def create_directory(name: str, schema: str, admins: List[str]) -> 'CloudDirectory': """ Retrieve the fusillade cloud directory or do a one time setup of cloud directory to be used with fusillade. :param name: :param schema: :param admins: a list of admins to create :return: """ directory = None try: response = cd_client.create_directory( Name=name, SchemaArn=schema ) directory = CloudDirectory(response['DirectoryArn']) logger.info({"message": "Created new directory", "directory_arn": directory._dir_arn}) except cd_client.exceptions.DirectoryAlreadyExistsException: directory = CloudDirectory.from_name(name) else: # create structure for folder_name in obj_type_path.keys(): directory.create_folder('/', folder_name) # create roles Role.create("default_user", statement=get_json_file(default_user_role_path)) Role.create("fusillade_admin", statement=get_json_file(default_admin_role_path)) Group.create("user_default").add_roles(['default_user']) # create admins for admin in admins: User.provision_user(admin, roles=['fusillade_admin']) User.provision_user('public') logger.info({"message": "Created New Directory", "schema_arn": schema, "directory_name": name, "admins": admins}) cd_client.tag_resource( ResourceArn=directory._dir_arn, Tags=[ {'Key': 'project', "Value": os.getenv("FUS_PROJECT_TAG", '')}, {'Key': 'owner', "Value": os.getenv("FUS_OWNER_TAG", '')}, {'Key': 'env', "Value": os.getenv("FUS_DEPLOYMENT_STAGE")}, {'Key': 'Name', "Value": "fusillade-directory"}, {'Key': 'managedBy', "Value": "manual"} ] ) verify_directory(directory) return directory
def create(cls, name: str, statement: Optional[Dict[str, Any]] = None, creator=None, **kwargs) -> Type['CloudNode']: ops = [] new_node = cls(name) _creator = creator if creator else "fusillade" ops.append(new_node.cd.batch_create_object( get_obj_type_path(cls.object_type), new_node.hash_name(name), new_node._facet, new_node.cd.get_object_attribute_list(facet=new_node._facet, name=name, created_by=_creator, **kwargs) )) if creator: ops.append(User(name=creator).batch_add_ownership(new_node)) if not statement and not getattr(cls, '_default_policy_path', None): pass else: if not statement: statement = get_json_file(cls._default_policy_path) ops.extend(new_node.create_policy(statement, run=False, type=new_node.object_type, name=new_node.name)) try: new_node.cd.batch_write(ops) except cd_client.exceptions.BatchWriteException as ex: if 'LinkNameAlreadyInUseException' in ex.response['Error']['Message']: raise FusilladeHTTPException( status=409, title="Conflict", detail=f"The {cls.object_type} named {name} already exists. " f"{cls.object_type} was not modified.") else: raise FusilladeHTTPException(ex) else: new_node.cd.get_object_information(new_node.object_ref, ConsistencyLevel=ConsistencyLevel.SERIALIZABLE.name) logger.info(dict(message=f"{new_node.object_type} created by {_creator}", object=dict(type=new_node.object_type, path_name=new_node._path_name))) logger.info(dict(message="Policy updated", object=dict( type=new_node.object_type, path_name=new_node._path_name ), policy=dict( link_name=new_node.get_policy_name('IAMPolicy'), policy_type='IAMPolicy') )) return new_node
def setUpClass(cls): cls.directory, cls.schema_arn = new_test_directory() cls.default_role_statement = normalize_json( get_json_file(default_role_path))
action="store_true", help="If set, the directory will be updated to the latest published schema." ) parser.add_argument( "--upgrade-published", action="store_true", help="If set, the local schema will update the published schema.") args = parser.parse_args() if not args.stage: print( "'FUS_DEPLOYMENT_STAGE' not found in environment please run `source environment`, or use the --stage option" ) exit(1) new_schema = json.dumps( get_json_file(directory_schema_path)) # open schema file locally schema_name = f"hca_fusillade_base_{args.stage}" directory_name = f"hca_fusillade_{args.stage}" rv = 0 def update_service_config(schema_arn): # upgrade service config with open(os.path.join(pkg_root, "service_config.json")) as fh: service_config = json.load(fh) service_config['directory_schema']["MinorVersion"] = schema_arn.split( '/')[-1] service_config['directory_schema']["Version"] = schema_arn.split('/')[-2] with open(os.path.join(pkg_root, "service_config.json"), 'w') as fh: json.dump(service_config, fh, indent=4)
def setUpClass(cls): cls.directory, cls.schema_arn = new_test_directory() cls.default_group_statement = get_json_file(default_group_policy_path)