value is not already an SC TagOption for value in tag_group_contents["tag_group_values"]: if value not in this_sc_tag_option_values_ids: ( tag_option_id, tag_option_id_execution_status, ) = sc_instance.create_sc_tag_option( tag_group_contents["tag_group_key"], value) this_sc_tag_option_values_ids[value] = tag_option_id product_template_details = dict() try: product_template_details = ( self.service_catalog_client.describe_product_as_admin( Id=sc_product_template_id)) self.my_status.success() current_status = self.my_status.get_status() if current_status["alert_level"] == "success": self.my_status.success( message="Service Catalog product template found!") except botocore.exceptions.ClientError as error: log.error('Boto3 API returned error: "%s"', error) if (error.response["Error"]["Code"] == "AccessDeniedException" or error.response["Error"]["Code"] == "UnauthorizedOperation"): self.my_status.error( message="You are not authorized to view these resources") else: self.my_status.error() existing_prod_template_tag_options = list() existing_prod_template_tag_options = product_template_details.get( "TagOptions") existing_product_template_tag_option_ids = list() for tag_option in existing_prod_template_tag_options: existing_product_template_tag_option_ids.append( tag_option.get("Id")) # Assign Tag value in the Tag Group to the specified SC product template if not already assigned for value, to_id in this_sc_tag_option_values_ids.items(): if to_id not in existing_product_template_tag_option_ids: try: sc_response = (self.service_catalog_client. associate_tag_option_with_resource( ResourceId=sc_product_template_id, TagOptionId=to_id)) self.my_status.success() current_status = self.my_status.get_status() if current_status["alert_level"] == "success": self.my_status.success( message= "New Tag Option associated with Service Catalog product!" ) except botocore.exceptions.ClientError as error: log.error('Boto3 API returned error: "%s"', error) if (error.response["Error"]["Code"] == "AccessDeniedException" or error.response["Error"]["Code"] == "UnauthorizedOperation"): self.my_status.error( message= "You are not authorized to update these resources") else: self.my_status.error() # Return updated dictionary of TagOption keys & values for the SC product template product_template_details.clear() try: product_template_details = ( self.service_catalog_client.describe_product_as_admin( Id=sc_product_template_id)) self.my_status.success() current_status = self.my_status.get_status() if current_status["alert_level"] == "success": self.my_status.success( message="Service Catalog product template found!") except botocore.exceptions.ClientError as error: log.error('Boto3 API returned error: "%s"', error) if (error.response["Error"]["Code"] == "AccessDeniedException" or error.response["Error"]["Code"] == "UnauthorizedOperation"): self.my_status.error( message="You are not authorized to view these resources") else: self.my_status.error() existing_prod_template_tag_options.clear() existing_prod_template_tag_options = product_template_details[ "TagOptions"] existing_tag_option_keys_values = defaultdict(list) for tag_option in existing_prod_template_tag_options: existing_tag_option_keys_values[tag_option["Key"]].append( tag_option["Value"]) return existing_tag_option_keys_values, self.my_status.get_status()
def assign_tg_sc_product_template(self, tag_group_name, sc_product_template_id): current_sc_tag_options = dict() sc_response = dict() tag_group_contents = dict() sc_tag_option_ids = list() sc_tag_option_values = list() #Instantiate a service catalog class instance sc_instance = service_catalog(self.region) #Get the key & values list for the requested Tag Group tag_group = get_tag_groups(self.region) tag_group_contents = tag_group.get_tag_group_key_values(tag_group_name) #Get the dictionary of current SC TagOptions current_sc_tag_options = sc_instance.get_sc_tag_options() #Get the TagOption ID's of all SC TagOptions that have the same key as the Tag Group parameter #If there's a key match, remember the corresponding value to see any Tag Group values are missing from SC for sc_tag_option in current_sc_tag_options['TagOptionDetails']: if sc_tag_option['Key'] == tag_group_contents['tag_group_key']: sc_tag_option_ids.append(sc_tag_option['Id']) sc_tag_option_values.append(sc_tag_option['Value']) #Create SC TagOptions for any Tag Group values not in SC for the specified Tag Group if sc_tag_option_values: for value in sc_tag_option_values: if value not in tag_group_contents['tag_group_values']: tag_option_id = sc_instance.create_sc_tag_option( tag_group_contents['tag_group_key'], value) sc_tag_option_ids.append(tag_option_id) else: for tag_group_value in tag_group_contents['tag_group_values']: tag_option_id = sc_instance.create_sc_tag_option( tag_group_contents['tag_group_key'], tag_group_value) sc_tag_option_ids.append(tag_option_id) #Assign TagOption in the Tag Group to the specified SC product template if not already assigned product_template_details = dict() product_template_details = self.service_catalog_client.describe_product_as_admin( Id=sc_product_template_id) existing_tag_options = list() existing_tag_options = product_template_details['TagOptions'] existing_tag_option_ids = list() for tag_option in existing_tag_options: existing_tag_option_ids.append(tag_option['Id']) for to_id in sc_tag_option_ids: if to_id not in existing_tag_option_ids: sc_response = self.service_catalog_client.associate_tag_option_with_resource( ResourceId=sc_product_template_id, TagOptionId=to_id) #Return updated dictionary of TagOption keys & values for the SC product template product_template_details.clear() product_template_details = self.service_catalog_client.describe_product_as_admin( Id=sc_product_template_id) existing_tag_options.clear() existing_tag_options = product_template_details['TagOptions'] existing_tag_option_key_values = defaultdict(list) for tag_option in existing_tag_options: existing_tag_option_key_values[tag_option['Key']].append( tag_option['Value']) return existing_tag_option_key_values