def user_tags_remove(self):
"""
This method check the user
@return:
"""
users = self.get_detail_resource_list(
func_name=self.iam_client.list_users,
input_tag='Users',
check_tag='Marker')
count = 0
for user in users:
user_name = user.get('UserName')
if self.username:
if self.username == user_name:
self.iam_client.untag_user(UserName=user_name,
TagKeys=self.remove_keys)
count += 1
logger.info(
f'Username :: {user_name} :: {self.remove_keys}')
break
else:
user_tags = self.IAMOperations.get_user_tags(
username=user_name)
if not self.__cluster_user(tags=user_tags):
self.iam_client.untag_user(UserName=user_name,
TagKeys=self.remove_keys)
count += 1
logger.info(
f'Username :: {user_name} :: {self.remove_keys}')
return count
def update_user_tags(self):
"""
This method updates the user tags from the csv file
@return:
"""
count = 0
updated_usernames = []
with open(self.file_name) as file:
csvreader = csv.reader(file)
header = next(csvreader)
rows = []
for row in csvreader:
rows.append(row)
json_data = self.__get_json_data(header, rows)
for key, tags in json_data.items():
user_tags = self.IAMOperations.get_user_tags(username=key)
tags.append({'Key': 'User', 'Value': key})
filter_tags = self.__filter_tags_user_tags(user_tags, tags)
if filter_tags:
self.iam_client.tag_user(UserName=key, Tags=filter_tags)
logger.info(f'Username :: {key} {filter_tags}')
updated_usernames.append(key)
count += 1
logger.info(f'Updated Tags of IAM Users = {count} :: Usernames {updated_usernames}')
return count
def __delete_iam_role(self, resource_id: str):
"""
This method deleted the zombie cluster iam role
:param resource_id:
:return:
"""
try:
# Detach policy from role
role_policies = self.iam_client.list_attached_role_policies(RoleName=resource_id)
if role_policies['AttachedPolicies']:
for role_policy in role_policies['AttachedPolicies']:
self.iam_client.detach_role_policy(RoleName=resource_id, PolicyArn=role_policy.get('PolicyArn'))
self.iam_client.delete_policy(PolicyArn=role_policy.get('PolicyArn'))
policy_names = self.iam_client.list_role_policies(RoleName=resource_id)
if policy_names.get('PolicyNames'):
for policy in policy_names.get('PolicyNames'):
self.iam_client.delete_role_policy(RoleName=resource_id, PolicyName=policy)
instance_policies = self.iam_client.list_instance_profiles_for_role(RoleName=resource_id)
if instance_policies['InstanceProfiles']:
self.iam_client.remove_role_from_instance_profile(RoleName=resource_id,
InstanceProfileName=resource_id.replace('role',
'profile'))
self.iam_client.delete_role(RoleName=resource_id)
logger.info(f'delete_role: {resource_id}')
except Exception as err:
logger.exception(f'Cannot delete_role: {resource_id}, {err}')
def __delete_internet_gateway(self, resource_id: str, vpc_id: str):
"""
This method delete Internet gateway in the following order
NatGateway( Delete Network Interface associated with It ) --> Release Address --> Internet Gateway
:param resource_id:
:param vpc_id:
:return:
"""
try:
network_interfaces = self.get_detail_list(
func_name=self.client.describe_network_interfaces,
input_tag='NetworkInterfaces',
check_tag='NextToken')
network_interface_ids = self.__get_cluster_references(
resource_id=vpc_id,
resource_list=network_interfaces,
input_resource_id='VpcId',
output_result='NetworkInterfaceId')
for network_interface_id in network_interface_ids:
self.__delete_network_interface(
resource_id=network_interface_id)
if vpc_id:
self.client.detach_internet_gateway(
InternetGatewayId=resource_id, VpcId=vpc_id)
self.client.delete_internet_gateway(InternetGatewayId=resource_id)
logger.info(f'delete_internet_gateway: {resource_id}')
except Exception as err:
logger.exception(
f'Cannot delete_internet_gateway: {resource_id}, {err}')
def __delete_network_acl(self, resource_id, vpc_id: str):
try:
nacls = self.get_detail_list(
func_name=self.client.describe_network_acls,
input_tag='NetworkAcls',
check_tag='NextToken')
vpc_nacls = self.__get_cluster_references(
resource_id=resource_id,
resource_list=nacls,
input_resource_id='NetworkAclId',
output_result='Associations')
default_nacl = self.__get_cluster_references(
resource_id=resource_id,
resource_list=nacls,
input_resource_id='NetworkAclId',
output_result='IsDefault')
if default_nacl:
default_nacl = default_nacl[0]
for vpc_nacl in vpc_nacls:
self.__delete_subnet(resource_id=vpc_nacl['SubnetId'])
if not default_nacl:
self.client.delete_network_acl(NetworkAclId=resource_id)
logger.info(f'delete_network_acl: {resource_id}')
else:
logger.info(
f'default network acl: {resource_id} is deleted by vpc: {vpc_id} '
)
except Exception as err:
logger.exception(
f'Cannot delete_network_acl: {resource_id}, {err}')
def method_wrapper(*args, **kwargs):
"""
This method wrap the input method
@param args:
@param kwargs:
@return: prefix + input method + suffix
"""
time_start = time.time()
date_time_start = datetime.datetime.now().strftime(datetime_format)
try:
logger.info(
f'Method name: {method.__name__} {kwargs} , Start time: {date_time_start} '
)
result = method(*args, **kwargs)
time_end = time.time()
date_time_end = datetime.datetime.now().strftime(datetime_format)
total_time = time_end - time_start
total_time_str = f'Total time: {round(total_time, 2)} sec'
logger.info(
f'Method name: {method.__name__} , End time: {date_time_end} , {total_time_str}'
)
except Exception as err:
time_end = time.time()
total_time = time_end - time_start
date_time_end = datetime.datetime.now().strftime(datetime_format)
logger.error(
f'Method name: {method.__name__} , End time with errors: {date_time_end} , Total time: {round(total_time, 2)} sec'
)
raise err # Exception(method.__name__, err)
return result
def tag_cluster_resource(cluster_name: str = '',
mandatory_tags: dict = None,
region: str = 'us-east-2',
tag_operation: str = 'yes'):
"""
This method scan for cluster name in all the cluster resources
:return: list of cluster resources according to cluster name
"""
if tag_operation == "update":
action = 'Tag'
dry_run = 'no'
else:
action = 'read'
dry_run = 'yes'
tag_cluster_resources = TagClusterResources(
cluster_prefix='kubernetes.io/cluster/',
cluster_name=cluster_name,
input_tags=mandatory_tags,
region=region,
dry_run=dry_run)
func_resource_list = [
tag_cluster_resources.cluster_instance,
tag_cluster_resources.cluster_volume,
tag_cluster_resources.cluster_ami,
tag_cluster_resources.cluster_snapshot,
tag_cluster_resources.cluster_network_interface,
tag_cluster_resources.cluster_load_balancer,
tag_cluster_resources.cluster_load_balancer_v2,
tag_cluster_resources.cluster_dhcp_option,
tag_cluster_resources.cluster_subnet,
tag_cluster_resources.cluster_route_table,
tag_cluster_resources.cluster_vpc_endpoint,
tag_cluster_resources.cluster_nat_gateway,
tag_cluster_resources.cluster_internet_gateway,
tag_cluster_resources.cluster_security_group,
tag_cluster_resources.cluster_elastic_ip,
tag_cluster_resources.cluster_vpc,
tag_cluster_resources.cluster_role,
tag_cluster_resources.cluster_user,
tag_cluster_resources.cluster_s3_bucket,
]
logger.info(
f"{action} {len(func_resource_list)} cluster resources for cluster name '{cluster_name}' in region {region}:"
)
if not cluster_name:
func_resource_list[0]()
func_resource_list = func_resource_list[1:-3]
else:
func_resource_list[0]()
func_resource_list = func_resource_list[1:]
jobs = []
for _, func in enumerate(func_resource_list):
p = Process(target=func)
jobs.append(p)
p.start()
for job in jobs:
job.join()
def generate_user_csv(self):
"""
This method generates the User csv
@return:
"""
users = self.get_detail_resource_list(func_name=self.iam_client.list_users, input_tag='Users',
check_tag='Marker')
tag_keys = set()
tag_values = {}
for user in users:
user_name = user.get('UserName')
user_tags = self.IAMOperations.get_user_tags(username=user_name)
tag_values[user_name] = {}
for tag in user_tags:
if not self.__cluster_user(tags=user_tags):
key = tag.get('Key')
if key == "Name":
key = 'Username'
value = tag.get('Value')
tag_keys.add(key)
tag_values[user_name][key] = value
else:
del tag_values[user_name]
break
tag_keys = list(sorted(tag_keys))
self.__write_into_csv_file(tag_keys=tag_keys, tag_values=tag_values)
with open(self.file_name) as file:
logger.info(file.read())
def non_cluster_update_ec2(self, instances_list: list = None):
"""
This method removes the tags of ec2 instances
@return:
"""
if not instances_list:
instances_list = self.__get_instances_data()
_, instances_list = self.ec2_operations.scan_cluster_or_non_cluster_instance(
instances_list)
instances_ids = []
for instance in instances_list:
add_tags = []
for item in instance:
instance_id = item.get('InstanceId')
launch_time = item.get('LaunchTime')
add_tags = self.__get_instance_tags(launch_time=launch_time,
instance_id=instance_id,
tags=item.get('Tags'))
if add_tags:
if self.dry_run == 'no':
self.ec2_client.delete_tags(Resources=[instance_id],
Tags=add_tags)
logger.info(
f'delete tags of instance: {instance_id} total: {len(add_tags)} tags: {add_tags}'
)
instances_ids.append(instance_id)
logger.info(
f'non_cluster_ec2 count: {len(sorted(instances_ids))} {sorted(instances_ids)}'
)
return sorted(instances_ids)
def cluster_s3_bucket(self, instance_tags: dict):
"""
This method removes the tags of buckets and add the buckets
@param instance_tags:
@return:
"""
cluster_names = [name.split('/')[-1] for name in instance_tags.keys()]
bucket_ids = []
response = self.s3_client.list_buckets()
for cluster_name in cluster_names:
for bucket in response['Buckets']:
if bucket['Name'].startswith(cluster_name):
bucket_tags = self.s3_client.get_bucket_tagging(Bucket=bucket.get('Name'))
if bucket_tags:
bucket_tags = bucket_tags['TagSet']
full_name = f'{self.cluster_prefix}{cluster_name}'
added_tags = instance_tags.get(full_name)
add_tags = self.get_bucket_tags_to_add(added_tags, bucket_tags)
if self.cluster_name:
if self.cluster_name in bucket.get('Name'):
self.s3_client.put_bucket_tagging(Bucket=bucket.get('Name'), Tagging={'TagSet': add_tags})
logger.info(f'BucketName :: {bucket.get("Name")} {added_tags}')
bucket_ids.append(bucket.get("Name"))
else:
self.s3_client.put_bucket_tagging(Bucket=bucket.get('Name'), Tagging={'TagSet': add_tags})
logger.info(f'BucketName :: {bucket.get("Name")} {added_tags}')
bucket_ids.append(bucket.get("Name"))
break
return bucket_ids
def __delete_nat_gateways(self, resource_id: str):
"""
This method delete the NatGateway based on NatGateway ID
:param resource_id:
:return:
"""
try:
nat_gateway = self.client.describe_nat_gateways(
Filter=[{
'Name': 'nat-gateway-id',
'Values': [resource_id]
}])['NatGateways'][0]
if nat_gateway.get('State') == 'available':
self.client.delete_nat_gateway(NatGatewayId=resource_id)
while nat_gateway.get('State') != 'deleted':
nat_gateway = self.client.describe_nat_gateways(
Filter=[{
'Name': 'nat-gateway-id',
'Values': [resource_id]
}])['NatGateways'][0]
time.sleep(self.SLEEP_TIME)
logger.info(f'delete_nat_gateway: {resource_id}')
except Exception as err:
logger.exception(
f'Cannot delete_nat_gateway: {resource_id}, {err}')
def cluster_user(self, instance_tags: dict):
"""
This method return list of cluster's user according to cluster name
@param instance_tags:
@return:
"""
# tag_user
cluster_names = [name.split('/')[-1] for name in instance_tags.keys()]
user_ids = []
for cluster_name in cluster_names:
users = self.__get_details_resource_list(self.iam_client.list_users, input_tag='Users', check_tag='Marker')
usernames = []
tags = []
for user in users:
user_name = user['UserName']
if cluster_name in user_name:
if self.cluster_name:
if self.cluster_name in user_name:
full_name = f'{self.cluster_prefix}{self.cluster_name}'
keys = self.tag_keys(instance_tags.get(full_name))
self.iam_client.untag_user(UserName=user_name, TagKeys=keys)
usernames.append(user_name)
tags = list(instance_tags.get(full_name))
else:
full_name = f'{self.cluster_prefix}{cluster_name}'
keys = self.tag_keys(list(instance_tags.get(full_name)))
self.iam_client.untag_user(UserName=user_name, TagKeys=keys)
usernames.append(user_name)
tags = list(instance_tags.get(full_name))
logger.info(f'UserName :: {usernames} {tags}')
user_ids.extend(usernames)
return user_ids
def cluster_role(self, instance_tags: dict):
"""
This method removes the tags of cluster role
@param instance_tags:
@return:
"""
cluster_names = [name.split('/')[-1] for name in instance_tags.keys()]
cluster_ids = []
for cluster_name in cluster_names:
tags = []
role_name_list = []
roles = self.__get_details_resource_list(func_name=self.iam_client.list_roles, input_tag='Roles',
check_tag='Marker')
for role in roles:
if cluster_name in role.get('RoleName'):
role_name_list.append(role.get('RoleName'))
for role_name in role_name_list:
if self.cluster_name:
if self.cluster_name in role_name:
full_name = f'{self.cluster_prefix}{self.cluster_name}'
keys = self.tag_keys(list(instance_tags.get(full_name)))
self.iam_client.untag_role(RoleName=role_name, TagKeys=keys)
tags = list(instance_tags.get(full_name))
else:
full_name = f'{self.cluster_prefix}{cluster_name}'
keys = self.tag_keys(list(instance_tags.get(full_name)))
self.iam_client.untag_role(RoleName=role_name, TagKeys=keys)
tags = list(instance_tags.get(full_name))
logger.info(f'Role Name :: {role_name_list} {tags}')
cluster_ids.extend(role_name_list)
return cluster_ids
def cluster_load_balancer_v2(self, instance_tags: dict):
"""
This method removes the tags of cluster load balancers v2
@return:
"""
cluster_resources = {}
load_balancers_data = self.elbv2_client.describe_load_balancers()['LoadBalancers']
for resource in load_balancers_data:
resource_id = resource['LoadBalancerArn']
tags = self.elbv2_client.describe_tags(ResourceArns=[resource_id])
for item in tags['TagDescriptions']:
if item.get('Tags'):
for tag in item['Tags']:
if self.cluster_prefix in tag.get('Key'):
if self.cluster_name:
if f'{self.cluster_prefix}{self.cluster_name}' == tag.get('Key'):
if tag.get('Key') in cluster_resources:
cluster_resources[tag.get('Key')].append(resource_id)
else:
cluster_resources[tag.get('Key')] = [resource_id]
else:
if tag.get('Key') in cluster_resources:
cluster_resources[tag.get('Key')].append(resource_id)
else:
cluster_resources[tag.get('Key')] = [resource_id]
tags_remove_ids = []
for cluster_name, cluster_ids in cluster_resources.items():
for cluster_id in cluster_ids:
self.elbv2_client.remove_tags(ResourceArns=[cluster_id], TagKeys=self.tag_keys(instance_tags.get(cluster_name)))
logger.info(f'LoadBalancerArn :: {cluster_ids} {instance_tags.get(cluster_name)}')
tags_remove_ids.extend(cluster_ids)
return len(tags_remove_ids)
def remove_tags_of_resources(self, resource_list: list, instance_tags: dict, resource_id: str, tags: str = 'Tags'):
"""
This method removes the tags or resources like Volume, Snapshots, Vpc, Subnets
@param resource_list:
@param instance_tags:
@param resource_id:
@param tags:
@return:
"""
cluster_resources = {}
for resource in resource_list:
if resource.get(tags):
for tag in resource.get(tags):
if self.cluster_prefix in tag.get('Key'):
if self.cluster_name:
if f'{self.cluster_prefix}{self.cluster_name}' == tag.get('Key'):
if tag.get('Key') in cluster_resources:
cluster_resources[tag.get('Key')].append(resource.get(resource_id))
else:
cluster_resources[tag.get('Key')] = [resource.get(resource_id)]
else:
if tag.get('Key') in cluster_resources:
cluster_resources[tag.get('Key')].append(resource.get(resource_id))
else:
cluster_resources[tag.get('Key')] = [resource.get(resource_id)]
for cluster_name, resource_ids in cluster_resources.items():
self.ec2_client.delete_tags(Resources=resource_ids, Tags=instance_tags.get(cluster_name))
logger.info(f'{resource_id} :: {resource_ids} {instance_tags.get(cluster_name)}')
def __delete_security_group(self, resource_id: str, vpc_id: str):
"""
This method deletes the NatGateway in the following order
remove security group ingress --> modify security groups in Network interface --> delete security group
:param resource_id:
:return:
"""
try:
security_groups = self.get_detail_list(
func_name=self.client.describe_security_groups,
input_tag='SecurityGroups',
check_tag='NextToken')
vpc_security_groups = self.__get_cluster_references(
resource_id=vpc_id,
resource_list=security_groups,
input_resource_id='VpcId',
output_result='')
for vpc_security_group in vpc_security_groups:
if vpc_security_group.get('IpPermissions'):
self.client.revoke_security_group_ingress(
GroupId=vpc_security_group.get('GroupId'),
IpPermissions=vpc_security_group.get('IpPermissions'))
network_interfaces = self.get_detail_list(
func_name=self.client.describe_network_interfaces,
input_tag='NetworkInterfaces',
check_tag='NextToken')
network_interface_ids = self.__get_cluster_references(
resource_id=vpc_id,
resource_list=network_interfaces,
input_resource_id='VpcId',
output_result='')
default_security_group_id = [
security_group.get('GroupId')
for security_group in vpc_security_groups
if security_group.get('GroupName') == 'default'
][0]
for network_interface in network_interface_ids:
for security_group in network_interface.get('Groups'):
if security_group.get(
'GroupId'
) == resource_id and default_security_group_id != security_group.get(
'GroupId'):
self.client.modify_network_interface_attribute(
Groups=[default_security_group_id],
NetworkInterfaceId=network_interface.get(
'NetworkInterfaceId'))
if resource_id == default_security_group_id:
logger.info(
f'default security group: {resource_id} is deleted by vpc: {vpc_id} '
)
else:
self.client.delete_security_group(GroupId=resource_id)
logger.info(f'delete_security_group: {resource_id}')
except Exception as err:
logger.exception(
f'Cannot delete_security_group: {resource_id}, {err}')
def cluster_security_group(self):
"""
This method return list of cluster's security group according to cluster tag name
@return:
"""
security_group_ids = self.__generate_cluster_resources_list_by_tag(
resources_list=self.__get_security_group_data(),
input_resource_id='GroupId')
logger.info(
f'cluster_security_group count: {len(sorted(security_group_ids))} {sorted(security_group_ids)}'
)
def update_ami(self, images: list = None):
"""
This method update the tags of non-cluster Amazon Machine Images
@param images:
@return:
"""
if not images:
images = self.ec2_client.describe_images(Owners=['self'])['Images']
_, images = self.ec2_operations.scan_cluster_non_cluster_resources(
images)
image_ids = []
for image in images:
image_id = image.get('ImageId')
start_time = datetime.fromisoformat(
image.get('CreationDate')[:-1] + '+00:00')
username = self.cloudtrail.get_username_by_instance_id_and_time(
start_time=start_time,
resource_id=image_id,
resource_type='AWS::EC2::Ami')
search_tags = []
search_tags.extend(self.__append_input_tags())
if username:
user_tags = self.iam_client.get_user_tags(username=username)
tag_name = f'{username}-{image_id[-4:]}'
search_tags.append({
'Key': 'Email',
'Value': f'{username}@redhat.com'
})
search_tags.extend(user_tags)
else:
tag_name = f'{image_id[:3]}-{self.region}-{image_id[-4:]}'
search_tags.extend([{
'Key': 'Name',
'Value': tag_name
}, {
'Key':
'LaunchTime',
'Value':
start_time.strftime('%Y/%m/%d %H:%M:%S')
}])
image_tags = self.__get_tags_of_resources(tags=image.get('Tags'),
search_tags=search_tags)
if image_tags:
if self.dry_run == 'no':
self.ec2_client.create_tags(Resources=[image_id],
Tags=image_tags)
logger.info(
f'added tags to image: {image_id} total: {len(image_tags)} tags: {image_tags}'
)
image_ids.append(image_id)
logger.info(
f'non_cluster_amis count: {len(sorted(image_ids))} {sorted(image_ids)}'
)
return sorted(image_ids)
def __delete_vpc_endpoints(self, resource_id: str):
"""
This method delete the VPC endpoints based on vpc_endpoint ID
:param resource_id:
:return:
"""
try:
self.client.delete_vpc_endpoints(VpcEndpointIds=[resource_id])
logger.info(f'delete_vpc_endpoints: {resource_id}')
except Exception as err:
logger.exception(
f'Cannot delete_vpc_endpoints: {resource_id}, {err}')
def __delete_load_balancer_v2(self, resource_id: str):
"""
Delete the Load Balancer based on LoadBalancer ID
:param resource_id:
:return:
"""
try:
self.elbv2_client.delete_load_balancer(LoadBalancerArn=resource_id)
logger.info(f'delete_load_balancer: {resource_id}')
except Exception as err:
logger.exception(
f'Cannot delete_load_balancer: {resource_id}, {err}')
def cluster_elastic_ip(self):
"""
This method return list of cluster's elastic ip according to cluster tag name
@return:
"""
elastic_ips = self.ec2_client.describe_addresses()
elastic_ips_data = elastic_ips['Addresses']
elastic_ips = self.__generate_cluster_resources_list_by_tag(
resources_list=elastic_ips_data, input_resource_id='AllocationId')
logger.info(
f'cluster_elastic_ip count: {len(sorted(elastic_ips))} {sorted(elastic_ips)}'
)
return sorted(elastic_ips)
def cluster_subnet(self):
"""
This method return list of cluster's subnet according to cluster tag name
@return:
"""
subnets = self.ec2_client.describe_subnets()
subnets_data = subnets['Subnets']
subnet_ids = self.__generate_cluster_resources_list_by_tag(
resources_list=subnets_data, input_resource_id='SubnetId')
logger.info(
f'cluster_subnet count: {len(sorted(subnet_ids))} {sorted(subnet_ids)}'
)
return sorted(subnet_ids)
def cluster_vpc(self):
"""
This method return list of cluster's vpc according to cluster tag name
@return:
"""
vpcs = self.ec2_client.describe_vpcs()
vpcs_data = vpcs['Vpcs']
vpc_ids = self.__generate_cluster_resources_list_by_tag(
resources_list=vpcs_data, input_resource_id='VpcId')
logger.info(
f'cluster_vpc count: {len(sorted(vpc_ids))} {sorted(vpc_ids)}')
self.cluster_network_acl()
return sorted(vpc_ids)
def cluster_nat_gateway(self):
"""
This method return list of cluster's nat gateway according to cluster tag name
@return:
"""
nat_gateways = self.ec2_client.describe_nat_gateways()
nat_gateways_data = nat_gateways['NatGateways']
nat_gateway_id = self.__generate_cluster_resources_list_by_tag(
resources_list=nat_gateways_data, input_resource_id='NatGatewayId')
logger.info(
f'cluster_nat_gateway count: {len(sorted(nat_gateway_id))} {sorted(nat_gateway_id)}'
)
return sorted(nat_gateway_id)
def __delete_subnet(self, resource_id: str):
"""
This method delete the Subnets in the following order
Network Interface --> Subnet
:param resource_id:
:return:
"""
try:
self.network_interface(subnet_id=resource_id)
self.client.delete_subnet(SubnetId=resource_id)
logger.info(f'delete_subnet: {resource_id}')
except Exception as err:
logger.exception(f'Cannot delete_subnet: {resource_id}, {err}')
def cluster_route_table(self):
"""
This method return list of cluster's route table according to cluster tag name
@return:
"""
route_tables = self.ec2_client.describe_route_tables()
route_tables_data = route_tables['RouteTables']
route_table_ids = self.__generate_cluster_resources_list_by_tag(
resources_list=route_tables_data, input_resource_id='RouteTableId')
logger.info(
f'cluster_route_table count: {len(sorted(route_table_ids))} {sorted(route_table_ids)}'
)
return sorted(route_table_ids)
def cluster_dhcp_option(self):
"""
This method return list of cluster's dhcp option according to cluster tag name
@return:
"""
dhcp_options = self.ec2_client.describe_dhcp_options()
dhcp_options_data = dhcp_options['DhcpOptions']
dhcp_ids = self.__generate_cluster_resources_list_by_tag(
resources_list=dhcp_options_data,
input_resource_id='DhcpOptionsId')
logger.info(
f'cluster_dhcp_option count: {len(sorted(dhcp_ids))} {sorted(dhcp_ids)}'
)
return sorted(dhcp_ids)
def cluster_network_acl(self):
"""
This method return list of cluster's network acl according to cluster vpc id
Missing OpenShift Tags for it based on VPCs
@return:
"""
network_acls = self.ec2_client.describe_network_acls()
network_acls_data = network_acls['NetworkAcls']
network_acl_ids = self.__generate_cluster_resources_list_by_vpc(
resources_list=network_acls_data, input_resource_id='NetworkAclId')
logger.info(
f'cluster_network_acl count: {len(network_acl_ids)}, {network_acl_ids}'
)
return sorted(network_acl_ids)
def cluster_vpc_endpoint(self):
"""
This method return list of cluster's vpc endpoint according to cluster tag name
@return:
"""
vpc_endpoints = self.ec2_client.describe_vpc_endpoints()
vpc_endpoints_data = vpc_endpoints['VpcEndpoints']
vpc_endpoint_ids = self.__generate_cluster_resources_list_by_tag(
resources_list=vpc_endpoints_data,
input_resource_id='VpcEndpointId')
logger.info(
f'cluster_vpc_endpoint count: {len(sorted(vpc_endpoint_ids))} {sorted(vpc_endpoint_ids)}'
)
return sorted(vpc_endpoint_ids)
def cluster_user(self, cluster_names: list = []):
"""
This method return list of cluster's user according to cluster name
@param cluster_names:
@return:
"""
# tag_user
result_user_list = []
if self.cluster_name:
cluster_names.append(self.cluster_name)
if cluster_names:
for cluster_name in cluster_names:
users = self.__get_details_resource_list(
self.iam_client.list_users,
input_tag='Users',
check_tag='Marker')
# return self.__generate_cluster_resources_list_by_tag(resources_list=users_data,
# input_resource_id='UserId')
cluster_name = self.cluster_name if self.cluster_key else cluster_name
for user in users:
user_name = user['UserName']
if cluster_name in user_name:
user_data = self.iam_client.get_user(
UserName=user_name)
data = user_data['User']
if data.get('Tags'):
for tag in data['Tags']:
if cluster_name in tag['Key']:
all_tags = []
instance_tags = self.__get_cluster_tags_by_instance_cluster(
cluster_name=
f'{self.cluster_prefix}{cluster_name}')
if not instance_tags:
all_tags = self.__append_input_tags(
data.get('Tags'))
all_tags.extend(instance_tags)
all_tags = self.__filter_resource_tags_by_add_tags(
data.get('Tags'), all_tags)
if all_tags:
if self.dry_run == 'no':
self.iam_client.tag_user(
UserName=user_name,
Tags=all_tags)
logger.info(all_tags)
result_user_list.append(user_name)
break
logger.info(
f'cluster_user count: {len(sorted(result_user_list))} {sorted(result_user_list)}'
)
return sorted(result_user_list)
