def _check_security(accessKey, secretKey, region, resource, terraform):
group_name = "pacbot"
client = boto3.client('ec2',
region_name=region,
aws_access_key_id=accessKey,
aws_secret_access_key=secretKey)
security_groups = client.describe_security_groups(
Filters=[{
'Name': 'group-name',
'Values': [group_name]
}])
if len(security_groups['SecurityGroups']) > 0:
for security_group in security_groups['SecurityGroups']:
if security_group['GroupName'] == group_name:
group_id = security_group['GroupId']
jsonRead._write_json(resource, group_id)
print(
"-- Skipping security group creation as it already exists."
)
return True
ec2 = boto3.resource('ec2',
region_name=region,
aws_access_key_id=accessKey,
aws_secret_access_key=secretKey)
security_group = ec2.SecurityGroup(jsonRead._get_security_id())
return _check_in_terraform(security_group.id, terraform)
def _create_or_destroy(terraform, action, resource, approve):
if action == "install":
response = terraform.apply(**approve)
print resource, " creation completed"
_logs_display(response)
try:
response = terraform.output()
value = response['pacman']['value']
if response is not None:
jsonRead._write_json(resource, value)
except TypeError as e:
pass
except KeyError as ke:
pass
elif action == "destroy":
response = terraform.destroy(**approve)
_logs_display(response)
try:
os.remove("./terraform/" + resource + "/terraform.tfstate")
os.remove("./terraform/" + resource + "/terraform.tfstate.backup")
except OSError as ose:
pass
user_name = ''
user_arn = ''
policylist = []
assignedpolicieslist = []
client_accountid = ''
accessKey = raw_input("Enter base Account Access Key=")
secretKey = raw_input("Enter base Account Secret Key=")
region = raw_input("Enter base Account AWS region=")
# client_arn=raw_input("Enter service account role arn=")
vpcid = jsonRead._get_vpcid()
client_assumerole = '' # client_arn.split("/")[1]
client_accountid = '' # client_arn.split("::")[1].split(":")[0]
jsonRead._write_json("client_account_id", client_accountid)
jsonRead._write_json("client_assume_role", client_assumerole)
err_msg = "System is exiting"
vpcid = network._check_vpc(region, accessKey, secretKey, jsonRead._get_vpcid(), err_msg)
if vpcid is None:
sys.exit()
cidr_input = jsonRead._get_cidr()
cidr_list = network._get_cidr_list()
subnet_list = network._get_subnetid(vpcid, region, accessKey, secretKey)
subnet_input = jsonRead._get_subnet()
'''
if cidr_input not in cidr_list:
print "Please add correct CIDR in resource.json"
def _create_aws_resources(aws_access_key, aws_secret_key, region):
warnings.simplefilter("ignore")
warnings.simplefilter("error")
varsmap = {}
threads = []
rc = 0
filecreator.flush_logfile()
for count, resource in enumerate(varsdata._get_execution_order(), start=0):
if resource == "build-ui": # For build ui just call the function and dont do anything else
jsonRead._build_ui_apps(aws_access_key, aws_secret_key, region)
continue
varsmap = varsdata._get_terraform_map(resource, "")
if varsmap is None:
continue
print "Creating ", resource
varsmap.update({
'aws_access_key': aws_access_key,
'aws_secret_key': aws_secret_key,
'region': region
})
terraform = ''
to_be_created = False
try:
terraform = Terraform(working_dir='./terraform/' + resource)
terraform.init()
except ValueError as ve:
os.remove("./terraform/" + resource + "/terraform.tfstate")
terraform = Terraform(working_dir='./terraform/' + resource)
terraform.init()
if resource in ("es", "rds", "redshift"):
rc += 1
if count != 2 and checkresources._check_resource(
aws_access_key, aws_secret_key, region, resource,
terraform) is True:
if resource in ("es", "rds", "redshift"):
if len(threads) == 0:
continue
else:
continue
else:
to_be_created = True
if resource == "batch":
network.create_KeyPair(region, aws_access_key, aws_secret_key,
jsonRead._get_key_name(),
jsonRead._get_file_name())
filecreator.file_replace(jsonRead._get_base_accountid())
container.handler._create_ecr_image_push(
region, aws_access_key, aws_secret_key, './container',
jsonRead._get_batch_repo(), pacman_installation)
elif resource == "oss-api":
filecreator._api_file_replace(jsonRead._get_base_accountid())
container.handler._create_ecr_image_push(region, aws_access_key,
aws_secret_key,
'./container/api',
jsonRead._get_api_repo(),
pacman_installation)
elif resource == "oss-ui":
filecreator._ui_file_replace(jsonRead._get_base_accountid())
container.handler._create_ecr_image_push(region, aws_access_key,
aws_secret_key,
'./container/ui',
jsonRead._get_ui_repo(),
pacman_installation)
response = terraform.plan(refresh=False,
capture_output=True,
input=False,
var=varsmap)
if count == 2:
varsmap.update({'check': 0})
approve = {"auto_approve": True, "var": varsmap}
if resource in ("es", "rds", "redshift"):
if to_be_created:
threads.append(
Thread(target=_create_or_destroy,
args=(
terraform,
"install",
resource,
approve,
)))
to_be_created = False
if rc == 3:
for thread in threads:
thread.start()
for thread in threads:
thread.join()
else:
response = terraform.apply(**approve)
_logs_display(response)
print resource, " creation completed"
response = terraform.output()
try:
value = response['pacman']['value']
if response is not None:
jsonRead._write_json(resource, value)
except TypeError as e:
continue
except KeyError as ke:
continue
append_ui_url_and_auth_details_to_log()