class Attributes(Resource):
resource_name = "attributes"
dot_ignore = True
idle_timeout = argument.Integer(
default=30,
field="ConnectionSettings",
serializer=serializers.Dict(IdleTimeout=serializers.Identity(), ),
)
connection_draining = argument.Integer(
default=0,
field="ConnectionDraining",
serializer=serializers.Dict(
Enabled=serializers.Expression(lambda runner, object: object > 0),
Timeout=serializers.Identity(),
))
cross_zone_load_balancing = argument.Boolean(
default=True,
field="CrossZoneLoadBalancing",
serializer=serializers.Dict(Enabled=serializers.Identity(), ))
access_log = argument.Resource(
Bucket,
field="AccessLog",
serializer=serializers.Dict(
Enabled=serializers.Expression(
lambda runner, object: object is not None),
S3BucketName=serializers.Identifier(),
))
def setup(self):
super(BuildWorkspace, self).setup()
env = self.runner.get_service(self.resource.environment, self.name)
account = self.runner.get_service(self.resource.environment.account,
self.name)
user_data = serializers.Json(
serializers.Dict(**self.resource.user_data.render(
self.runner, self.resource.user_data)))
self.auto_scaling_group = account.aws.add_auto_scaling_group(
name=self.resource.name,
launch_configuration=account.aws.add_launch_configuration(
name=self.resource.name,
image='ami-123456',
instance_type="t2.micro",
user_data=user_data,
key_pair=env.keypair,
security_groups=[self.security_group],
associate_public_ip_address=self.resource.public,
# instance_profile=...
),
min_size=1,
max_size=1,
replacement_policy=self.resource.replacement_policy,
load_balancers=[
self.runner.get_service(lb, self.name).load_balancer
for lb in self.resource.load_balancers
],
subnets=self.subnets,
)
class HostedZone(Resource):
""" A DNS zone hosted at Amazon Route53 """
resource_name = "hosted_zone"
extra_serializers = {
"CallerReference":
serializers.Expression(lambda x, y: str(uuid.uuid4())),
}
name = argument.String(field="Name")
vpc = argument.Resource(VPC, field="VPC")
comment = argument.String(
field="HostedZoneConfig",
serializer=serializers.Dict(Comment=serializers.Identity(), ),
)
records = argument.ResourceList(Record)
shared = argument.Boolean()
""" If a hosted zone is shared then it won't be destroyed and DNS records will never be deleted """
account = argument.Resource(BaseAccount)
def clean_name(self, name):
return _normalize(name)
def test_list(self):
serializer = serializers.List(
serializers.Dict(Name=serializers.Argument("name")))
result = serializer.render(self.runner, [self.resource])
self.assertEqual(result, [
{
"Name": "test"
},
])
class LaunchConfiguration(Resource):
resource_name = "launch_configuration"
name = argument.String(max=255, field="LaunchConfigurationName", update=False)
image = argument.String(max=255, field="ImageId")
key_pair = argument.Resource(KeyPair, field="KeyName")
security_groups = argument.ResourceList(SecurityGroup, field="SecurityGroups")
user_data = argument.Serializer(field="UserData")
instance_type = argument.String(max=255, field="InstanceType")
kernel = argument.String(max=255, field="KernelId")
ramdisk = argument.String(max=255, field="RamdiskId")
# block_devices = argument.Dict(field="BlockDeviceMappings")
instance_monitoring = argument.Boolean(
default=False,
field="InstanceMonitoring",
serializer=serializers.Dict(Enabled=serializers.Identity()),
)
spot_price = argument.String(field="SpotPrice")
instance_profile = argument.Resource(
InstanceProfile,
field="IamInstanceProfile",
serializers=serializers.Property("Arn"),
)
ebs_optimized = argument.Boolean(field="EbsOptimized")
associate_public_ip_address = argument.Boolean(field="AssociatePublicIpAddress")
placement_tenancy = argument.String(
max=64,
choices=[
"default",
"dedicated",
],
field="PlacementTenancy",
)
account = argument.Resource(Account)
def matches(self, runner, remote):
if "UserData" in remote and remote["UserData"]:
import base64
remote["UserData"] = base64.b64decode(remote["UserData"])
return super(LaunchConfiguration, self).matches(runner, remote)
def get_serializer(self, runner):
return serializers.Context(
serializers.Const(self.adapts),
serializers.Dict(
DNSName=serializers.Context(
serializers.Property("CanonicalHostedZoneName"),
serializers.Expression(lambda r, o: route53._normalize(o)),
),
HostedZoneId=serializers.Property("CanonicalHostedZoneNameID"),
EvaluateTargetHealth=False,
))
def __init__(self, plan, description, func, serializer=None, **kwargs):
super(GenericAction, self).__init__(plan)
self.func = func
self._description = description
if serializer:
self.serializer = serializer
else:
self.serializer = serializers.Dict(
**{
k: v if isinstance(v, serializers.Serializer
) else serializers.Const(v)
for (k, v) in kwargs.items()
})
class Bucket(Resource):
resource_name = "bucket"
name = argument.String(field="Bucket")
region = argument.String(
field="CreateBucketConfiguration",
serializer=serializers.Dict(
LocationConstraint=serializers.Identity(), ),
)
account = argument.Resource(Account)
class S3Origin(Resource):
resource_name = "s3_origin"
extra_serializers = {
"S3OriginConfig":
serializers.Dict(OriginAccessIdentity=serializers.Argument(
"origin_access_identity"), ),
}
name = argument.String(field='Id')
bucket = argument.Resource(Bucket,
field="DomainName",
serializer=serializers.Format(
"{0}.s3.amazonaws.com",
serializers.Identifier()))
origin_access_identity = argument.String(default='')
class ForwardedValues(Resource):
resource_name = "forwarded_values"
dot_ignore = True
extra_serializers = {
"Cookies":
serializers.Dict(
Forward=serializers.Argument("forward_cookies"),
WhitelistedNames=CloudFrontList(
serializers.Argument("cookie_whitelist")),
)
}
query_string = argument.Boolean(field="QueryString", default=False)
headers = argument.List(field="Headers",
serializer=CloudFrontList(serializers.List()))
forward_cookies = argument.String(default="whitelist")
cookie_whitelist = argument.List()
class CustomOrigin(Resource):
resource_name = "custom_origin"
dot_ignore = True
extra_serializers = {
"CustomOriginConfig":
serializers.Dict(
HTTPPort=serializers.Argument("http_port"),
HTTPSPort=serializers.Argument("https_port"),
OriginProtocolPolicy=serializers.Argument("origin_protocol"),
)
}
name = argument.String(field='Id')
domain_name = argument.String(field='DomainName')
http_port = argument.Integer(default=80)
https_port = argument.Integer(default=443)
origin_protocol = argument.String(choices=['http-only', 'match-viewer'],
default='match-viewer')
class VpnConnection(Resource):
resource_name = "vpn_connection"
name = argument.String()
customer_gateway = argument.Resource(CustomerGateway, field="CustomerGatewayId")
vpn_gateway = argument.Resource(VpnGateway, field="VpnGatewayId")
type = argument.String(default="ipsec.1", choices=["ipsec.1"], field="Type")
static_routes_only = argument.Boolean(
default=True,
field="Options",
serializer=serializers.Dict(StaticRoutesOnly=serializers.Boolean()),
)
static_routes = argument.List()
# FIXME: This should somehow be a list of argument.IPNetwork
tags = argument.Dict()
vpc = argument.Resource(VPC)
class Record(Resource):
resource_name = "record"
name = argument.String(field="Name")
type = argument.String(field="Type")
values = argument.List(field="ResourceRecords",
serializer=serializers.List(serializers.Dict(
Value=serializers.Identity(), ),
skip_empty=True))
ttl = argument.Integer(min=0, field="TTL")
set_identifier = argument.Integer(min=1, max=128, field="SetIdentifier")
alias = argument.Resource(
AliasTarget,
field="AliasTarget",
serializer=serializers.Resource(),
)
def clean_name(self, name):
return _normalize(name)
class Rule(Resource):
resource_name = "rule"
dot_ignore = True
network = argument.IPNetwork(field="CidrBlock")
protocol = argument.String(default='tcp',
choices=['tcp', 'udp', 'icmp'],
field="Protocol")
port = argument.Integer(min=-1, max=65535)
from_port = argument.Integer(default=lambda r: r.port
if r.port != -1 else 1,
min=-1,
max=65535)
to_port = argument.Integer(default=lambda r: r.port
if r.port != -1 else 65535,
min=-1,
max=65535)
action = argument.String(default="allow",
choices=["allow", "deny"],
field="RuleAction")
extra_serializers = {
"PortRange":
serializers.Dict(
From=serializers.Integer(serializers.Argument("from_port")),
To=serializers.Integer(serializers.Argument("to_port")),
),
}
def __str__(self):
name = super(Rule, self).__str__()
if self.from_port == self.to_port:
ports = "port {}".format(self.from_port)
else:
ports = "ports {} to {}".format(self.from_port, self.to_port)
return "{}: {} {} from {}".format(name, self.protocol, ports,
self.network)
def update_object(self):
changes = []
description = ["Update hosted zone records"]
# Retrieve all DNS records associated with this hosted zone
# Ignore SOA and NS records for the top level domain
remote_records = []
if self.resource_id:
for record in self.client.list_resource_record_sets(
HostedZoneId=self.resource_id)['ResourceRecordSets']:
if record['Type'] in (
'SOA', 'NS') and record['Name'] == self.resource.name:
continue
remote_records.append(record)
for local in self.resource.records:
for remote in remote_records:
if local.matches(self.runner, remote):
break
else:
changes.append(
serializers.Dict(
Action="UPSERT",
ResourceRecordSet=serializers.Context(
serializers.Const(local), serializers.Resource()),
))
description.append("Name => {}, Type={}, Action=UPSERT".format(
local.name, local.type))
if not self.resource.shared:
for remote in remote_records:
for local in self.resource.records:
if remote["Name"] != local.name:
continue
if remote["Type"] != local.type:
continue
if remote.get("SetIdentifier",
None) != local.set_identifier:
continue
break
else:
changes.append(
serializers.Const({
"Action": "DELETE",
"ResourceRecordSet": record
}))
description.append(
"Name => {}, Type={}, Action=DELETE".format(
record["Name"], record["Type"]))
if changes:
yield self.generic_action(
description,
self.client.change_resource_record_sets,
serializers.Dict(
HostedZoneId=serializers.Identifier(),
ChangeBatch=serializers.Dict(
#Comment="",
Changes=serializers.Context(
serializers.Const(changes),
serializers.List(serializers.SubSerializer())), )),
)
def test_dict(self):
serializer = serializers.Dict(Name=serializers.Argument("name"))
result = serializer.render(self.runner, self.resource)
self.assertEqual(result, {"Name": "test"})
def get_destroy_serializer(self):
return serializers.Dict(
Id=self.resource_id,
IfMatch=self.object['ETag'],
)
def clean_user_data(self, value):
value = serializers.Dict(**value)
for dep in value.dependencies(self):
if dep != self:
self.add_dependency(dep)
return value
def get_destroy_serializer(self):
return serializers.Dict(**{self.key: self.resource_id})
def get_destroy_serializer(self):
return serializers.Dict(
ReplicationGroupId=serializers.Identifier(),
RetainPrimaryCluster=True
if self.resource.primary_cluster else False,
)
def get_destroy_serializer(self):
return serializers.Dict(
DBInstanceIdentifier=self.resource_id,
SkipFinalSnapshot=True,
)
class Rule(Resource):
resource_name = "rule"
@property
def dot_ignore(self):
return self.security_group is None
protocol = argument.String(default='tcp',
choices=['tcp', 'udp', 'icmp'],
field="IpProtocol")
port = argument.Integer(min=-1, max=32768)
from_port = argument.Integer(default=lambda r: r.port,
min=-1,
max=32768,
field="FromPort")
to_port = argument.Integer(default=lambda r: r.port,
min=-1,
max=32768,
field="ToPort")
security_group = argument.Resource(
"touchdown.aws.vpc.security_group.SecurityGroup",
field="UserIdGroupPairs",
serializer=serializers.ListOfOne(
serializers.Dict(
UserId=serializers.Property("OwnerId"),
GroupId=serializers.Identifier(),
)),
)
network = argument.IPNetwork(
field="IpRanges",
serializer=serializers.ListOfOne(
serializers.Dict(CidrIp=serializers.String(), )),
)
def matches(self, runner, rule):
sg = None
if self.security_group:
sg = runner.get_plan(self.security_group)
# If the SecurityGroup doesn't exist yet then this rule can't exist
# yet - so we can bail early!
if not sg.resource_id:
return False
if self.protocol != rule['IpProtocol']:
return False
if self.from_port != rule.get('FromPort', None):
return False
if self.to_port != rule.get('ToPort', None):
return False
if sg and sg.object:
for group in rule.get('UserIdGroupPairs', []):
if group['GroupId'] == sg.resource_id and group[
'UserId'] == sg.object['OwnerId']:
return True
if self.network:
for network in rule.get('IpRanges', []):
if network['CidrIp'] == str(self.network):
return True
return False
def __str__(self):
name = super(Rule, self).__str__()
if self.from_port == self.to_port:
ports = "port {}".format(self.from_port)
else:
ports = "ports {} to {}".format(self.from_port, self.to_port)
return "{}: {} {} from {}".format(
name, self.protocol, ports,
self.network if self.network else self.security_group)
def get_create_serializer(self):
return serializers.Dict(DistributionConfig=serializers.Resource(), )