def handle_state_master_resources_in_progress(self, spot_master_item ): """ Verify the SG, KP and Role/InstanceProfile are created :param spot_master_item: """ logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress') kp_name = spot_master_item[ TableSpotMaster.kp_name ] ec2_conn = awsext.ec2.connect_to_region( self.region_name, profile_name=self.profile_name ) key_pair = ec2_conn.find_key_pair( kp_name ) if key_pair == None: return logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress: kp_name ready') vpc_id = spot_master_item[ TableSpotMaster.cheapest_vpc_id ] sg_id = spot_master_item[ TableSpotMaster.sg_id ] vpc_conn = awsext.vpc.connect_to_region( self.region_name, profile_name=self.profile_name ) group_id, is_group_exists = vpc_conn.is_security_group_exists( vpc_id, group_id=sg_id ) if not is_group_exists: return logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress: sg_id ready') iam_conn = awsext.iam.connect_to_region( self.region_name, profile_name=self.profile_name ) role_name = spot_master_item[ TableSpotMaster.role_name ] if not iam_conn.is_role_exists( role_name ): return logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress: role_name ready') if not iam_conn.is_instance_profile_exists( role_name ): return logger.info( fmt_master_item_msg_hdr( spot_master_item ) + 'handle_state_master_resources_in_progress: instance_profile_name ready') batch_job_parm = get_batch_job_parm_item( spot_master_item[ TableSpotMaster.spot_master_uuid ], self.spot_batch_job_parm_table_name, self.region_name, self.profile_name, attributes=[TableSpotBatchJobParm.raw_batch_job_parm_item] ) raw_batch_job_parm_item = batch_job_parm[ TableSpotBatchJobParm.raw_batch_job_parm_item ] batch_job_parm_item = BatchJobParmItem( stringParmFile=raw_batch_job_parm_item ) # At this point, all resources have been created - some require additional steps after creation completes # Update the SG with any inbound rules inbound_rule_items_serialized = batch_job_parm_item.serialized_inbound_rule_items if inbound_rule_items_serialized != None: inbound_rule_items = deserialize_inbound_rule_items( inbound_rule_items_serialized ) security_group = vpc_conn.get_security_group( vpc_id, group_id ) vpc_conn.authorize_inbound_rules( security_group, inbound_rule_items ) # Create base policy (queue, buckets) and extend with user policy from batch_job_parm_item policy = create_policy( batch_job_parm_item ) policy_json = json.dumps( policy ) iam_conn.add_role_instance_profile_policy( role_name=spot_master_item[ TableSpotMaster.role_name ], policy_name=spot_master_item[ TableSpotMaster.policy_name ], policy=policy_json ) spot_master_row_partial_save( self.spot_master_table_name, spot_master_item, {TableSpotMaster.spot_master_state_code:SpotMasterStateCode.master_role_policy_in_progress}, region_name=self.region_name, profile_name=self.profile_name ) return
def main(): """ """ path_parm_file = '/home/pete.zybrick/Development/Workspaces/Python/awsspotbatch/parm/spot_batch_job_ipc-training.json' batch_job_parm_item = BatchJobParmItem( path_parm_file ) policy = create_policy( batch_job_parm_item ) print str(policy)