def user(self): if not self._user: if self.args.access_key and self.args.secret_key and self.args.region: self._user = UserContext(aws_access_key=self.args.access_key, aws_secret_key=self.args.secret_key, region=self.args.region) if (self.args.clc or self.args.environment_file) and self.tc: self._user = self.tc.user return self._user
def admin(self): if not self._cloudadmin: conn_info = self._cloud_admin_connection_info if (conn_info.get('credpath') or (conn_info.get('aws_access_key') and conn_info.get('aws_secret_key'))): if conn_info.get('credpath'): conn_info['machine'] = self.cred_depot else: conn_info['eucarc'] = self.sysadmin.creds self._cloudadmin = UserContext(**conn_info) return self._cloudadmin
def create_user_context(self, access_key, secret_key, account_id=None, region_domain=None, ec2_url=None, s3_url=None, bootstrap_url=None): if not (region_domain or s3_url or ec2_url): raise ValueError( 'Can not derive service endpoints for user. ' 'Must supply either region_domain:"{0}", or ec2_url:"{1}" ' 's3_url:"{2}"'.format(region_domain, ec2_url, s3_url)) access_key = access_key or self.access_key secret_key = secret_key or self.secret_key region_domain = region_domain or self.region_domain if (not access_key and secret_key and region_domain): raise ValueError( 'Must supply access_key, secret_key and region domain to ' 'create user context') user = UserContext(aws_access_key=access_key, aws_secret_key=secret_key, region=region_domain) if ec2_url: user.ec2_url = ec2_url if s3_url: user.s3_url = s3_url if bootstrap_url: user.bootstrap_url = bootstrap_url if account_id: user.account_id = account_id return user
def user(self): try: if not self._user: if self.args.access_key and self.args.secret_key and self.args.region: self._user = UserContext( aws_access_key=self.args.access_key, aws_secret_key=self.args.secret_key, region=self.args.region) if (self.args.clc or self.args.environment_file) and self.tc: self._user = self.tc.user except Exception as UE: self.log.error('{0}\nFailed to create user: {1}'.format( get_traceback(), UE)) return self._user
def create_user_context(self, access_key, secret_key, account_id=None, region_domain=None, ec2_url=None, s3_url=None, bootstrap_url=None): if not (region_domain or s3_url or ec2_url): raise ValueError('Can not derive service endpoints for user. ' 'Must supply either region_domain:"{0}", or ec2_url:"{1}" ' 's3_url:"{2}"'.format(region_domain, ec2_url, s3_url)) access_key = access_key or self.access_key secret_key = secret_key or self.secret_key region_domain = region_domain or self.region_domain if (not access_key and secret_key and region_domain): raise ValueError('Must supply access_key, secret_key and region domain to ' 'create user context') user = UserContext(aws_access_key=access_key, aws_secret_key=secret_key, region=region_domain) if ec2_url: user.ec2_url = ec2_url if s3_url: user.s3_url = s3_url if bootstrap_url: user.bootstrap_url = bootstrap_url if account_id: user.account_id = account_id return user
def admin(self): if not self._cloudadmin: try: conn_info = self._cloud_admin_connection_info if (conn_info.get('credpath') or (conn_info.get('aws_access_key') and conn_info.get('aws_secret_key'))): if conn_info.get('credpath'): conn_info['machine'] = self.cred_depot else: rc_config = self.sysadmin.creds or {} rc_config.domain = self.domain rc_config.region = self.region conn_info['eucarc'] = rc_config self._cloudadmin = UserContext(**conn_info) except Exception as E: self.log.error('{0}\nError creating admin user, err:"{1}"' .format(get_traceback(), E)) raise E return self._cloudadmin
def create_user_using_cloudadmin(self, aws_account_name=None, aws_user_name='admin', aws_account_id=None, aws_access_key=None, aws_secret_key=None, credpath=None, eucarc=None, machine=None, service_connection=None, path='/', region=None, domain=None, https=None, validate_certs=False, boto2_api_version=None, log_level=None): if log_level is None: log_level = self.log.stdout_level or 'DEBUG' if region is None: region = self.region if domain is None: domain = self.domain if https is None: https = self._https boto2_api_version = boto2_api_version or \ self._test_user_connection_info.get('boto2_api_version', None) self.log.debug( 'Attempting to create user with params: account:{0}, name:{1}' 'access_key:{2}, secret_key:{3}, credpath:{4}, eucarc:{5}' ', machine:{6}, service_connection:{7}, path:{8}, region:{9},' 'loglevel:{10}, https:{11}, boto2_api_version:{12}'.format( aws_account_name, aws_user_name, aws_access_key, aws_secret_key, credpath, eucarc, machine, service_connection, path, region, log_level, https, boto2_api_version)) service_connection = service_connection or self.sysadmin if eucarc: if aws_access_key: eucarc.access_key = aws_access_key if aws_secret_key: eucarc.secret_key = aws_secret_key if aws_user_name: eucarc.user_name = aws_user_name if aws_account_name: eucarc.account_name = aws_account_name if aws_account_id: eucarc.account_id = aws_account_id return UserContext(eucarc=eucarc, region=region, domain=domain, service_connection=service_connection, log_level=log_level, https=https, boto2_api_version=boto2_api_version) if aws_access_key and aws_secret_key: return UserContext(aws_access_key=aws_access_key, aws_secret_key=aws_secret_key, aws_account_name=aws_account_name, aws_user_name=aws_user_name, region=region, domain=domain, service_connection=service_connection, log_level=log_level, boto2_api_version=boto2_api_version, https=https) if credpath: return UserContext(credpath=credpath, region=region, domain=domain, machine=machine, log_level=log_level, boto2_api_version=boto2_api_version) user = {} info = self.admin.iam.get_account(account_name=aws_account_name, account_id=aws_account_id) or {} if not info: info = self.admin.iam.create_account(account_name=aws_account_name, ignore_existing=True) aws_account_id = aws_account_id or info.get('account_id', None) try: user = self.admin.iam.get_user(user_name=aws_user_name, delegate_account=aws_account_id) except BotoServerError as BE: if int(E.status) == 404: self.log.debug('User not found, attempting to create...') if not user: user = self.admin.iam.create_user( user_name=aws_user_name, delegate_account=info.get('account_name'), path=path) if not user: raise RuntimeError( 'Failed to create and/or fetch Account:"{0}", for User:"******"'. format(aws_account_name, aws_user_name)) else: info.update(user) ak = self.admin.iam.get_aws_access_key( user_name=info.get('user_name'), delegate_account=info.get('account_name')) if not ak: ak = self.admin.iam.create_access_key( user_name=info.get('user_name'), delegate_account=info.get('account_name')) try: info['access_key_id'] = ak['access_key_id'] except KeyError: err_msg = ( 'Failed to fetch access key for USER:"******", ACCOUNT:"{1}"'. format(aws_user_name, aws_account_name)) self.log.error('{0}\n{1}'.format(get_traceback(), err_msg)) raise RuntimeError(err_msg) if self.admin.iam.get_all_signing_certs( user_name=info.get('user_name'), delegate_account=info.get('account_name')): certs = True else: certs = False user = UserContext(aws_access_key=info.get('access_key_id'), aws_secret_key=info.get('secret_access_key'), aws_account_name=info.get('account_name'), aws_user_name=info.get('user_name'), region=region, domain=domain, existing_certs=certs, machine=self.sysadmin.clc_machine, service_connection=self.sysadmin, log_level=log_level, boto2_api_version=boto2_api_version, https=https) user._user_info = self.admin.iam.get_user_info( user_name=user.user_name, delegate_account=user.account_id) return user
def create_user_using_cloudadmin(self, aws_account_name=None, aws_user_name='admin', aws_access_key=None, aws_secret_key=None, credpath=None, eucarc=None, machine=None, service_connection=None, path='/', region=None, domain=None, https=None, validate_certs=False, boto2_api_version=None, log_level=None): if log_level is None: log_level = self.log.stdout_level or 'DEBUG' if region is None: region = self.region if domain is None: domain = self.domain if https is None: https = self._https boto2_api_version = boto2_api_version or \ self._test_user_connection_info.get('boto2_api_version', None) self.log.debug('Attempting to create user with params: account:{0}, name:{1}' 'access_key:{2}, secret_key:{3}, credpath:{4}, eucarc:{5}' ', machine:{6}, service_connection:{7}, path:{8}, region:{9},' 'loglevel:{10}, https:{11}, boto2_api_version:{12}' .format(aws_account_name, aws_user_name, aws_access_key, aws_secret_key, credpath, eucarc, machine, service_connection, path, region, log_level, https, boto2_api_version)) service_connection = service_connection or self.sysadmin if eucarc: if aws_access_key: eucarc.access_key = aws_access_key if aws_secret_key: eucarc.secret_key = aws_secret_key if aws_user_name: eucarc.user_name = aws_user_name if aws_account_name: eucarc.account_name = aws_account_name return UserContext(eucarc=eucarc, region=region, domain=domain, service_connection=service_connection, log_level=log_level, https=https, boto2_api_version=boto2_api_version) if aws_access_key and aws_secret_key: return UserContext(aws_access_key=aws_access_key, aws_secret_key=aws_secret_key, aws_account_name=aws_account_name, aws_user_name=aws_user_name, region=region, domain=domain, service_connection=service_connection, log_level=log_level, boto2_api_version=boto2_api_version, https=https) if credpath: return UserContext(credpath=credpath, region=region, domain=domain, machine=machine, log_level=log_level, boto2_api_version=boto2_api_version) info = self.admin.iam.create_account(account_name=aws_account_name, ignore_existing=True) if info: user = self.admin.iam.create_user(user_name=aws_user_name, delegate_account=info.get('account_name'), path=path) info.update(user) else: raise RuntimeError('Failed to create and/or fetch Account:"{0}", for User:"******"' .format(aws_account_name, aws_user_name)) ak = self.admin.iam.get_aws_access_key(user_name=info.get('user_name'), delegate_account=info.get('account_name')) if not ak: ak = self.admin.iam.create_access_key(user_name=info.get('user_name'), delegate_account=info.get('account_name')) try: info['access_key_id'] = ak['access_key_id'] except KeyError: err_msg = ('Failed to fetch access key for USER:"******", ACCOUNT:"{1}"' .format(aws_user_name, aws_account_name)) self.log.error('{0}\n{1}'.format(get_traceback(), err_msg)) raise RuntimeError(err_msg) if self.admin.iam.get_all_signing_certs(user_name=info.get('user_name'), delegate_account=info.get('account_name')): certs = True else: certs = False user = UserContext(aws_access_key=info.get('access_key_id'), aws_secret_key=info.get('secret_access_key'), aws_account_name=info.get('account_name'), aws_user_name=info.get('user_name'), region=region, domain=domain, existing_certs=certs, machine=self.sysadmin.clc_machine, service_connection=self.sysadmin, log_level=log_level, boto2_api_version=boto2_api_version, https=https) user._user_info = self.admin.iam.get_user_info(user_name=user.user_name, delegate_account=user.account_id) return user