def subnet_ProudctionSubnet(self):
"""Production network subnet."""
return {
'VpcId': Ref(self.param_VpcId()),
'AvailabilityZone': Ref(self.param_AvailabilityZone()),
'CidrBlock': Ref(self.param_ProductionCidr()),
}
def subnet(self):
"""Gateway network subnet."""
return {
'VpcId': Ref(self.param_VpcId()),
'AvailabilityZone': Ref(self.param_AvailabilityZone()),
'CidrBlock': Ref(self.param_Cidr()),
}
def route_GatewayRoute(self):
"""Route to the internet gateway."""
return {
'RouteTableId': Ref(self.rtb()),
'DestinationCidrBlock': '0.0.0.0/0',
'GatewayId': Ref(self.ig()),
}
def subnet_MiscSubnet(self):
"""Misc network subnet."""
return {
'VpcId': Ref(self.param_VpcId()),
'AvailabilityZone': Ref(self.param_AvailabilityZone()),
'CidrBlock': Ref(self.param_MiscCidr()),
}
def subnet_TestSubnet(self):
"""Test network subnet."""
return {
'VpcId': Ref(self.param_VpcId()),
'AvailabilityZone': Ref(self.param_AvailabilityZone()),
'CidrBlock': Ref(self.param_TestCidr()),
}
def Parameters(self):
# Default stack parameters
params = {
'VpcId': Ref(self.template.param_VpcId() or self.template.vpc()),
'KeyName': Ref(self.template.param_KeyName()),
}
params.update(self._parameters)
return params
def NetworkInterfaces(self):
return [
NetworkInterfaceProperty(
AssociatePublicIpAddress=True,
DeviceIndex='0',
GroupSet=[Ref(self.template.sg())],
SubnetId=Ref(self.template.subnet()),
)
]
def stack_Gateway(self):
return {
'TemplateName': 'balanced_gateway',
'Parameters': {
'AmiId': Ref(self.param_AmiId()),
'AvailabilityZone': Ref(self.param_AvailabilityZone()),
'Cidr': Ref(self.param_GatewayCidr()),
'PublicRouteTableId': Ref(self.param_PublicRouteTableId()),
}
}
def asg(self):
"""Autoscaling group."""
return {
'Description':
'Autoscaling group for {}'.format(self.__class__.__name__),
'MinSize':
Ref(self.param_Capacity()),
'MaxSize':
Ref(self.param_Capacity()),
}
def AvailabilityZones(self):
zones = []
if self._cond_a:
zones.append(
If(self._cond_a, Join('', [Ref('AWS::Region'), 'a']), NoValue))
if self._cond_b:
zones.append(
If(self._cond_b, Join('', [Ref('AWS::Region'), 'b']), NoValue))
if self._cond_c:
zones.append(
If(self._cond_c, Join('', [Ref('AWS::Region'), 'c']), NoValue))
return zones
def Parameters(self):
params = {
'VpcId': self.template.vpc(),
'KeyName': Ref(self.template.param_KeyName()),
'AmiId': FindInRegionMap(self.template.map_RegionMap(), 'AmiId'),
'SubnetA': Ref(self.template.subnet_SubnetA()),
'SubnetB': Ref(self.template.subnet_SubnetB()),
'GatewaySecurityGroupA': 'sg-cdbdafa1',
'GatewaySecurityGroupB': 'sg-cdbdafa1',
'PublicSubnetA': 'subnet-ae832dc7',
'PublicSubnetB': 'subnet-5a812f33',
}
params.update(self._parameters)
return params
def lc(self):
"""ASG launch configuration."""
return {
'Description':
'ASG launch configuration for {}'.format(self.__class__.__name__),
'SecurityGroup':
Ref(self.sg()),
'ChefRecipe':
Ref(self.param_ChefRecipe()),
'ChefEnv':
Ref(self.param_ChefEnv()),
'NameTag':
Ref(self.param_Tag()),
'InstanceType':
Ref(self.param_InstanceType()),
}
def route_GatewayRoute(self):
"""Route to the NAT gateway."""
return {
'RouteTableId': Ref(self.rtb()),
'DestinationCidrBlock': '0.0.0.0/0',
'InstanceId': GetAtt(self.stack_Gateway(), 'Outputs.Instance'),
}
def insp(self):
"""IAM instance profile."""
return {
'Description':
'IAM instance profile for {}'.format(self.__class__.__name__),
'Roles': [Ref(self.role())],
}
def _stack_zone(self, zone_id):
"""Helper to create AZ stacks."""
zone_id = zone_id.upper()
return {
'TemplateName': 'balanced_az',
'Parameters': {
'PublicRouteTableId': Ref(self.rtb()),
'AvailabilityZone':
Join('',
[Ref('AWS::Region'), zone_id.lower()]),
'GatewayCidr': self.FindSubnet('Gateway{0}'.format(zone_id)),
'ProductionCidr':
self.FindSubnet('Production{0}'.format(zone_id)),
'TestCidr': self.FindSubnet('Test{0}'.format(zone_id)),
'MiscCidr': self.FindSubnet('Misc{0}'.format(zone_id)),
'AmiId': FindInRegionMap(self.map_RegionMap(), 'AmiId'),
},
'DependsOn': [self.vga(), self.vdoa()],
}
def elb(self):
"""Load balancer."""
return {
'Description':
'Load balancer for {}'.format(self.__class__.__name__),
'Scheme': None if self.PUBLIC else 'internal',
'HealthUrl': '/health',
'Port': self.PORT,
'SecurityGroup': Ref(self.sg_LoadBalancerSecurityGroup()),
}
def TemplateURL(self):
if self._template_name:
if 'sha1' not in self.TEMPLATES.get(self._template_name, {}):
raise ValueError('Unknown template {}'.format(
self._template_name))
return Join('', [
'https://balanced-cfn-',
Ref('AWS::Region'),
'.s3.amazonaws.com/templates/{}-{}.json'.format(
self._template_name,
self.TEMPLATES[self._template_name]['sha1']),
])
def post_add(self, template):
if self._allow_self:
template.add_resource(
stratosphere.ec2.SecurityGroupIngress(
self.name + 'SelfTCPIngress',
IpProtocol='tcp',
FromPort='0',
ToPort='65535',
GroupId=Ref(self),
SourceSecurityGroupId=Ref(self),
))
template.add_resource(
stratosphere.ec2.SecurityGroupIngress(
self.name + 'SelfUDPIngress',
IpProtocol='udp',
FromPort='0',
ToPort='65535',
GroupId=Ref(self),
SourceSecurityGroupId=Ref(self),
))
template.add_resource(
stratosphere.ec2.SecurityGroupIngress(
self.name + 'SelfICMPIngress',
IpProtocol='icmp',
FromPort='-1',
ToPort='-1',
GroupId=Ref(self),
SourceSecurityGroupId=Ref(self),
))
def _https_listener(self):
return troposphere.elasticloadbalancing.Listener(
LoadBalancerPort='443',
InstancePort=self._port,
Protocol='HTTPS',
InstanceProtocol='HTTP',
SSLCertificateId=Join('', [
'arn:aws:iam::',
Ref('AWS::AccountId'),
':server-certificate/',
self._ssl_certificate_id,
]),
)
def __init__(self, *args, **kwargs):
template = kwargs.get('template')
for attr in self.CONDITIONAL_AZ_ATTRS:
for az in self.AZS:
camel = ''.join(s.capitalize()
for s in attr.split('_')) + az.upper()
value = None
if camel in kwargs:
value = kwargs.pop(camel)
elif template:
template_attr = 'param_{}'.format(camel)
if attr == 'cond':
template_attr = 'cond_Has{}'.format(az.upper())
if hasattr(template, template_attr):
if attr == 'cond':
value = 'Has{}'.format(az.upper())
else:
value = Ref(getattr(template, template_attr)())
setattr(self, '_{}_{}'.format(attr, az), value)
super(ConditionalAZMixin, self).__init__(*args, **kwargs)
def FindSubnet(self, key):
head, tail = self.SUBNETS[key].split('{0}')
return Join('', [head, Ref(self.param_Ip()), tail])
def srta_ProductionRouteAssoc(self):
"""Association between the production subnet and the route table."""
return {
'RouteTableId': Ref(self.rtb()),
'SubnetId': Ref(self.subnet_ProudctionSubnet()),
}
def rtb(self):
"""Route table."""
return {
'VpcId': Ref(self.param_VpcId()),
}
def srta_TestRouteAssoc(self):
"""Association between the test subnet and the route table."""
return {
'RouteTableId': Ref(self.rtb()),
'SubnetId': Ref(self.subnet_TestSubnet()),
}
def out_MiscSubnet(self):
"""Subnet ID for the misc network."""
return {'Value': Ref(self.subnet_MiscSubnet())}
def out_TestSubnet(self):
"""Subnet ID for the test network."""
return {'Value': Ref(self.subnet_TestSubnet())}
def out_ProductionSubnet(self):
"""Subnet ID for the production network."""
return {'Value': Ref(self.subnet_ProudctionSubnet())}
def srta_MiscRouteAssoc(self):
"""Association between the misc subnet and the route table."""
return {
'RouteTableId': Ref(self.rtb()),
'SubnetId': Ref(self.subnet_MiscSubnet()),
}
def srta_RouteAssocB(self):
"""Association between the AZ B subnet and the route table."""
return {
'RouteTableId': self.rtb_RouteTableB(),
'SubnetId': Ref(self.subnet_SubnetB()),
}
def vga(self):
"""VPC gateway attachement for the internet."""
return {
'VpcId': Ref(self.vpc()),
'InternetGatewayId': Ref(self.ig()),
}
