def select_unused_subnet(vpc, prompt='Available subnets;', as_instance=False):
"""
Prompt with subnets not using ngfw bindings
:param ec2.Vpc
:param boolean as_instance: type to return
:return: list ec2.Instance or string choice
"""
unused_subnets = list_unused_subnets(vpc)
lst = [
'{} ({})'.format(x.cidr_block, x.availability_zone)
for x in unused_subnets
]
if lst:
lst.append('all')
else:
return [] # No remaining
choice = custom_choice_menu(prompt, lst).split(' ')[0]
if choice == 'all':
if as_instance:
return unused_subnets
else:
return [subnet.id for subnet in unused_subnets]
else:
if as_instance:
return [
subnet for subnet in unused_subnets
if subnet.cidr_block == choice
]
else:
return [
subnet.id for subnet in unused_subnets
if subnet.cidr_block == choice
]
def select_instance(instances,
prompt='Remove NGFW instances;',
as_instance=False):
"""
Instance prompt selection for removals
:param list ec2.Instance: call to list_tagged_instances
:param boolean as_instance: type to return
:return: list ec2.Instance or choice string
"""
inst = [
'{} ({})'.format(inst.id, inst.subnet.availability_zone)
for inst in instances
]
inst.append('all')
choice = custom_choice_menu(prompt, inst).split(' ')[0]
if choice == 'all':
if as_instance:
return instances
else:
return [inst.id for inst in instances]
else:
if as_instance:
return [inst for inst in instances if inst.id == choice]
else:
return [inst.id for inst in instances if inst.id == choice]
def select_delete_vpc(prompt='Enter a VPC to remove: '):
"""
Prompt for VPC to delete
:return: choice string
"""
vpcs = [x.id + ' ' + x.cidr_block for x in ec2.vpcs.filter()]
return custom_choice_menu(prompt, vpcs).split(' ')[0]
def get_ec2_client(awscfg, prompt_for_region=False):
"""
Strategy to obtain credentials for EC2 operations (in order):
* Check for AWS credentials in YAML configuration
* If credentials found in YAML but no region specified, prompt for region
* Check for credentials via normal boto3 AWS options, i.e ~/.aws/credentials, etc
For more on boto3 credential locations, see:
http://boto3.readthedocs.io/en/latest/guide/quickstart.html#configuration
:param AWSConfiguration awscfg: instance of aws configuration
:param boolean prompt_for_region: command line call, allow prompt if None
:raises: botocore.exceptions.ClientError: various client error during validation
:return: ec2 client
"""
global ec2
# Raises NoRegionError
if awscfg.aws_access_key_id and awscfg.aws_secret_access_key:
if not awscfg.aws_region and prompt_for_region:
aws_session = boto3.session.Session()
region = custom_choice_menu(
'Enter a region:', aws_session.get_available_regions('ec2'))
else:
region = awscfg.aws_region
ec2 = boto3.resource(
'ec2',
aws_access_key_id=awscfg.aws_access_key_id,
aws_secret_access_key=awscfg.aws_secret_access_key,
region_name=region)
else:
# Resolve AWS credentials using normal boto3 methods
s = boto3.session.Session()
access_key = s.get_credentials().access_key
secret_key = s.get_credentials().secret_key
region = s.region_name
if not region:
region = custom_choice_menu('Enter a region:',
s.get_available_regions('ec2'))
logger.debug('Connecting to region: {}'.format(region))
ec2 = boto3.resource('ec2',
aws_access_key_id=access_key,
aws_secret_access_key=secret_key,
region_name=region)
logger.debug('Obtained ec2 client: %s' % ec2)
return ec2
def select_vpc(prompt='View available VPC configurations:', as_instance=False):
"""
Prompt for VPC selection
:param boolean as_instance: type to return
:return: ec2.Vpc or choice string
"""
vpcs = ['{} ({})'.format(x.id, x.cidr_block) for x in ec2.vpcs.filter()]
choice = custom_choice_menu(prompt, vpcs)
if not as_instance:
return choice.split(' ')[0]
else:
return ec2.Vpc(choice.split(' ')[0])
def select_deploy_style(prompt='Choose installation style:'):
"""
Prompt for the deployment method.
"""
choice = custom_choice_menu(prompt, ['Inline Gateway', 'NAT Gateway'])
return choice