#
# Run: python SonarQube.py
# Debug: python -m pdb SonarQube.py
#
from troposphere import Parameter, Template, Ref, Tags, Select, GetAZs, Join, Output, GetAtt, Base64
from troposphere.iam import InstanceProfile, Role
from troposphere import cloudformation
from troposphere.rds import DBInstance, DBParameterGroup
import troposphere.ec2 as ec2
SONARQUBE_PATH = '/opt/sonarqube/sonarqube.zip'
t = Template(Description='SonarQube instance')
t.AWSTemplateFormatVersion = '2010-09-09'
keyname = t.add_parameter(
Parameter(
'KeyName',
Type='AWS::EC2::KeyPair::KeyName',
ConstraintDescription=('must be the name of an existing EC2 '
'KeyPair.'),
Description=('Name of an existing EC2 KeyPair to enable SSH '
'access to the instance')
)
)
your_ip_address = t.add_parameter(
Parameter(
'YourIpAddress',
def do_template(self):
t = Template(Description=self.description)
t.AWSTemplateFormatVersion = '2010-09-09'
t.add_parameter(
Parameter(
'KeyName',
Type='AWS::EC2::KeyPair::KeyName',
ConstraintDescription=('must be the name of an existing EC2 '
'KeyPair.'),
Description=('Name of an existing EC2 KeyPair to enable SSH '
'access to the instance')
)
)
queue = t.add_resource(
sqs.Queue(
'DLQLambdaQueue',
QueueName='DLQLambdaQueue',
DelaySeconds=0,
# Long polling. See: http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-long-polling.html#sqs-long-polling-console
# 20 seconds
ReceiveMessageWaitTimeSeconds=20,
# 256KiB (bytes)
MaximumMessageSize=262144,
# 30 seconds
VisibilityTimeout=30,
# 14 days (seconds)
MessageRetentionPeriod=1209600
)
)
role = t.add_resource(
iam.Role(
'GusLambdaRole',
RoleName='GusLambdaRole',
# Trust relationships
AssumeRolePolicyDocument={
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
},
Path='/gus-lambda/',
# Permissions
# Managed Policies
ManagedPolicyArns=[
'arn:aws:iam::aws:policy/AmazonSQSFullAccess',
'arn:aws:iam::aws:policy/AWSLambdaFullAccess',
'arn:aws:iam::aws:policy/AWSLambdaExecute',
'arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess',
('arn:aws:iam::aws:policy/service-role/'
'AWSLambdaVPCAccessExecutionRole'),
],
# Inline Policies
Policies=[
iam.Policy(
PolicyName='gus-inline-policy',
PolicyDocument={
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DescribeNetworkInterfaces"
],
"Resource": "*"
}
]
}
)
]
)
)
lambda_function = t.add_resource(
Function(
"GusLambdaFunction",
Description='aws-lambda-gus-example',
FunctionName='aws-lambda-gus-example',
# size 320MB
MemorySize='320',
Environment=Environment(
Variables={'ENVIRONMENT_GUS': 'GUSTAVO'}
),
Code=Code(
S3Bucket='guslambda',
S3Key='aws-example-lambda-1.0-SNAPSHOT-jar-with-dependencies.jar'
),
# time out 15 seconds
Timeout=15,
Handler='de.aws.example.lambda.AWSLambdaExample',
Role=GetAtt(role, 'Arn'),
Runtime='java8',
DeadLetterConfig=DeadLetterConfig(
TargetArn=GetAtt(queue, "Arn")
),
VpcConfig=VPCConfig(
SecurityGroupIds=[
'sg-XXXXXX'
],
SubnetIds=[
'subnet-XXXXXXXX',
'subnet-YYYYYYYY'
]
)
)
)
# It will create the aws-lambda-gus-example version 1
# We can not choose the version numbers. They are automaticaly created
# by Amazon.
# Lambda version: 1 (the number is given by Amazon)
t.add_resource(
Version(
'LambdaVersion1',
Description='Lambda Version 1',
FunctionName=Ref(lambda_function)
)
)
# First change set (adding new values to our cloudformation)
# New lambda version: 2
t.add_resource(
Version(
'LambdaVersion2',
Description='Lambda Version 2',
FunctionName=Ref(lambda_function)
)
)
# Modificate template in order to create alias for version 1.
t.add_resource(
Alias(
'LambdaAlias',
Name=Ref(lambda_function),
Description='Lambda Alias 1',
FunctionName=Ref(lambda_function),
# Amazon will give the version 1 to the first created
# LambdaVersion1.
# So, we know what number to choose here :)
FunctionVersion='1'
)
)
return t
