def parse_log(path):
'''There is really no hope for code this bad. This is the classic
nested-conditionals faux pas'''
with gzip.open(path, 'rb') as f:
d = json.loads(f.read().decode('utf-8'))
try:
subscriberConfig = fetchFromSubscriberConfigTable(
subscriberConfigTable)
if not subscriberConfig:
logger.error('No data received from SubscriberConfig Table, '
'Error')
sys.exit(0)
for record in d['Records']:
if record['eventName'] in watchedEvents: # no else?
logger.info('Record: {}'.format(record))
if 'errorCode' in record:
logger.info('Attempted to Create/DeleteTags but '
'failed because of : {}'.format(
record['errorMessage']))
sys.exit(0)
if record['eventName'] == 'CreateTags':
items = record['requestParameters']['resourcesSet'][
'items']
for item in items:
if item['resourceId'].startswith('vpc'):
tagSet = record['requestParameters']['tagSet'][
'items']
for tag in tagSet:
if tag['key'] == subscribingVpcTag:
if tag['value'].lower() == 'yes':
formRequiredData(
item['resourceId'],
record['awsRegion'],
record['eventName'],
subscriberConfig[
'SubscriberSnsArn'])
elif record['eventName'] == 'DeleteTags': # no else??
items = record['requestParameters']['resourcesSet'][
'items']
for item in items:
if item['resourceId'].startswith('vpc'):
tagSet = record['requestParameters']['tagSet'][
'items']
for tag in tagSet:
if tag['key'] == subscribingVpcTag:
if tag['value'].lower() == 'yes':
formRequiredData(
item['resourceId'],
record['awsRegion'],
record['eventName'],
subscriberConfig[
'SubscriberSnsArn'])
# oh yeah, just wrap your entire program in one try-catch
except Exception as e:
logger.info("Error from parse_log(), {}".format(str(e)))
sys.exit(0)
def lambda_handler(event,context):
logger.info("Got Event {}".format(event))
try:
subscriberConfig=fetchFromSubscriberConfigTable(subscriberConfigTable)
if subscriberConfig:
for r in event['Records']:
sns = r['Sns']
message = sns['Message']
message=json.loads(message.replace('\'','\"'))
logger.info("Writting message to Subscirber Queue")
logger.info(message)
response = sendToQueue(subscriberConfig['SubscriberQueueUrl'],sns['Message'],message['Action'])
#Cheking for the StateMachine status
logger.info("Checking for the StateMachine Status")
if sfn_conn.list_executions(stateMachineArn=subscriberConfig['SubscriberStateMachineArn'],statusFilter='RUNNING')['executions']:
logger.info("StateMachine is Running, hence exiting from execution")
sys.exit(0)
else:
logger.info("StateMachine is not Running, hence starting StepFunction")
sfn_conn.start_execution(stateMachineArn=subscriberConfig['SubscriberStateMachineArn'])
else:
logger.error("No data received from SubscriberConfig Table, Error")
return
except Exception as e:
logger.error(str(e))
def lambda_handler(event, context):
logger.info("Got Event: {}".format(event))
# Loading config from Subsriber Config Table
subscriberConfig = fetchFromSubscriberConfigTable(subscriberConfigTable)
if subscriberConfig:
vpcId = event['queryStringParameters']['VpcId']
result = deleteItemFromLocalDb(subscriberConfig['SubscriberLocalDb'],
vpcId)
if 'VpnN1' in result:
vpn1Id = result['VpnN1']
vpn2Id = result['VpnN2']
# deleteVpns
deleteVpn(vpn1Id, event['queryStringParameters']['Region'])
deleteVpn(vpn2Id, event['queryStringParameters']['Region'])
# Detach and Delete VGW
vgwAsn = deleteVgw(result['VgwId'], vpcId,
event['queryStringParameters']['Region'])
event['queryStringParameters'][
'Action'] = 'DeleteTransitVpnConfiguration'
if vgwAsn: event['queryStringParameters']['VgwAsn'] = vgwAsn
# Try to Delete CGWs associated with VPN1 and VPN
cgw1Id = getCgwId(vpn1Id, event['queryStringParameters']['Region'])
cgw2Id = getCgwId(vpn2Id, event['queryStringParameters']['Region'])
try:
if cgw1Id:
deleteCgw(cgw1Id, event['queryStringParameters']['Region'])
if cgw2Id:
deleteCgw(cgw2Id, event['queryStringParameters']['Region'])
except Exception as e:
logger.info("Delete Failed for CGWs, Error: {}".format(e))
pass
deleteItemFromVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'],
vpn1Id)
deleteItemFromVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'],
vpn2Id)
# Update Tags
updateTags(event['queryStringParameters']['Region'], vpcId)
logger.info(
"Publishing message to TransitSnsArn: {} with data: {}".format(
transitSnsTopicArn, event))
# publishToSns(transitSnsTopicArn, str(event), transitAssumeRoleArn)
else:
logger.error("No data received from SubscriberConfig Table")
def lambda_handler(event, context):
logger.info("Got Event {}".format(event))
try:
subscriberConfig = fetchFromSubscriberConfigTable(
subscriberConfigTable)
if subscriberConfig:
logger.info("Reading from Queue")
receive_message = fetchFromQueue(
subscriberConfig['SubscriberQueueUrl'])
if 'Messages' in receive_message:
for message in receive_message['Messages']:
action = message['Body']
action = json.loads(action.replace('\'', '\"'))
return action
else:
event = {'Action': 'Null'}
return event
else:
logger.error("No data received from SubscriberConfig Table, Error")
return
except Exception as e:
logger.error(str(e))
return
def lambda_handler(event, context):
logger.info(event)
try:
subscriberConfig = fetchFromSubscriberConfigTable(subscriberConfigTable)
if subscriberConfig:
transitSnsTopicArn = os.environ['transitSnsTopicArn']
transitAssumeRoleArn = os.environ['transitAssumeRoleArn']
# Update DynamoDB table
updateDynamoDb(subscriberConfig['SubscriberLocalDb'],
event['VpcId'],
event['VpcCidr'],
event['Region'])
event['SubscriberSnsArn'] = subscriberConfig['SubscriberSnsArn']
event['Rebalance'] = 'False'
event['SubscriberAssumeRoleArn'] = subscriberConfig['SubscriberAssumeRoleArn']
event['Action'] = 'FetchVpnServerDetails'
logger.info('Publishing to Transit-SNS Topoic {} By assuming '
'Role {}'.format(transitSnsTopicArn,
transitAssumeRoleArn))
publishToSns(transitSnsTopicArn, str(event), transitAssumeRoleArn)
else:
logger.error('No data received from SubscriberConfig Table, Error')
except Exception as e:
logger.error('createVpcLambda Error: {}'.format(str(e)))
def lambda_handler(event, context):
logger.info("Got Event {}".format(event))
vgwId = ""
try:
subscriberConfig = fetchFromSubscriberConfigTable(
subscriberConfigTable)
if subscriberConfig:
vgwData = isVgwAttachedToVpc(event['VpcId'], event['Region'])
logger.info("VGW data : {}".format(vgwData))
if vgwData: vgwId = vgwData['VpnGatewayId']
if not vgwId:
#Create VGW and attach it to VPC
vgwId = createVgwAttachToVpc(event['VpcId'],
int(event['VgwAsn']),
event['Region'],
event['PaGroupName'])
logger.info(
"VGW - {} is created and attached to VPC - {}".format(
vgwId, event['VpcId']))
else:
logger.info("Using existing Vgw: {} for VPC: {} ".format(
vgwId, event['VpcId']))
logger.info("Checking whether CGWs are already created or not")
cgwIds = checkCgw(event['Region'], event['N1Eip'], event['N2Eip'])
if not cgwIds:
logger.info(
"CGWs are not created before, hence creating them now")
#Create CGW1
cgw1Tag = event['PaGroupName'] + '-N1'
cgwNode1Id = createCgw(event['N1Eip'], event['N1Asn'],
event['Region'], cgw1Tag)
logger.info("CGW - {} is created for VPC - {}".format(
cgwNode1Id, event['VpcId']))
#Create CGW2
cgw2Tag = event['PaGroupName'] + '-N2'
cgwNode2Id = createCgw(event['N2Eip'], event['N2Asn'],
event['Region'], cgw2Tag)
logger.info("CGW - {} is created for VPC - {}".format(
cgwNode1Id, event['VpcId']))
else:
logger.info(
"CGWs are already created, CgwNode1Id: {}, CgwNode2Id: {}".
format(cgwIds[0], cgwIds[1]))
cgwNode1Id = cgwIds[0]
cgwNode2Id = cgwIds[1]
# VPN Connection
print(event['PaGroupName'])
vpn1Tag = event['VpcId'] + '-' + event['PaGroupName'] + '-N1'
vpn2Tag = event['VpcId'] + '-' + event['PaGroupName'] + '-N2'
#Create VPN1 connection with Node1
if vgwId:
vpnId1 = createVpnConnectionUploadToS3(
event['Region'], vgwId, cgwNode1Id, event['N1T1'],
event['N1T2'], vpn1Tag, event['TransitVpnBucketName'],
event['TransitAssumeRoleArn'])
logger.info(
"VPN1 - {} is created for VPC - {} with PA-Group: {}".format(
vpnId1, event['VpcId'], event['PaGroupName']))
#Crete VPN2 connection with Node2
if vgwId:
vpnId2 = createVpnConnectionUploadToS3(
event['Region'], vgwId, cgwNode2Id, event['N2T1'],
event['N2T2'], vpn2Tag, event['TransitVpnBucketName'],
event['TransitAssumeRoleArn'])
logger.info(
"VPN2 - {} is created for VPC - {} with PA-Group: {}".format(
vpnId2, event['VpcId'], event['PaGroupName']))
#Forming an output to sent to TransitSNSTopic
if vpnId1 and vpnId2:
data = {
'Action':
'ConfigureTransitVpn',
'PaGroupName':
event['PaGroupName'],
'IpSegment':
event['IpSegment'],
'VpnN1':
vpnId1,
'VpnN2':
vpnId2,
'VgwAsn':
event['VgwAsn'],
'VpcId':
event['VpcId'],
'Region':
event['Region'],
'Rebalance':
event['Rebalance'],
'TransitVpnBucketName':
event['TransitVpnBucketName'],
'SubscriberSnsArn':
subscriberConfig['SubscriberSnsArn'],
'SubscriberAssumeRoleArn':
subscriberConfig['SubscriberAssumeRoleArn']
}
if vgwData: data['VgwAsn'] = str(vgwData['AmazonSideAsn'])
if 'ToPaGroup' and 'FromPaGroup' in event:
data['ToPaGroup'] = event['ToPaGroup']
data['FromPaGroup'] = event['FromPaGroup']
#data['Action'] = 'RebalanceConfigureTransitVpn'
#Publish message to TransitSNSTopic
publishToSns(event['TransitSnsArn'], data,
event['TransitAssumeRoleArn'])
logger.info(
"Publishing message to Transit SNS - {} with data: {}".
format(event['TransitSnsArn'], data))
#Update SubcriberDynamoDB with VPN1-ID, VPN1-ID, VGW, CGW1, CGW2 and PA-Group-Name
if vpnId1 and vpnId2:
data = {
'VpcId': event['VpcId'],
'VpcCidr': event['VpcCidr'],
'Region': event['Region'],
'VgwId': vgwId,
'PaGroupName': event['PaGroupName'],
'CgwN1': cgwNode1Id,
'CgwN2': cgwNode2Id,
'VpnN1': vpnId1,
'VpnN2': vpnId2
}
putItemSubscriberLocalDb(subscriberConfig['SubscriberLocalDb'],
data)
#Update VpcVPnTable with VpnId, VpcId, PaGroup, PaGroupNode
if vpnId1:
data = {
'VpnId': vpnId1,
'VpcId': event['VpcId'],
'PaGroupName': event['PaGroupName'],
'PaGroupNode': event['N1Eip'],
'Region': event['Region']
}
updateVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'],
data)
if vpnId2:
data = {
'VpnId': vpnId2,
'VpcId': event['VpcId'],
'PaGroupName': event['PaGroupName'],
'PaGroupNode': event['N2Eip'],
'Region': event['Region']
}
updateVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'],
data)
#Publish message to Transit VPN
else:
logger.error("No data received from SubscriberConfig Table, Error")
except Exception as e:
logger.error(
"Error from subscriberVpn Configuration, Error: {}".format(str(e)))
#If Something fails
#Send TransitSNS with action “SubscriberVpnConfigurationFailed” to release reserved capacity
data = {
'Action': 'SubscriberVpnConfigurationFailed',
'PaGroupName': event['PaGroupName'],
'VpcId': event['VpcId'],
'SubscriberSns': subscriberConfig['SubscriberSnsArn'],
'IpSegment': event['IpSegment'],
'VgwAsn': event['VgwAsn'],
'Rebalance': event['Rebalance']
}
if vgwId: deleteVgw(vgwId, event['VpcId'], event['Region'])
logger.info(
"Publishing message to Transit SNS with subject SubscriberVpnConfigurationFailed, because of Error: {}"
.format(str(e)))
publishToSns(event['TransitSnsArn'], data,
event['TransitAssumeRoleArn'])
def parse_log(path):
with gzip.open(path, "rb") as f:
d = json.loads(f.read().decode("utf-8"))
try:
subscriberConfig = fetchFromSubscriberConfigTable(
subscriberConfigTable)
if subscriberConfig:
for record in d['Records']:
if record['eventName'] in watchedEvents:
logger.info("Record: {}".format(record))
if 'errorCode' not in record:
if record['eventName'] == 'CreateTags':
items = record['requestParameters'][
'resourcesSet']['items']
for item in items:
if item['resourceId'].startswith('vpc'):
tagSet = record['requestParameters'][
'tagSet']['items']
for tag in tagSet:
if tag['key'] == subscribingVpcTag:
if tag['value'].lower(
) == 'yes':
formRequiredData(
item['resourceId'],
record['awsRegion'],
record['eventName'],
subscriberConfig[
'SubscriberSnsArn']
)
#else:
# formRequiredData(item['resourceId'], record['awsRegion'], 'DeleteTags', subscriberConfig['SubscriberSnsArn'])
elif record['eventName'] == 'DeleteTags':
items = record['requestParameters'][
'resourcesSet']['items']
for item in items:
if item['resourceId'].startswith('vpc'):
tagSet = record['requestParameters'][
'tagSet']['items']
for tag in tagSet:
if tag['key'] == subscribingVpcTag:
if tag['value'].lower(
) == 'yes':
formRequiredData(
item['resourceId'],
record['awsRegion'],
record['eventName'],
subscriberConfig[
'SubscriberSnsArn']
)
else:
logger.info(
"Attempted to Create/DeleteTags but failed bucause of : {}"
.format(record['errorMessage']))
sys.exit(0)
else:
logger.error(
"No data received from SubscriberConfig Table, Error")
sys.exit(0)
except Exception as e:
logger.info("Error from parse_log(), {}".format(str(e)))
sys.exit(0)
def lambda_handler(event, context):
if 'queryStringParameters' in event.keys():
event = event['queryStringParameters']
logger.info("Got Event: {}".format(event))
logger.info("Got Event: {}".format(event))
#Loading config from Subsriber Config Table
subscriberConfig = fetchFromSubscriberConfigTable(subscriberConfigTable)
if subscriberConfig:
vpcId = event['VpcId']
result = deleteItemFromLocalDb(subscriberConfig['SubscriberLocalDb'],
vpcId)
logger.info(
"Got result from deleteItemFromLocalDb : {}".format(result))
if 'VpnN1' in result:
vpn1Id = result['VpnN1']
vpn2Id = result['VpnN2']
#deleteVpns
res = deleteVpn(vpn1Id, event['Region'])
logger.info("Got response {} deleting {}".format(res, vpn1Id))
res = deleteVpn(vpn2Id, event['Region'])
logger.info("Got response {} deleting {}".format(res, vpn2Id))
# Detach and Delete VGW
vgwAsn = deleteVgw(result['VgwId'], vpcId, event['Region'])
logger.info("Got response {} deleting {}".format(
vgwAsn, result['VgwId']))
event['Action'] = 'DeleteTransitVpnConfiguration'
if vgwAsn: event['VgwAsn'] = vgwAsn
#Try to Delete CGWs associated with VPN1 and VPN
#cgw1Id = getCgwId(vpn1Id, event['Region'])
#cgw2Id = getCgwId(vpn2Id, event['Region'])
try:
if cgw1Id: deleteCgw(cgw1Id, event['Region'])
if cgw2Id: deleteCgw(cgw2Id, event['Region'])
except Exception as e:
logger.info("Delete Failed for CGWs, Error: {}".format(e))
pass
deleteItemFromVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'],
vpn1Id)
deleteItemFromVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'],
vpn2Id)
#Update Tags
updateTags(event['Region'], vpcId)
data1 = {
'Result':
'Success',
'Reason':
'Updated deleted the VPN and updated the tables' +
subscriberConfig['SubscriberVpcVpnTable']
}
apioutput = response(data1, 200)
logger.info(
"Sending response={}, hence proceeding ".format(apioutput))
return apioutput
else:
logger.error("No data received from SubscriberConfig Table")
data1 = {
'Result': 'Failed',
'Reason': 'Failed to delete VGW configuration'
}
apioutput = response(data1, 200)
logger.info(
"Sending response={}, hence proceeding ".format(apioutput))
return apioutput
