예제 #1
0
class Environment(Resource):

    resource_name = "environment"

    name = argument.String()
    cidr_block = argument.IPNetwork()
    account = argument.Resource(Account)
예제 #2
0
 def test_list_invalid_ips(self):
     self.assertRaises(
         errors.InvalidParameter,
         argument.List(argument.IPNetwork()).clean,
         None,
         ["0.0.0.0/"],
     )
예제 #3
0
 def test_ip_network_exception(self):
     self.assertRaises(
         errors.InvalidParameter,
         argument.IPNetwork().clean,
         None,
         "192.168.0.270",
     )
예제 #4
0
class VPC(Resource):

    resource_name = "vpc"

    name = argument.String()
    cidr_block = argument.IPNetwork(field='CidrBlock')
    tenancy = argument.String(default="default",
                              choices=["default", "dedicated"],
                              field="InstanceTenancy")

    tags = argument.Dict()

    account = argument.Resource(Account)
예제 #5
0
파일: zone.py 프로젝트: yaybu/takeoff 
class Zone(Resource):

    name = argument.String()

    prefix = argument.Integer(default=24)

    cidr_block = argument.IPNetwork()
    """ Is this zone on the public internet? """
    public = argument.Boolean(default=False)
    """ The availability zones to create this zone in """
    availability_zones = argument.List(
        argument.String(min=1, max=1),
        min=2,
        max=2,
        default=["a", "b"],
    )

    environment = argument.Resource(Environment)
예제 #6
0
class Subnet(Resource):

    resource_name = "subnet"

    field_order = ["vpc"]

    name = argument.String()
    cidr_block = argument.IPNetwork(field='CidrBlock')
    availability_zone = argument.String(field='AvailabilityZone')
    route_table = argument.Resource(RouteTable)
    network_acl = argument.Resource(NetworkACL)
    tags = argument.Dict()
    vpc = argument.Resource(VPC, field='VpcId')

    def clean_cidr_block(self, cidr_block):
        if not cidr_block in self.vpc.cidr_block:
            raise errors.InvalidParameter("{} not inside network {}".format(
                self.cidr_block, self.vpc.cidr_block))
        return cidr_block
예제 #7
0
class Rule(Resource):

    resource_name = "rule"
    dot_ignore = True

    network = argument.IPNetwork(field="CidrBlock")
    protocol = argument.String(default='tcp',
                               choices=['tcp', 'udp', 'icmp'],
                               field="Protocol")
    port = argument.Integer(min=-1, max=65535)
    from_port = argument.Integer(default=lambda r: r.port
                                 if r.port != -1 else 1,
                                 min=-1,
                                 max=65535)
    to_port = argument.Integer(default=lambda r: r.port
                               if r.port != -1 else 65535,
                               min=-1,
                               max=65535)
    action = argument.String(default="allow",
                             choices=["allow", "deny"],
                             field="RuleAction")

    extra_serializers = {
        "PortRange":
        serializers.Dict(
            From=serializers.Integer(serializers.Argument("from_port")),
            To=serializers.Integer(serializers.Argument("to_port")),
        ),
    }

    def __str__(self):
        name = super(Rule, self).__str__()
        if self.from_port == self.to_port:
            ports = "port {}".format(self.from_port)
        else:
            ports = "ports {} to {}".format(self.from_port, self.to_port)
        return "{}: {} {} from {}".format(name, self.protocol, ports,
                                          self.network)
예제 #8
0
 def test_list_ips(self):
     result = argument.List(argument.IPNetwork()).clean(None, ["0.0.0.0/0"])
     self.assertTrue(isinstance(result, list))
     self.assertTrue(isinstance(result[0], netaddr.IPNetwork))
예제 #9
0
 def test_ip_network(self):
     self.assertEqual(
         str(argument.IPNetwork().clean(None, "192.168.0.1/25")),
         "192.168.0.1/25",
     )
예제 #10
0
class Rule(Resource):

    resource_name = "rule"

    @property
    def dot_ignore(self):
        return self.security_group is None

    protocol = argument.String(default='tcp',
                               choices=['tcp', 'udp', 'icmp'],
                               field="IpProtocol")
    port = argument.Integer(min=-1, max=32768)
    from_port = argument.Integer(default=lambda r: r.port,
                                 min=-1,
                                 max=32768,
                                 field="FromPort")
    to_port = argument.Integer(default=lambda r: r.port,
                               min=-1,
                               max=32768,
                               field="ToPort")

    security_group = argument.Resource(
        "touchdown.aws.vpc.security_group.SecurityGroup",
        field="UserIdGroupPairs",
        serializer=serializers.ListOfOne(
            serializers.Dict(
                UserId=serializers.Property("OwnerId"),
                GroupId=serializers.Identifier(),
            )),
    )

    network = argument.IPNetwork(
        field="IpRanges",
        serializer=serializers.ListOfOne(
            serializers.Dict(CidrIp=serializers.String(), )),
    )

    def matches(self, runner, rule):
        sg = None
        if self.security_group:
            sg = runner.get_plan(self.security_group)
            # If the SecurityGroup doesn't exist yet then this rule can't exist
            # yet - so we can bail early!
            if not sg.resource_id:
                return False

        if self.protocol != rule['IpProtocol']:
            return False
        if self.from_port != rule.get('FromPort', None):
            return False
        if self.to_port != rule.get('ToPort', None):
            return False

        if sg and sg.object:
            for group in rule.get('UserIdGroupPairs', []):
                if group['GroupId'] == sg.resource_id and group[
                        'UserId'] == sg.object['OwnerId']:
                    return True

        if self.network:
            for network in rule.get('IpRanges', []):
                if network['CidrIp'] == str(self.network):
                    return True

        return False

    def __str__(self):
        name = super(Rule, self).__str__()
        if self.from_port == self.to_port:
            ports = "port {}".format(self.from_port)
        else:
            ports = "ports {} to {}".format(self.from_port, self.to_port)
        return "{}: {} {} from {}".format(
            name, self.protocol, ports,
            self.network if self.network else self.security_group)
예제 #11
0
class Route(Resource):

    resource_name = "route"

    destination_cidr = argument.IPNetwork(field="DestinationCidrBlock")
    internet_gateway = argument.Resource(InternetGateway, field="GatewayId")