def attach(ctx, iface, resource_config, **_):
'''Attaches an AWS EC2 Route Table to a Subnet'''
params = dict() if not resource_config else resource_config.copy()
route_table_id = params.get(ROUTETABLE_ID)
if not route_table_id:
route_table_id = iface.resource_id
params.update({ROUTETABLE_ID: route_table_id})
subnet_id = params.get(SUBNET_ID)
if not subnet_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, SUBNET_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, SUBNET_TYPE_DEPRECATED)
# Attempt to use the SUBNET ID from parameters.
# Fallback to connected SUBNET.
params[SUBNET_ID] = \
subnet_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
# # Actually attach the resources
association_id_list = iface.attach(params)
association_id = association_id_list.get(ASSOCIATION_ID)
ctx.instance.runtime_properties['association_id'] = association_id
def create(ctx, iface, resource_config, **_):
'''Creates an AWS EC2 Security Group'''
params = \
dict() if not resource_config else resource_config.copy()
vpc_id = params.get(VPC_ID)
# Try to get the group_name and if it does not exits then try to
# generate new one based on instance_id
group_name = params.get(GROUP_NAME)
params[GROUP_NAME] = utils.get_ec2_vpc_resource_name(group_name)
if not vpc_id:
vpc = \
utils.find_rel_by_node_type(
ctx.instance,
VPC_TYPE) or utils.find_rel_by_node_type(
ctx.instance,
VPC_TYPE_DEPRECATED)
params[VPC_ID] = \
vpc_id or \
vpc.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ID)
# Actually create the resource
create_response = iface.create(params)
ctx.instance.runtime_properties['create_response'] = \
utils.JsonCleanuper(create_response).to_dict()
group_id = create_response.get(GROUPID, '')
iface.update_resource_id(group_id)
utils.update_resource_id(ctx.instance, group_id)
def create(ctx, iface, resource_config, **_):
'''Creates an AWS EC2 Route Table'''
params = dict() if not resource_config else resource_config.copy()
vpc_id = params.get(VPC_ID)
# If either of these values is missing,
# they must be filled from a connected VPC.
if not vpc_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[VPC_ID] = vpc_id or targ.target\
.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
# Actually create the resource
create_response = iface.create(params)
ctx.instance.runtime_properties['create_response'] = \
utils.JsonCleanuper(create_response).to_dict()
route_table_id = create_response.get(ROUTETABLE_ID)
iface.update_resource_id(route_table_id)
utils.update_resource_id(ctx.instance, route_table_id)
def attach(ctx, iface, resource_config, **_):
'''Attach an AWS EC2 Internet Gateway to a VPC'''
params = dict() if not resource_config else resource_config.copy()
internet_gateway_id = params.get(INTERNETGATEWAY_ID)
if not internet_gateway_id:
internet_gateway_id = \
iface.resource_id or \
ctx.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
params.update({INTERNETGATEWAY_ID: internet_gateway_id})
vpc_id = params.get(VPC_ID)
if not vpc_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[VPC_ID] = \
vpc_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
# Actually create the resource
iface.attach(params)
def create(ctx, iface, resource_config, **_):
"""Creates an AWS EC2 NetworkAcl"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
vpc_id = params.get(VPC_ID)
if not vpc_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[VPC_ID] = \
vpc_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
# Actually create the resource
create_response = iface.create(params)['NetworkAcl']
ctx.instance.runtime_properties['create_response'] = \
utils.JsonCleanuper(create_response).to_dict()
network_acl_id = create_response.get(NETWORKACL_ID, '')
iface.update_resource_id(network_acl_id)
utils.update_resource_id(ctx.instance, network_acl_id)
def attach(ctx, iface, resource_config, **_):
'''Attaches an AWS EC2 VPN Gateway to a VPC'''
params = dict() if not resource_config else resource_config.copy()
vpn_gateway_id = params.get(VPNGATEWAY_ID)
if not vpn_gateway_id:
vpn_gateway_id = iface.resource_id
params.update({VPNGATEWAY_ID: vpn_gateway_id})
params.pop('Type')
vpc_id = params.get(VPC_ID)
if not vpc_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[VPC_ID] = \
vpc_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
# # Actually attach the resources
attached_vpc_list = iface.attach(params)
attached_vpc_id = attached_vpc_list.get(VPC_ID)
ctx.instance.runtime_properties['vpc_id'] = attached_vpc_id
def attach(ctx, iface, resource_config, **_):
'''Attaches an AWS EC2 DhcpOptions to a VPC'''
params = dict() if not resource_config else resource_config.copy()
dhcp_options_id = params.get(DHCPOPTIONS_ID)
if not dhcp_options_id:
dhcp_options_id = iface.resource_id
params.update({DHCPOPTIONS_ID: dhcp_options_id})
params.pop('DhcpConfigurations')
vpc_id = params.get(VPC_ID)
if not vpc_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[VPC_ID] = \
vpc_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
ctx.instance.runtime_properties['vpc_id'] = vpc_id
# # Actually attach the resources
iface.attach(params)
def create(ctx, iface, resource_config, **_):
'''Creates an AWS EC2 Subnet'''
params = dict() if not resource_config else resource_config.copy()
vpc_id = params.get(VPC_ID)
cidr_block = params.get(CIDR_BLOCK)
# If either of these values is missing,
# they must be filled from a connected VPC.
if not vpc_id or not cidr_block:
targ = \
utils.find_rel_by_node_type(
ctx.instance,
VPC_TYPE) or utils.find_rel_by_node_type(
ctx.instance,
VPC_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[VPC_ID] = \
vpc_id or \
targ.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ID)
# Attempt to use the CIDR Block from parameters.
# Fallback to connected VPC.
params[CIDR_BLOCK] = \
cidr_block or \
targ.instance.runtime_properties.get(
'resource_config', {}).get(CIDR_BLOCK)
subnet = iface.create(params)
subnet_id = subnet.get(SUBNET_ID)
iface.update_resource_id(subnet_id)
utils.update_resource_id(ctx.instance, subnet_id)
def create(ctx, iface, resource_config, **_):
"""Creates an AWS EC2 NetworkInterface"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
subnet_id = params.get(SUBNET_ID)
if not subnet_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, SUBNET_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, SUBNET_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[SUBNET_ID] = \
subnet_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
# Actually create the resource
eni = iface.create(params)
eni_id = eni.get(NETWORKINTERFACE_ID, '')
iface.update_resource_id(eni_id)
utils.update_resource_id(ctx.instance, eni_id)
ctx.instance.runtime_properties['device_index'] = \
ctx.instance.runtime_properties.get('device_index', 1)
def delete(ctx, iface, resource_config, **_):
'''Deletes an AWS EC2 Route'''
params = \
dict() if not resource_config else resource_config.copy()
routetable_id = params.get(ROUTETABLE_ID)
destination_cidr_block = params.get(DESTINATION_CIDR_BLOCK)
if not routetable_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, ROUTETABLE_TYPE) or \
utils.find_rel_by_node_type(ctx.instance,
ROUTETABLE_TYPE_DEPRECATED)
# Attempt to use the Route Table ID from parameters.
# Fallback to connected Route Table.
params[ROUTETABLE_ID] = \
routetable_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
params[DESTINATION_CIDR_BLOCK] = \
destination_cidr_block or \
ctx.instance.runtime_properties['destination_cidr_block']
iface.delete(params)
def create(ctx, iface, resource_config, **_):
"""Creates an AWS Autoscaling Autoscaling Launch Configuration"""
params = \
dict() if not resource_config else resource_config.copy()
resource_id = \
iface.resource_id or \
utils.get_resource_id(
ctx.node,
ctx.instance,
params.get(RESOURCE_NAME),
use_instance_id=True)
params[RESOURCE_NAME] = resource_id
utils.update_resource_id(ctx.instance, resource_id)
# Add Security Groups
secgroups_list = params.get(SECGROUPS, [])
params[SECGROUPS] = \
utils.add_resources_from_rels(
ctx.instance,
SECGROUP_TYPE,
secgroups_list)
image_id = params.get(IMAGEID)
# Add Instance and Instance Type
instance_id = params.get(INSTANCEID)
instance_type = params.get(INSTANCE_TYPE_PROPERTY)
if not image_id and not instance_id:
instance_id = utils.find_resource_id_by_type(
ctx.instance,
INSTANCE_TYPE_NEW) or \
utils.find_resource_id_by_type(
ctx.instance,
INSTANCE_TYPE)
params.update({INSTANCEID: instance_id})
if instance_id and not instance_type:
targ = utils.find_rel_by_node_type(
ctx.instance,
INSTANCE_TYPE_NEW) or \
utils.find_rel_by_node_type(
ctx.instance,
INSTANCE_TYPE)
if targ:
instance_type = \
targ.target.instance.runtime_properties.get(
'resource_config', {}).get(
INSTANCE_TYPE_PROPERTY) or \
targ.target.node.properties.get(
INSTANCE_TYPE_PROPERTY_DEPRECATED)
params.update({INSTANCE_TYPE_PROPERTY: instance_type})
utils.update_resource_id(ctx.instance, params.get(RESOURCE_NAME))
iface.update_resource_id(params.get(RESOURCE_NAME))
# Actually create the resource
if not iface.resource_id:
setattr(iface, 'resource_id', params.get(RESOURCE_NAME))
iface.create(params)
resource_arn = iface.properties[LC_ARN]
utils.update_resource_arn(ctx.instance, resource_arn)
def attach(ctx, iface, resource_config, **_):
'''Attaches an AWS EC2 ElasticIP to an Instance or a NetworkInterface'''
params = dict() if not resource_config else resource_config.copy()
allocation_id = params.get(ALLOCATION_ID)
elasticip_id = params.get(ELASTICIP_ID)
if not allocation_id:
allocation_id = \
ctx.instance.runtime_properties.get(
'allocation_id')
params[ALLOCATION_ID] = allocation_id
if not elasticip_id and not allocation_id:
params[ELASTICIP_ID] = \
iface.resource_id
instance_id = params.get(INSTANCE_ID)
eni_id = params.get(NETWORKINTERFACE_ID)
if not instance_id and not eni_id:
resource = \
utils.find_rel_by_node_type(
ctx.instance,
INSTANCE_TYPE_DEPRECATED)
if resource:
params[INSTANCE_ID] = \
resource.\
target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
else:
resource = \
utils.find_rel_by_node_type(
ctx.instance,
NETWORKINTERFACE_TYPE) or \
utils.find_rel_by_node_type(
ctx.instance,
NETWORKINTERFACE_TYPE_DEPRECATED)
if resource:
params[NETWORKINTERFACE_ID] = \
eni_id or \
resource.target.instance.runtime_properties\
.get(EXTERNAL_RESOURCE_ID)
else:
return
# Make sure that Domain is not sent to attach call.
try:
del params['Domain']
except KeyError:
pass
# Actually attach the resources
association_id = iface.attach(params)
ctx.instance.runtime_properties['association_id'] = \
association_id.get('AssociationId')
def test_find_rel_by_node_type(self):
mock_instance, mock_child = self._prepare_for_find_rel()
self.assertEqual(
utils.find_rel_by_node_type(mock_instance.instance,
'cloudify.nodes.Network'), None)
self.assertEqual(
utils.find_rel_by_node_type(mock_instance.instance,
'cloudify.nodes.Root'), mock_child)
def create(ctx, iface, resource_config, **_):
'''Creates an AWS EC2 Subnet'''
params = dict() if not resource_config else resource_config.copy()
vpc_id = params.get(VPC_ID)
cidr_block = params.get(CIDR_BLOCK)
ipv6_cidr_block = params.get(IPV6_CIDR_BLOCK)
# If either of these values is missing,
# they must be filled from a connected VPC.
if not vpc_id or not cidr_block:
targ = \
utils.find_rel_by_node_type(
ctx.instance,
VPC_TYPE) or utils.find_rel_by_node_type(
ctx.instance,
VPC_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[VPC_ID] = \
vpc_id or \
targ.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ID)
# Attempt to use the CIDR Block from parameters.
# Fallback to connected VPC.
params[CIDR_BLOCK] = \
cidr_block or \
targ.instance.runtime_properties.get(
'resource_config', {}).get(CIDR_BLOCK)
# If ipv6 cidr block is provided by user, then we need to make sure that
# The subnet size must use a /64 prefix length
if ipv6_cidr_block:
ipv6_cidr_block = ipv6_cidr_block[:-2] + '64'
params[IPV6_CIDR_BLOCK] = ipv6_cidr_block
# Actually create the resource
create_response = iface.create(params)[SUBNET]
ctx.instance.runtime_properties['create_response'] = \
utils.JsonCleanuper(create_response).to_dict()
subnet_id = create_response.get(SUBNET_ID)
iface.update_resource_id(subnet_id)
utils.update_resource_id(ctx.instance, subnet_id)
modify_subnet_attribute_args = \
_.get('modify_subnet_attribute_args')
if modify_subnet_attribute_args:
modify_subnet_attribute_args[SUBNET_ID] = \
subnet_id
iface.modify_subnet_attribute(modify_subnet_attribute_args)
def create(ctx, iface, resource_config, **_):
"""Creates an AWS EFS Mount Target"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
# Add File System ID
file_system_id = params.get(FILESYSTEM_ID)
if not file_system_id:
file_system = \
utils.find_rel_by_node_type(
ctx.instance,
FILESYSTEM_TYPE)
file_system_id = file_system.target.instance.runtime_properties[
EXTERNAL_RESOURCE_ID]
params[FILESYSTEM_ID] = file_system_id
# Add Subnet
subnet_id = params.get(SUBNET_ID)
if not subnet_id:
subnet = \
utils.find_rel_by_node_type(
ctx.instance,
SUBNET_TYPE) or utils.find_rel_by_node_type(
ctx.instance,
SUBNET_TYPE_DEPRECATED)
subnet_id = \
subnet.target.instance.runtime_properties[EXTERNAL_RESOURCE_ID]
params[SUBNET_ID] = subnet_id
# Add Security Groups
secgroups_list = params.get(SECGROUPS, [])
params[SECGROUPS] = \
utils.add_resources_from_rels(
ctx.instance,
SECGROUP_TYPE,
secgroups_list) or \
utils.add_resources_from_rels(
ctx.instance,
SECGROUP_TYPE_DEPRECATED,
secgroups_list)
output = iface.create(params)
utils.update_resource_id(ctx.instance, output.get(MOUNTTARGET_ID))
ctx.instance.runtime_properties[FILESYSTEM_ID] = output.get(FILESYSTEM_ID)
ctx.instance.runtime_properties[SUBNET_ID] = output.get(SUBNET_ID)
ctx.instance.runtime_properties[IP_ADDRESS] = output.get(IP_ADDRESS)
ctx.instance.runtime_properties[NAT_ID] = output.get(NAT_ID)
def create(ctx, iface, resource_config, **_):
"""Creates an AWS EC2 NetworkInterface"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
subnet_id = params.get(SUBNET_ID)
if not subnet_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, SUBNET_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, SUBNET_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[SUBNET_ID] = \
subnet_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
groups = params.get(SEC_GROUPS, [])
for targ in utils.find_rels_by_node_type(ctx.instance, SEC_GROUP_TYPE):
group_id = \
targ.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ID)
if group_id and group_id not in groups:
groups.append(group_id)
params[SEC_GROUPS] = groups
# Actually create the resource
create_response = iface.create(params)['NetworkInterface']
cleaned_create_response = utils.JsonCleanuper(create_response).to_dict()
ctx.instance.runtime_properties['create_response'] = \
utils.JsonCleanuper(cleaned_create_response).to_dict()
eni_id = cleaned_create_response.get(NETWORKINTERFACE_ID, '')
iface.update_resource_id(eni_id)
utils.update_resource_id(ctx.instance, eni_id)
ctx.instance.runtime_properties['device_index'] = \
cleaned_create_response.get(
'Attachment', {}).get(
'DeviceIndex',
ctx.instance.runtime_properties.get('device_index'))
modify_network_interface_attribute_args = \
_.get('modify_network_interface_attribute_args')
if modify_network_interface_attribute_args:
modify_network_interface_attribute_args[NETWORKINTERFACE_ID] = \
eni_id
iface.modify_network_interface_attribute(
modify_network_interface_attribute_args)
def _handle_password(iface):
if not ctx.node.properties.get('use_password'):
return True
# Get agent key data.
key_data = ctx.node.properties['agent_config'].get('key')
# If no key_data yet, check to see if
# a Key pair attached via relationship.
if not key_data:
rel = utils.find_rel_by_node_type(ctx.instance, KEY_TYPE)
if rel:
key_data = \
rel.target.instance.runtime_properties.get(
'create_response', {}).get('KeyMaterial')
if not key_data:
raise NonRecoverableError(
'No key_data was provided in agent config property or rel.')
if os.path.exists(key_data):
with open(key_data, 'r') as outfile:
key_data = outfile.readlines()
password_data = iface.get_password(
{'InstanceId': ctx.instance.runtime_properties[EXTERNAL_RESOURCE_ID]})
if not isinstance(password_data, dict):
return False
encrypted_password = password_data.get('PasswordData')
if not encrypted_password:
ctx.logger.error('password_data is {0}'.format(password_data))
return False
key = RSA.importKey(key_data)
password = decrypt_password(key, encrypted_password)
ctx.instance.runtime_properties['password'] = \
password
return True
def create(ctx, iface, resource_config, **_):
"""Creates an AWS KMS Key Grant"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
resource_id = \
utils.get_resource_id(
ctx.node,
ctx.instance,
params.get(RESOURCE_NAME),
use_instance_id=True
)
params[RESOURCE_NAME] = resource_id
utils.update_resource_id(ctx.instance, resource_id)
key_id = params.get(KEY_ID)
if not key_id:
target_key = \
utils.find_rel_by_node_type(
ctx.instance,
KEY_TYPE)
key_id = \
target_key.target.instance.runtime_properties[EXTERNAL_RESOURCE_ID]
params[KEY_ID] = key_id
ctx.instance.runtime_properties[KEY_ID] = key_id
# Actually create the resource
output = iface.create(params)
ctx.instance.runtime_properties[GRANT_TOKEN] = \
output.get(GRANT_TOKEN)
utils.update_resource_id(ctx.instance, output.get(GRANT_ID))
def attach(ctx, iface, resource_config, **_):
'''Attaches an AWS EC2 NetworkInterface to a Subnet'''
params = dict() if not resource_config else resource_config.copy()
eni_id = params.get(NETWORKINTERFACE_ID)
if not eni_id:
eni_id = iface.resource_id
device_index = ctx.instance.runtime_properties.get('device_index', 1)
ctx.instance.runtime_properties['device_index'] = device_index
params.update({NETWORKINTERFACE_ID: eni_id})
params.update({'DeviceIndex': device_index})
instance_id = params.get(INSTANCE_ID)
if not instance_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, INSTANCE_TYPE_DEPRECATED)
# Attempt to use the SUBNET ID from parameters.
# Fallback to connected SUBNET.
if not targ:
return
params[INSTANCE_ID] = \
instance_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
# Actually attach the resources
eni_attachment_id = iface.attach(params)
ctx.instance.runtime_properties['attachment_id'] = \
eni_attachment_id[ATTACHMENT_ID]
def create(ctx, iface, resource_config, **_):
"""Creates an AWS KMS Key Alias"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
resource_id = \
utils.get_resource_id(
ctx.node,
ctx.instance,
params.get(RESOURCE_NAME),
use_instance_id=True
)
params[RESOURCE_NAME] = resource_id
utils.update_resource_id(ctx.instance, resource_id)
target_key_id = params.get(TARGET_KEY_ID)
if not target_key_id:
target_key = \
utils.find_rel_by_node_type(
ctx.instance,
KEY_TYPE)
target_key_id = \
target_key.target.instance.runtime_properties[EXTERNAL_RESOURCE_ID]
params[TARGET_KEY_ID] = target_key_id
# Actually create the resource
iface.create(params)
def create(ctx, iface, resource_config, **_):
"""Creates an AWS S3 Bucket Policy"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
# Get the bucket name from either params or a relationship.
bucket_name = params.get(BUCKET)
if not bucket_name:
targ = utils.find_rel_by_node_type(ctx.instance, BUCKET_TYPE)
bucket_name = \
targ.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ID
)
params[BUCKET] = bucket_name
ctx.instance.runtime_properties[BUCKET] = bucket_name
utils.update_resource_id(ctx.instance, bucket_name)
# Get the policy name from either params or a relationship.
bucket_policy = params.get(POLICY)
if not isinstance(bucket_policy, basestring):
bucket_policy = json.dumps(bucket_policy)
params[POLICY] = bucket_policy
ctx.instance.runtime_properties[POLICY] = bucket_policy
# Actually create the resource
iface.create(params)
def create(ctx, iface, resource_config, **_):
'''Creates an AWS EC2 Route'''
params = dict() if not resource_config else resource_config.copy()
routetable_id = params.get(ROUTETABLE_ID)
gateway_id = params.get(GATEWAY_ID)
natgateway_id = params.get(NATGATEWAY_ID)
# If this value is missing,
# it must be filled from a connected Route Table.
if not routetable_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, ROUTETABLE_TYPE) or \
utils.find_rel_by_node_type(ctx.instance,
ROUTETABLE_TYPE_DEPRECATED)
# Attempt to use the Route Table ID from parameters.
# Fallback to connected Route Table.
params[ROUTETABLE_ID] = \
routetable_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
ctx.instance.runtime_properties['routetable_id'] = params[ROUTETABLE_ID]
ctx.instance.runtime_properties['destination_cidr_block'] = \
params[DESTINATION_CIDR_BLOCK]
# If this value is missing,
# it must be filled from a connected Route Table.
if not gateway_id:
targ = \
utils.find_rel_by_node_type(ctx.instance,
INTERNETGATEWAY_TYPE) or \
utils.find_rel_by_node_type(ctx.instance,
INTERNETGATEWAY_TYPE_DEPRECATED) or \
utils.find_rel_by_node_type(ctx.instance, VPNGATEWAY_TYPE) or \
utils.find_rel_by_node_type(ctx.instance,
VPNGATEWAY_TYPE_DEPRECATED)
# Attempt to use the Route Table ID from parameters.
# Fallback to connected Route Table.
if gateway_id or targ:
params[GATEWAY_ID] = \
gateway_id or targ.target.instance.runtime_properties\
.get(EXTERNAL_RESOURCE_ID)
if not natgateway_id:
targ = utils.find_rel_by_node_type(ctx.instance, NATGATEWAY_TYPE)
# Attempt to use the Route Table ID from parameters.
# Fallback to connected Route Table.
if natgateway_id or targ:
params[NATGATEWAY_ID] = \
natgateway_id or targ.target.instance.runtime_properties\
.get(EXTERNAL_RESOURCE_ID)
# Actually create the resource
create_response = iface.create(params)
ctx.instance.runtime_properties['create_response'] = \
utils.JsonCleanuper(create_response).to_dict()
def get_cluster_name(ctx):
target_node = utils.find_rel_by_node_type(ctx.instance, CLUSTER_TYPE)
if target_node is None:
raise NonRecoverableError(
'Service must be connected to type {0}'.format(CLUSTER_TYPE))
cluster_name = \
target_node.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ID
)
return cluster_name
def detach(ctx, iface, resource_config, **_):
'''Detach an AWS EC2 DhcpOptions from a VPC'''
params = dict() if not resource_config else resource_config.copy()
params.update({DHCPOPTIONS_ID: 'default'})
vpc_id = params.get(VPC_ID) or ctx.instance.runtime_properties['vpc_id']
if not vpc_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, VPC_TYPE_DEPRECATED)
# Attempt to use the VPC ID from parameters.
# Fallback to connected VPC.
params[VPC_ID] = \
vpc_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
else:
params.update({VPC_ID: vpc_id})
iface.detach(params)
def attach(ctx, iface, resource_config, **_):
'''Attaches an AWS EC2 NetworkACL to a Subnet'''
params = dict() if not resource_config else resource_config.copy()
network_acl_id = params.get(NETWORKACL_ID)
if not network_acl_id:
network_acl_id = iface.resource_id
params.update({NETWORKACL_ID: network_acl_id})
subnet_id = params.get(SUBNET_ID)
if not subnet_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, SUBNET_TYPE) or \
utils.find_rel_by_node_type(ctx.instance, SUBNET_TYPE_DEPRECATED)
# Attempt to use the SUBNET ID from parameters.
# Fallback to connected SUBNET.
params[SUBNET_ID] = \
subnet_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
network_acl_associations = iface \
.get_properties_by_filter(ASSOCIATION_SUBNET_ID, params[SUBNET_ID])
params.pop(SUBNET_ID)
network_acl_association_id = \
network_acl_associations.get('Associations')[0]\
.get('NetworkAclAssociationId')
params.update({ASSOCIATION_ID: network_acl_association_id})
default_acl_id = network_acl_associations.get('Associations')[0]\
.get('NetworkAclId')
ctx.instance.runtime_properties['default_acl_id'] = \
default_acl_id
# # Actually attach the resources
new_network_acl_association_list = iface.attach(params)
new_network_acl_association_id = new_network_acl_association_list \
.get('NewAssociationId')
ctx.instance.runtime_properties['association_id'] = \
new_network_acl_association_id
def create(ctx, iface, resource_config, **_):
'''Creates an AWS Lambda Function'''
# Build API params
params = resource_config
params.update(dict(FunctionName=iface.resource_id))
vpc_config = params.get('VpcConfig', dict())
# Attach a Subnet Group if it exists
subnet_ids = vpc_config.get('SubnetIds', list())
for rel in utils.find_rels_by_node_type(ctx.instance,
'cloudify.aws.nodes.Subnet'):
subnet_ids.append(
utils.get_resource_id(node=rel.target.node,
instance=rel.target.instance,
raise_on_missing=True))
vpc_config['SubnetIds'] = subnet_ids
# Attach any security groups if they exist
security_groups = vpc_config.get('SecurityGroupIds', list())
for rel in utils.find_rels_by_node_type(
ctx.instance, 'cloudify.aws.nodes.SecurityGroup'):
security_groups.append(
utils.get_resource_id(node=rel.target.node,
instance=rel.target.instance,
raise_on_missing=True))
vpc_config['SecurityGroupIds'] = security_groups
params['VpcConfig'] = vpc_config
# Attach an IAM Role if it exists
iam_role = utils.find_rel_by_node_type(ctx.instance,
'cloudify.nodes.aws.iam.Role')
if iam_role:
params['Role'] = utils.get_resource_arn(
node=iam_role.target.node,
instance=iam_role.target.instance,
raise_on_missing=True)
# Handle user-profided code ZIP file
if params.get('Code', dict()).get('ZipFile'):
codezip = params['Code']['ZipFile']
ctx.logger.debug('ZipFile: "%s" (%s)' % (codezip, type(codezip)))
if not path_exists(codezip):
codezip = ctx.download_resource(codezip)
ctx.logger.debug('Downloaded resource: "%s"' % codezip)
with open(codezip, mode='rb') as _file:
params['Code']['ZipFile'] = _file.read()
ctx.logger.debug('Deleting resource: "%s"' % codezip)
os_remove(codezip)
else:
with open(codezip, mode='rb') as _file:
params['Code']['ZipFile'] = _file.read()
# Actually create the resource
create_response = iface.create(params)
resource_id = create_response['FunctionName']
utils.update_resource_id(ctx.instance, resource_id)
utils.update_resource_arn(ctx.instance, create_response['FunctionArn'])
def create(ctx, iface, resource_config, **_):
"""Creates an AWS EC2 NAT Gateway"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
subnet_id = params.get(SUBNET_ID)
if not subnet_id:
subnet_id = \
utils.find_resource_id_by_type(
ctx.instance, SUBNET_TYPE) or \
utils.find_resource_id_by_type(
ctx.instance, SUBNET_TYPE_DEPRECATED)
params.update({SUBNET_ID: subnet_id})
allocation_id = params.get(ALLOCATION_ID)
if not allocation_id:
targ = \
utils.find_rel_by_node_type(
ctx.instance,
ELASTICIP_TYPE) or \
utils.find_rel_by_node_type(
ctx.instance,
ELASTICIP_TYPE_DEPRECATED)
if targ:
allocation_id = \
targ.target.instance.runtime_properties.get(
ALLOCATION_ID_DEPRECATED)
params[ALLOCATION_ID] = allocation_id
ctx.instance.runtime_properties['allocation_id'] = \
allocation_id
# Actually create the resource
create_response = iface.create(params)['NatGateway']
ctx.instance.runtime_properties['create_response'] = \
utils.JsonCleanuper(create_response).to_dict()
utils.update_resource_id(
ctx.instance, create_response.get(NATGATEWAY_ID))
def create(ctx, iface, resource_config, **_):
"""Creates an AWS EC2 NetworkAcl Entry"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
network_acl_id = params.get(NETWORKACL_ID)
rule_number = params.get(RULE_NUMBER)
egress = params.get(EGRESS)
if not network_acl_id:
targ = \
utils.find_rel_by_node_type(ctx.instance, NETWORKACL_TYPE) or \
utils.find_rel_by_node_type(ctx.instance,
NETWORKACL_TYPE_DEPRECATED)
# Attempt to use the NETWORKACL ID from parameters.
# Fallback to connected NETWORKACL.
params[NETWORKACL_ID] = \
network_acl_id or \
targ.target.instance.runtime_properties.get(EXTERNAL_RESOURCE_ID)
ctx.instance.runtime_properties['network_acl_id'] = params[NETWORKACL_ID]
ctx.instance.runtime_properties['rule_number'] = rule_number
ctx.instance.runtime_properties['egress'] = egress
filters = {NETWORKACL_IDS: [params[NETWORKACL_ID]]}
network_acl_entry = iface.get_properties_by_filter(**filters)
entry = network_acl_entry.get(ENTRIES)[0]
# for rule in entries:
if rule_number == entry.get(RULE_NUMBER):
return iface.replace(params)
# Actually create the resource
create_response = iface.create(params)
ctx.instance.runtime_properties['create_response'] = \
utils.JsonCleanuper(create_response).to_dict()
def create(ctx, iface, resource_config, **_):
'''Creates an AWS EC2 Security Group'''
params = \
dict() if not resource_config else resource_config.copy()
vpc_id = params.get(VPC_ID)
if not vpc_id:
vpc = \
utils.find_rel_by_node_type(
ctx.instance,
VPC_TYPE) or utils.find_rel_by_node_type(
ctx.instance,
VPC_TYPE_DEPRECATED)
params[VPC_ID] = \
vpc_id or \
vpc.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ID)
group = iface.create(params)
group_id = group.get(GROUPID, '')
iface.update_resource_id(group_id)
utils.update_resource_id(ctx.instance, group_id)
def create(ctx, iface, resource_config, **_):
"""Creates an AWS SNS Subscription"""
# Create a copy of the resource config for clean manipulation.
params = \
dict() if not resource_config else resource_config.copy()
topic_arn = params.get(TOPIC_ARN)
# Add the required TopicArn parameter.
if not topic_arn:
rel = \
utils.find_rel_by_node_type(
ctx.instance,
TOPIC_TYPE)
topic_arn = \
rel.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ARN)
ctx.instance.runtime_properties[TOPIC_ARN] = \
topic_arn
params[TOPIC_ARN] = topic_arn
topic_iface = SNSTopic(ctx_node=ctx.node,
resource_id=topic_arn,
client=iface.client,
logger=ctx.logger)
# Subscribe Endpoint is the arn of an endpoint
endpoint_name = params.get('Endpoint')
if not endpoint_name:
raise NonRecoverableError(
'Endpoint ARN or node_name was not provided.')
# If endpoint_name is not a valid arn get arn from relationship.
if not utils.validate_arn(endpoint_name):
rel = \
utils.find_rels_by_node_name(
ctx.instance,
endpoint_name)[0]
endpoint_arn = \
rel.target.instance.runtime_properties.get(
EXTERNAL_RESOURCE_ARN)
params['Endpoint'] = endpoint_arn
# Request the subscription
request_arn = topic_iface.subscribe(params)
utils.update_resource_id(ctx.instance, request_arn)
utils.update_resource_arn(ctx.instance, request_arn)
