def get_soca_configuration(): secretsmanager_client = boto3.client('secretsmanager', config=config.boto_extra_config()) configuration_secret_name = os.environ['SOCA_CONFIGURATION'] response = secretsmanager_client.get_secret_value( SecretId=configuration_secret_name) return json.loads(response['SecretString'], strict=False)
def post(self): """ Change password for a given user --- tags: - User Management parameters: - in: body name: body schema: required: - user - password properties: user: type: string description: SOCA user password: type: string description: New password to configure responses: 200: description: Pair of username/token is valid 203: description: Invalid username/token pair 400: description: Malformed client input """ parser = reqparse.RequestParser() parser.add_argument("user", type=str, location="form") parser.add_argument("password", type=str, location="form") args = parser.parse_args() user = args["user"] password = args["password"] logger.info(f"Received password reset request for {user}") if user.lower() in password.lower(): return errors.all_errors("DS_PASSWORD_USERNAME_IN_PW") ds_password_complexity = r"(?=^.{8,64}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9\s])(?=.*[a-z])|(?=.*[^A-Za-z0-9\s])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9\s]))^.*" if not re.search(ds_password_complexity, password): return errors.all_errors("DS_PASSWORD_COMPLEXITY_ERROR") lambda_client = boto3.client("lambda", config=config.boto_extra_config()) if user is None or password is None: return errors.all_errors("CLIENT_MISSING_PARAMETER", "user (str) and password (str) parameters are required") ds_password_reset_lambda_arn = config.Config.DIRECTORY_SERVICE_RESET_LAMBDA_ARN if not ds_password_reset_lambda_arn: return errors.all_errors("MISSING_DS_RESET_LAMBDA") try: response = lambda_client.invoke(FunctionName=ds_password_reset_lambda_arn, Payload=json.dumps({"Username": user, "Password": password, "DirectoryServiceId": config.Config.DIRECTORY_SERVICE_ID}, indent=2).encode("utf-8")) logger.info(str(response['Payload'].read())) return {"success": True, "message": "Password updated correctly."}, 200 except Exception as err: return errors.all_errors(type(err).__name__, err)
from flask import request from requests import get import logging from datetime import datetime import json import read_secretmanager from decorators import private_api import base64 import boto3 import os import sys import errors from models import db, LinuxDCVSessions, WindowsDCVSessions logger = logging.getLogger("api") client_ec2 = boto3.client("ec2", config=config.boto_extra_config()) client_cfn = boto3.client("cloudformation", config=config.boto_extra_config()) def encrypt(message): key = config.Config.DCV_TOKEN_SYMMETRIC_KEY cipher_suite = Fernet(key) return cipher_suite.encrypt(message.encode("utf-8")) def get_host_info(tag_uuid, cluster_id, operating_system): host_info = {} token = True next_token = '' while token is True: response = client_ec2.describe_instances(
import config from flask_restful import Resource, reqparse import logging from decorators import admin_api, restricted_api, private_api import botocore import datetime from models import db, AmiList import boto3 import errors from sqlalchemy import exc from sqlalchemy.exc import SQLAlchemyError logger = logging.getLogger("api") session = boto3.session.Session() aws_region = session.region_name ec2_client = boto3.client('ec2', aws_region, config=config.boto_extra_config()) def get_ami_info(): ami_info = {} for session_info in AmiList.query.filter_by(is_active=True).all(): ami_info[session_info.ami_label] = session_info.ami_id return ami_info class ManageImage(Resource): @admin_api def post(self): """ Register a new EC2 AMI as DCV image on SOCA ---
import logging import os import config import re from datetime import datetime, timezone, timedelta import pytz import json import time from dateutil.parser import parse from models import db, WindowsDCVSessions, LinuxDCVSessions from botocore.exceptions import ClientError from models import db from sqlalchemy import or_, and_ logger = logging.getLogger("scheduled_tasks") client_ec2 = boto3.client("ec2", config=config.boto_extra_config()) client_ssm = boto3.client("ssm", config=config.boto_extra_config()) client_cloudformation = boto3.client("cloudformation", config=config.boto_extra_config()) def now(): try: tz = pytz.timezone(config.Config.TIMEZONE) except pytz.exceptions.UnknownTimeZoneError: logger.error( "Timezone {} configured by the admin does not exist. Defaulting to UTC. Refer to https://en.wikipedia.org/wiki/List_of_tz_database_time_zones for a full list of supported timezones" .format(config.Config.TIMEZONE)) tz = pytz.timezone("UTC") server_time = datetime.now(timezone.utc).astimezone(tz)
def get_compute_pricing(ec2_instance_type): pricing = {} region_mapping = { "ap-east-1": "APE1-", "ap-northeast-1": "APN1-", "ap-northeast-2": "APN2-", "ap-south-1": "APS1-", "ap-southeast-1": "APS1-", "ap-southeast-2": "APS1-", "ca-central-1": "CAC1-", "eu-central-1": "EUC1-", "eu-north-1": "EUN1-", "eu-south-1": "EUS1-", "eu-west-1": "EUW1-", "eu-west-2": "EUW2-", "eu-west-3": "EUW3-", "me-south-1": "MES1-", "us-east-1": "", "us-east-2": "USE2-", "us-west-1": "USW1-", "us-west-2": "USW2-", "sa-east-1": "SAE1-", } client_pricing = boto3.client("pricing", region_name="us-east-1", config=config.boto_extra_config()) session = boto3.session.Session() region = session.region_name response = client_pricing.get_products( ServiceCode='AmazonEC2', Filters=[ { 'Type': 'TERM_MATCH', 'Field': 'usageType', 'Value': region_mapping[region] + 'BoxUsage:' + ec2_instance_type }, ], ) for data in response['PriceList']: data = ast.literal_eval(data) for k, v in data['terms'].items(): if k == 'OnDemand': for skus in v.keys(): for ratecode in v[skus]['priceDimensions'].keys(): instance_data = v[skus]['priceDimensions'][ratecode] if 'on demand linux ' + str( ec2_instance_type ) + ' instance hour' in instance_data[ 'description'].lower(): pricing['ondemand'] = float( instance_data['pricePerUnit']['USD']) else: for skus in v.keys(): if v[skus]['termAttributes']['OfferingClass'] == 'standard' \ and v[skus]['termAttributes']['LeaseContractLength'] == '1yr' \ and v[skus]['termAttributes']['PurchaseOption'] == 'No Upfront': for ratecode in v[skus]['priceDimensions'].keys(): instance_data = v[skus]['priceDimensions'][ ratecode] if 'Linux/UNIX (Amazon VPC)' in instance_data[ 'description']: pricing['reserved'] = float( instance_data['pricePerUnit']['USD']) return pricing