def test_sanitize():
non_sanitized_string = 'I s@nitize $tring exc*pt_underscore-hypen.'
sanitized_string_allow_space = 'I s_nitize _tring exc_pt_underscore-hypen.'
sanitized_string_no_space_replace_hypen = \
'I-s-nitize--tring-exc-pt_underscore-hypen.'
assert string_manipulation.sanitize(non_sanitized_string,True) == \
sanitized_string_allow_space
assert string_manipulation.sanitize(non_sanitized_string, False,'-') == \
sanitized_string_no_space_replace_hypen
def _create_key_pair(self,
account,
region,
param_key_material=None,
param_key_fingerprint=None,
param_key_name=None):
"""Creates an ec2 key pair if it does not exist already.
Args:
account:
region:
param_key_material: key material used to encrypt and decrypt data.
Default to None
param_key_fingerprint: key finger print. Default to None
param_key_name: key name. A key name will be automatically created
if there is none. Default to None
Returns:
key name
"""
if param_key_name:
self.logger.info(
"Looking up values in SSM parameter:{}".format(param_key_name))
existing_param = self.ssm.describe_parameters(param_key_name)
if existing_param:
return self.ssm.get_parameter(param_key_name)
key_name = sanitize("%s_%s_%s_%s" %
('custom_control_tower', account, region,
time.strftime("%Y-%m-%dT%H-%M-%S")))
ec2 = self._session(region, account)
# create EC2 key pair in member account
self.logger.info("Create key pair in the member account {} in"
" region: {}".format(account, region))
response = ec2.create_key_pair(key_name)
# add key material and fingerprint in the SSM Parameter Store
self.logger.info("Adding Key Material and Fingerprint to SSM PS")
description = "Contains EC2 key pair asset created by Custom " \
"Control Tower Solution: " \
"EC2 Key Pair Custom Resource."
# Get Custom Control Tower KMS Key ID
key_id = self._get_kms_key_id()
if param_key_fingerprint:
self.ssm.put_parameter_use_cmk(param_key_fingerprint,
response.get('KeyFingerprint'),
key_id, description)
if param_key_material:
self.ssm.put_parameter_use_cmk(param_key_material,
response.get('KeyMaterial'), key_id,
description)
if param_key_name:
self.ssm.put_parameter(param_key_name, key_name, description)
return key_name
def start_execution(self, state_machine_arn, input, name):
try:
self.logger.info("Starting execution of state machine: {} with "
"input: {}".format(state_machine_arn, input))
response = self.state_machine_client.start_execution(
stateMachineArn=state_machine_arn,
input=json.dumps(input),
name=sanitize(name))
self.logger.info("State machine Execution ARN: {}".format(
response['executionArn']))
return response.get('executionArn')
except ClientError as e:
self.logger.log_unhandled_exception(e)
raise