def parse_log(path): '''There is really no hope for code this bad. This is the classic nested-conditionals faux pas''' with gzip.open(path, 'rb') as f: d = json.loads(f.read().decode('utf-8')) try: subscriberConfig = fetchFromSubscriberConfigTable( subscriberConfigTable) if not subscriberConfig: logger.error('No data received from SubscriberConfig Table, ' 'Error') sys.exit(0) for record in d['Records']: if record['eventName'] in watchedEvents: # no else? logger.info('Record: {}'.format(record)) if 'errorCode' in record: logger.info('Attempted to Create/DeleteTags but ' 'failed because of : {}'.format( record['errorMessage'])) sys.exit(0) if record['eventName'] == 'CreateTags': items = record['requestParameters']['resourcesSet'][ 'items'] for item in items: if item['resourceId'].startswith('vpc'): tagSet = record['requestParameters']['tagSet'][ 'items'] for tag in tagSet: if tag['key'] == subscribingVpcTag: if tag['value'].lower() == 'yes': formRequiredData( item['resourceId'], record['awsRegion'], record['eventName'], subscriberConfig[ 'SubscriberSnsArn']) elif record['eventName'] == 'DeleteTags': # no else?? items = record['requestParameters']['resourcesSet'][ 'items'] for item in items: if item['resourceId'].startswith('vpc'): tagSet = record['requestParameters']['tagSet'][ 'items'] for tag in tagSet: if tag['key'] == subscribingVpcTag: if tag['value'].lower() == 'yes': formRequiredData( item['resourceId'], record['awsRegion'], record['eventName'], subscriberConfig[ 'SubscriberSnsArn']) # oh yeah, just wrap your entire program in one try-catch except Exception as e: logger.info("Error from parse_log(), {}".format(str(e))) sys.exit(0)
def lambda_handler(event,context): logger.info("Got Event {}".format(event)) try: subscriberConfig=fetchFromSubscriberConfigTable(subscriberConfigTable) if subscriberConfig: for r in event['Records']: sns = r['Sns'] message = sns['Message'] message=json.loads(message.replace('\'','\"')) logger.info("Writting message to Subscirber Queue") logger.info(message) response = sendToQueue(subscriberConfig['SubscriberQueueUrl'],sns['Message'],message['Action']) #Cheking for the StateMachine status logger.info("Checking for the StateMachine Status") if sfn_conn.list_executions(stateMachineArn=subscriberConfig['SubscriberStateMachineArn'],statusFilter='RUNNING')['executions']: logger.info("StateMachine is Running, hence exiting from execution") sys.exit(0) else: logger.info("StateMachine is not Running, hence starting StepFunction") sfn_conn.start_execution(stateMachineArn=subscriberConfig['SubscriberStateMachineArn']) else: logger.error("No data received from SubscriberConfig Table, Error") return except Exception as e: logger.error(str(e))
def lambda_handler(event, context): logger.info("Got Event: {}".format(event)) # Loading config from Subsriber Config Table subscriberConfig = fetchFromSubscriberConfigTable(subscriberConfigTable) if subscriberConfig: vpcId = event['queryStringParameters']['VpcId'] result = deleteItemFromLocalDb(subscriberConfig['SubscriberLocalDb'], vpcId) if 'VpnN1' in result: vpn1Id = result['VpnN1'] vpn2Id = result['VpnN2'] # deleteVpns deleteVpn(vpn1Id, event['queryStringParameters']['Region']) deleteVpn(vpn2Id, event['queryStringParameters']['Region']) # Detach and Delete VGW vgwAsn = deleteVgw(result['VgwId'], vpcId, event['queryStringParameters']['Region']) event['queryStringParameters'][ 'Action'] = 'DeleteTransitVpnConfiguration' if vgwAsn: event['queryStringParameters']['VgwAsn'] = vgwAsn # Try to Delete CGWs associated with VPN1 and VPN cgw1Id = getCgwId(vpn1Id, event['queryStringParameters']['Region']) cgw2Id = getCgwId(vpn2Id, event['queryStringParameters']['Region']) try: if cgw1Id: deleteCgw(cgw1Id, event['queryStringParameters']['Region']) if cgw2Id: deleteCgw(cgw2Id, event['queryStringParameters']['Region']) except Exception as e: logger.info("Delete Failed for CGWs, Error: {}".format(e)) pass deleteItemFromVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'], vpn1Id) deleteItemFromVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'], vpn2Id) # Update Tags updateTags(event['queryStringParameters']['Region'], vpcId) logger.info( "Publishing message to TransitSnsArn: {} with data: {}".format( transitSnsTopicArn, event)) # publishToSns(transitSnsTopicArn, str(event), transitAssumeRoleArn) else: logger.error("No data received from SubscriberConfig Table")
def lambda_handler(event, context): logger.info("Got Event {}".format(event)) try: subscriberConfig = fetchFromSubscriberConfigTable( subscriberConfigTable) if subscriberConfig: logger.info("Reading from Queue") receive_message = fetchFromQueue( subscriberConfig['SubscriberQueueUrl']) if 'Messages' in receive_message: for message in receive_message['Messages']: action = message['Body'] action = json.loads(action.replace('\'', '\"')) return action else: event = {'Action': 'Null'} return event else: logger.error("No data received from SubscriberConfig Table, Error") return except Exception as e: logger.error(str(e)) return
def lambda_handler(event, context): logger.info(event) try: subscriberConfig = fetchFromSubscriberConfigTable(subscriberConfigTable) if subscriberConfig: transitSnsTopicArn = os.environ['transitSnsTopicArn'] transitAssumeRoleArn = os.environ['transitAssumeRoleArn'] # Update DynamoDB table updateDynamoDb(subscriberConfig['SubscriberLocalDb'], event['VpcId'], event['VpcCidr'], event['Region']) event['SubscriberSnsArn'] = subscriberConfig['SubscriberSnsArn'] event['Rebalance'] = 'False' event['SubscriberAssumeRoleArn'] = subscriberConfig['SubscriberAssumeRoleArn'] event['Action'] = 'FetchVpnServerDetails' logger.info('Publishing to Transit-SNS Topoic {} By assuming ' 'Role {}'.format(transitSnsTopicArn, transitAssumeRoleArn)) publishToSns(transitSnsTopicArn, str(event), transitAssumeRoleArn) else: logger.error('No data received from SubscriberConfig Table, Error') except Exception as e: logger.error('createVpcLambda Error: {}'.format(str(e)))
def lambda_handler(event, context): logger.info("Got Event {}".format(event)) vgwId = "" try: subscriberConfig = fetchFromSubscriberConfigTable( subscriberConfigTable) if subscriberConfig: vgwData = isVgwAttachedToVpc(event['VpcId'], event['Region']) logger.info("VGW data : {}".format(vgwData)) if vgwData: vgwId = vgwData['VpnGatewayId'] if not vgwId: #Create VGW and attach it to VPC vgwId = createVgwAttachToVpc(event['VpcId'], int(event['VgwAsn']), event['Region'], event['PaGroupName']) logger.info( "VGW - {} is created and attached to VPC - {}".format( vgwId, event['VpcId'])) else: logger.info("Using existing Vgw: {} for VPC: {} ".format( vgwId, event['VpcId'])) logger.info("Checking whether CGWs are already created or not") cgwIds = checkCgw(event['Region'], event['N1Eip'], event['N2Eip']) if not cgwIds: logger.info( "CGWs are not created before, hence creating them now") #Create CGW1 cgw1Tag = event['PaGroupName'] + '-N1' cgwNode1Id = createCgw(event['N1Eip'], event['N1Asn'], event['Region'], cgw1Tag) logger.info("CGW - {} is created for VPC - {}".format( cgwNode1Id, event['VpcId'])) #Create CGW2 cgw2Tag = event['PaGroupName'] + '-N2' cgwNode2Id = createCgw(event['N2Eip'], event['N2Asn'], event['Region'], cgw2Tag) logger.info("CGW - {} is created for VPC - {}".format( cgwNode1Id, event['VpcId'])) else: logger.info( "CGWs are already created, CgwNode1Id: {}, CgwNode2Id: {}". format(cgwIds[0], cgwIds[1])) cgwNode1Id = cgwIds[0] cgwNode2Id = cgwIds[1] # VPN Connection print(event['PaGroupName']) vpn1Tag = event['VpcId'] + '-' + event['PaGroupName'] + '-N1' vpn2Tag = event['VpcId'] + '-' + event['PaGroupName'] + '-N2' #Create VPN1 connection with Node1 if vgwId: vpnId1 = createVpnConnectionUploadToS3( event['Region'], vgwId, cgwNode1Id, event['N1T1'], event['N1T2'], vpn1Tag, event['TransitVpnBucketName'], event['TransitAssumeRoleArn']) logger.info( "VPN1 - {} is created for VPC - {} with PA-Group: {}".format( vpnId1, event['VpcId'], event['PaGroupName'])) #Crete VPN2 connection with Node2 if vgwId: vpnId2 = createVpnConnectionUploadToS3( event['Region'], vgwId, cgwNode2Id, event['N2T1'], event['N2T2'], vpn2Tag, event['TransitVpnBucketName'], event['TransitAssumeRoleArn']) logger.info( "VPN2 - {} is created for VPC - {} with PA-Group: {}".format( vpnId2, event['VpcId'], event['PaGroupName'])) #Forming an output to sent to TransitSNSTopic if vpnId1 and vpnId2: data = { 'Action': 'ConfigureTransitVpn', 'PaGroupName': event['PaGroupName'], 'IpSegment': event['IpSegment'], 'VpnN1': vpnId1, 'VpnN2': vpnId2, 'VgwAsn': event['VgwAsn'], 'VpcId': event['VpcId'], 'Region': event['Region'], 'Rebalance': event['Rebalance'], 'TransitVpnBucketName': event['TransitVpnBucketName'], 'SubscriberSnsArn': subscriberConfig['SubscriberSnsArn'], 'SubscriberAssumeRoleArn': subscriberConfig['SubscriberAssumeRoleArn'] } if vgwData: data['VgwAsn'] = str(vgwData['AmazonSideAsn']) if 'ToPaGroup' and 'FromPaGroup' in event: data['ToPaGroup'] = event['ToPaGroup'] data['FromPaGroup'] = event['FromPaGroup'] #data['Action'] = 'RebalanceConfigureTransitVpn' #Publish message to TransitSNSTopic publishToSns(event['TransitSnsArn'], data, event['TransitAssumeRoleArn']) logger.info( "Publishing message to Transit SNS - {} with data: {}". format(event['TransitSnsArn'], data)) #Update SubcriberDynamoDB with VPN1-ID, VPN1-ID, VGW, CGW1, CGW2 and PA-Group-Name if vpnId1 and vpnId2: data = { 'VpcId': event['VpcId'], 'VpcCidr': event['VpcCidr'], 'Region': event['Region'], 'VgwId': vgwId, 'PaGroupName': event['PaGroupName'], 'CgwN1': cgwNode1Id, 'CgwN2': cgwNode2Id, 'VpnN1': vpnId1, 'VpnN2': vpnId2 } putItemSubscriberLocalDb(subscriberConfig['SubscriberLocalDb'], data) #Update VpcVPnTable with VpnId, VpcId, PaGroup, PaGroupNode if vpnId1: data = { 'VpnId': vpnId1, 'VpcId': event['VpcId'], 'PaGroupName': event['PaGroupName'], 'PaGroupNode': event['N1Eip'], 'Region': event['Region'] } updateVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'], data) if vpnId2: data = { 'VpnId': vpnId2, 'VpcId': event['VpcId'], 'PaGroupName': event['PaGroupName'], 'PaGroupNode': event['N2Eip'], 'Region': event['Region'] } updateVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'], data) #Publish message to Transit VPN else: logger.error("No data received from SubscriberConfig Table, Error") except Exception as e: logger.error( "Error from subscriberVpn Configuration, Error: {}".format(str(e))) #If Something fails #Send TransitSNS with action “SubscriberVpnConfigurationFailed” to release reserved capacity data = { 'Action': 'SubscriberVpnConfigurationFailed', 'PaGroupName': event['PaGroupName'], 'VpcId': event['VpcId'], 'SubscriberSns': subscriberConfig['SubscriberSnsArn'], 'IpSegment': event['IpSegment'], 'VgwAsn': event['VgwAsn'], 'Rebalance': event['Rebalance'] } if vgwId: deleteVgw(vgwId, event['VpcId'], event['Region']) logger.info( "Publishing message to Transit SNS with subject SubscriberVpnConfigurationFailed, because of Error: {}" .format(str(e))) publishToSns(event['TransitSnsArn'], data, event['TransitAssumeRoleArn'])
def parse_log(path): with gzip.open(path, "rb") as f: d = json.loads(f.read().decode("utf-8")) try: subscriberConfig = fetchFromSubscriberConfigTable( subscriberConfigTable) if subscriberConfig: for record in d['Records']: if record['eventName'] in watchedEvents: logger.info("Record: {}".format(record)) if 'errorCode' not in record: if record['eventName'] == 'CreateTags': items = record['requestParameters'][ 'resourcesSet']['items'] for item in items: if item['resourceId'].startswith('vpc'): tagSet = record['requestParameters'][ 'tagSet']['items'] for tag in tagSet: if tag['key'] == subscribingVpcTag: if tag['value'].lower( ) == 'yes': formRequiredData( item['resourceId'], record['awsRegion'], record['eventName'], subscriberConfig[ 'SubscriberSnsArn'] ) #else: # formRequiredData(item['resourceId'], record['awsRegion'], 'DeleteTags', subscriberConfig['SubscriberSnsArn']) elif record['eventName'] == 'DeleteTags': items = record['requestParameters'][ 'resourcesSet']['items'] for item in items: if item['resourceId'].startswith('vpc'): tagSet = record['requestParameters'][ 'tagSet']['items'] for tag in tagSet: if tag['key'] == subscribingVpcTag: if tag['value'].lower( ) == 'yes': formRequiredData( item['resourceId'], record['awsRegion'], record['eventName'], subscriberConfig[ 'SubscriberSnsArn'] ) else: logger.info( "Attempted to Create/DeleteTags but failed bucause of : {}" .format(record['errorMessage'])) sys.exit(0) else: logger.error( "No data received from SubscriberConfig Table, Error") sys.exit(0) except Exception as e: logger.info("Error from parse_log(), {}".format(str(e))) sys.exit(0)
def lambda_handler(event, context): if 'queryStringParameters' in event.keys(): event = event['queryStringParameters'] logger.info("Got Event: {}".format(event)) logger.info("Got Event: {}".format(event)) #Loading config from Subsriber Config Table subscriberConfig = fetchFromSubscriberConfigTable(subscriberConfigTable) if subscriberConfig: vpcId = event['VpcId'] result = deleteItemFromLocalDb(subscriberConfig['SubscriberLocalDb'], vpcId) logger.info( "Got result from deleteItemFromLocalDb : {}".format(result)) if 'VpnN1' in result: vpn1Id = result['VpnN1'] vpn2Id = result['VpnN2'] #deleteVpns res = deleteVpn(vpn1Id, event['Region']) logger.info("Got response {} deleting {}".format(res, vpn1Id)) res = deleteVpn(vpn2Id, event['Region']) logger.info("Got response {} deleting {}".format(res, vpn2Id)) # Detach and Delete VGW vgwAsn = deleteVgw(result['VgwId'], vpcId, event['Region']) logger.info("Got response {} deleting {}".format( vgwAsn, result['VgwId'])) event['Action'] = 'DeleteTransitVpnConfiguration' if vgwAsn: event['VgwAsn'] = vgwAsn #Try to Delete CGWs associated with VPN1 and VPN #cgw1Id = getCgwId(vpn1Id, event['Region']) #cgw2Id = getCgwId(vpn2Id, event['Region']) try: if cgw1Id: deleteCgw(cgw1Id, event['Region']) if cgw2Id: deleteCgw(cgw2Id, event['Region']) except Exception as e: logger.info("Delete Failed for CGWs, Error: {}".format(e)) pass deleteItemFromVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'], vpn1Id) deleteItemFromVpcVpnTable(subscriberConfig['SubscriberVpcVpnTable'], vpn2Id) #Update Tags updateTags(event['Region'], vpcId) data1 = { 'Result': 'Success', 'Reason': 'Updated deleted the VPN and updated the tables' + subscriberConfig['SubscriberVpcVpnTable'] } apioutput = response(data1, 200) logger.info( "Sending response={}, hence proceeding ".format(apioutput)) return apioutput else: logger.error("No data received from SubscriberConfig Table") data1 = { 'Result': 'Failed', 'Reason': 'Failed to delete VGW configuration' } apioutput = response(data1, 200) logger.info( "Sending response={}, hence proceeding ".format(apioutput)) return apioutput