def LaunchTemplate():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_sg_id = SecurityGroups.SecurityGroupId()
aws_keypair_id = KeyPairs.KeyPairId()
# Cheking if "auto-scaling-group:" is present in the configuration file
launch_template = resource_specs["launch-template"].items(
) if "launch-template" in resource_specs else None
# If "auto-scaling-group:" is present then we'll run all the code below
if launch_template is not None:
# Loop through all Launch Templates defined
for launch_template_name, launch_template_configuration in launch_template:
# If there's any configuration then we'll execute the
# code below, else we'll pass the execution
if launch_template_configuration is not None:
# AWS Launch Template Dynamic Variables
# Resource Name
resource_name = launch_template_name
# AWS Launch Template configuration and its Default values
resource_description = launch_template_configuration[
"description"] if "description" in launch_template_configuration else None
resource_instance_type = launch_template_configuration[
"instance-type"] if "instance-type" in launch_template_configuration else None
resource_ami = launch_template_configuration[
"ami"] if "ami" in launch_template_configuration else None
resource_key = launch_template_configuration[
"key"] if "key" in launch_template_configuration else None
resource_ebs_optimized = launch_template_configuration[
"ebs-optimized"] if "ebs-optimized" in launch_template_configuration else True
resource_termination_protection = launch_template_configuration[
"termination-protection"] if "termination-protection" in launch_template_configuration else False
resource_security_groups = launch_template_configuration[
"security-groups"] if "security-groups" in launch_template_configuration else None
resource_user_data = launch_template_configuration[
"user-data"] if "user-data" in launch_template_configuration else None
resource_update_default_version = launch_template_configuration[
"update-default-version"] if "update-default-version" in launch_template_configuration else True
# Resource Tags and its Default values
resource_tags = None
resource_tags = launch_template_configuration[
"tags"] if "tags" in launch_template_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items(
):
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
# Check if the KeyPair is provided or not
if resource_key is None:
this_keypair = None
else:
this_keypair = aws_keypair_id[str(resource_key)]
# Getting the list of security groups found
security_groups_list = []
for each_security_group_found in resource_security_groups:
this_security_group = aws_sg_id[str(
each_security_group_found)]
security_groups_list.append(this_security_group)
# Encode "user_data" to base64 format
# Ref: https://stackoverflow.com/a/42759842
user_data_base64 = b64encode(
resource_user_data.encode("ascii")).decode("ascii")
new_launch_template = ec2.LaunchTemplate(
resource_name,
description=resource_description,
instance_type=resource_instance_type,
image_id=resource_ami,
key_name=this_keypair,
ebs_optimized=resource_ebs_optimized,
disable_api_termination=resource_termination_protection,
vpc_security_group_ids=security_groups_list,
# It has to be base64 encoded
user_data=user_data_base64,
tags=tags_list,
update_default_version=resource_update_default_version)
# NOTE Launch Templates ID Dictionary
# Update resource dictionaries
lt_ids_dict.update(
{new_launch_template._name: new_launch_template.id})
def Cluster():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_iam_role_arn = IAM.RoleARN()
aws_sgs_ids = SecurityGroups.SecurityGroupId()
#
# EKS Cluster
#
for eks_cluster_name, eks_cluster_configuration in resource_specs[
"cluster"].items():
# AWS EKS Cluster Dynamic Variables
resource_cluster_name = eks_cluster_name
resource_cluster_version = eks_cluster_configuration[
"version"] if "version" in eks_cluster_configuration else None
resource_cluster_role_arn = eks_cluster_configuration[
"role"] if "role" in eks_cluster_configuration else None
resource_cluster_subnets = eks_cluster_configuration[
"subnets"] if "subnets" in eks_cluster_configuration else None
resource_cluster_security_groups = eks_cluster_configuration[
"security_groups"] if "security_groups" in eks_cluster_configuration else None
resource_cluster_endpoint_private_access = eks_cluster_configuration[
"endpoint_private_access"] if "endpoint_private_access" in eks_cluster_configuration else None
resource_cluster_endpoint_public_access = eks_cluster_configuration[
"endpoint_public_access"] if "endpoint_public_access" in eks_cluster_configuration else None
resource_cluster_public_access_cidrs = eks_cluster_configuration[
"public_access_cidrs"] if "public_access_cidrs" in eks_cluster_configuration else None
resource_cluster_tags = None
resource_cluster_tags = eks_cluster_configuration[
"tags"] if "tags" in eks_cluster_configuration else None
# Getting list of tags from configuration file
cluster_tags_list = {}
if resource_cluster_tags is not None:
for each_tag_name, each_tag_value in resource_cluster_tags.items(
):
cluster_tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
cluster_tags_list.update({"Name": resource_cluster_name})
cluster_tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
cluster_tags_list.update(resource_mandatory_tags)
# Get EKS Cluster IAM Role
this_cluster_iam_role = aws_iam_role_arn[str(
resource_cluster_role_arn)]
# Getting the list of subnets needed for EKS Cluster
eks_cluster_subnets_list = []
for each_eks_cluster_subnet in resource_cluster_subnets:
eks_cluster_subnets_list.append(
aws_subnet_id[str(each_eks_cluster_subnet)])
# Getting security groups for EKS Cluster
eks_cluster_security_groups_list = []
for each_eks_cluster_security_group in resource_cluster_security_groups:
eks_cluster_security_groups_list.append(
aws_sgs_ids[str(each_eks_cluster_security_group)])
# Getting the list of public access cidrs for EKS Cluster
eks_cluster_public_access_cidrs_list = []
for each_eks_cluster_public_access_cidr in resource_cluster_public_access_cidrs:
eks_cluster_public_access_cidrs_list.append(
str(each_eks_cluster_public_access_cidr))
eks_cluster = eks.Cluster(
resource_cluster_name,
name=resource_cluster_name,
version=resource_cluster_version,
role_arn=this_cluster_iam_role,
vpc_config={
'endpoint_private_access':
resource_cluster_endpoint_private_access,
'endpoint_public_access':
resource_cluster_endpoint_public_access,
'subnet_ids': eks_cluster_subnets_list,
'security_group_ids': eks_cluster_security_groups_list,
'publicAccessCidrs': eks_cluster_public_access_cidrs_list,
},
tags=cluster_tags_list)
pulumi.export(eks_cluster._name, [
eks_cluster.id, eks_cluster.arn, eks_cluster.endpoint,
eks_cluster.certificate_authority
])
#
# EKS Node Groups
#
for eks_nodegroup_name, eks_nodegroup_configuration in eks_cluster_configuration[
"nodegroup"].items():
# AWS EKS Node Group Dynamic Variables
resource_nodegroup_name = eks_nodegroup_name
resource_nodegroup_role_arn = eks_nodegroup_configuration[
"role"] if "role" in eks_nodegroup_configuration else None
resource_nodegroup_subnets = eks_nodegroup_configuration[
"subnets"] if "subnets" in eks_nodegroup_configuration else None
resource_nodegroup_instance_type = eks_nodegroup_configuration[
"instance_type"] if "instance_type" in eks_nodegroup_configuration else None
resource_nodegroup_instance_disk_size = eks_nodegroup_configuration[
"instance_disk_size"] if "instance_disk_size" in eks_nodegroup_configuration else 40
resource_nodegroup_desired_size = eks_nodegroup_configuration[
"scaling"][
"desired_size"] if "desired_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_max_size = eks_nodegroup_configuration[
"scaling"][
"max_size"] if "max_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_min_size = eks_nodegroup_configuration[
"scaling"][
"min_size"] if "min_size" in eks_nodegroup_configuration[
"scaling"] else 3
resource_nodegroup_ami_type = eks_nodegroup_configuration[
"ami_type"] if "ami_type" in eks_nodegroup_configuration else None
resource_nodegroup_capacity_type = eks_nodegroup_configuration[
"capacity_type"] if "capacity_type" in eks_nodegroup_configuration else None
resource_tags = None
resource_tags = eks_nodegroup_configuration[
"tags"] if "tags" in eks_nodegroup_configuration else None
# Getting list of tags from configuration file
nodegroup_tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
nodegroup_tags_list.update(
{each_tag_name: each_tag_value})
# Adding mandatory tags
nodegroup_tags_list.update({"Name": resource_nodegroup_name})
nodegroup_tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
nodegroup_tags_list.update(resource_mandatory_tags)
# Getting the list of subnets needed for EKS Node Group
eks_nodegroup_subnets_list = []
if resource_nodegroup_subnets is not None:
for each_eks_nodegroup_subnet in resource_nodegroup_subnets:
eks_nodegroup_subnets_list.append(
aws_subnet_id[str(each_eks_nodegroup_subnet)])
# Get EKS Node Group IAM Role
this_nodegroup_iam_role = aws_iam_role_arn[str(
resource_nodegroup_role_arn)]
eks_node_group = eks.NodeGroup(
resource_nodegroup_name,
cluster_name=eks_cluster.name,
node_group_name=resource_nodegroup_name,
version=resource_cluster_version,
node_role_arn=this_nodegroup_iam_role,
subnet_ids=eks_nodegroup_subnets_list,
instance_types=resource_nodegroup_instance_type,
capacity_type=resource_nodegroup_capacity_type,
disk_size=resource_nodegroup_instance_disk_size,
ami_type=resource_nodegroup_ami_type,
scaling_config=eks.NodeGroupScalingConfigArgs(
desired_size=resource_nodegroup_desired_size,
max_size=resource_nodegroup_max_size,
min_size=resource_nodegroup_min_size,
),
tags=nodegroup_tags_list)
# Export
pulumi.export(eks_node_group._name, eks_node_group.id)
def Instance():
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
aws_keypair_id = KeyPairs.KeyPairId()
for ec2_instance_name, ec2_instance_configuration in resource_specs[
"instance"].items():
# AWS EC2 Dynamic Variables
resource_name = ec2_instance_name
resource_number_of_instances = ec2_instance_configuration[
"number_of_instances"] if "number_of_instances" in ec2_instance_configuration else 1
resource_ami = ec2_instance_configuration[
"ami"] if "ami" in ec2_instance_configuration else None
resource_instance_type = ec2_instance_configuration[
"instance_type"] if "instance_type" in ec2_instance_configuration else None
resource_subnet = ec2_instance_configuration[
"subnet"] if "subnet" in ec2_instance_configuration else None
resource_security_groups = ec2_instance_configuration[
"security_groups"] if "security_groups" in ec2_instance_configuration else None
resource_ebs_optimization = ec2_instance_configuration[
"ebs_optimization"] if "ebs_optimization" in ec2_instance_configuration else None
resource_root_disk_volume_type = ec2_instance_configuration[
"root_disk"][
"volume_type"] if "volume_type" in ec2_instance_configuration[
"root_disk"] else None
resource_root_disk_volume_size = ec2_instance_configuration[
"root_disk"][
"volume_size"] if "volume_size" in ec2_instance_configuration[
"root_disk"] else None
resource_additional_disks = ec2_instance_configuration[
"additional_disks"] if "additional_disks" in ec2_instance_configuration else None
resource_public_ipv4_address = ec2_instance_configuration[
"public_ipv4_address"] if "public_ipv4_address" in ec2_instance_configuration else None
resource_keypair = ec2_instance_configuration[
"ssh_key"] if "ssh_key" in ec2_instance_configuration else None
resource_user_data = ec2_instance_configuration[
"user_data"] if "user_data" in ec2_instance_configuration else None
resource_password_data = ec2_instance_configuration[
"password"] if "password" in ec2_instance_configuration else None
resource_tags = None
resource_tags = ec2_instance_configuration[
"tags"] if "tags" in ec2_instance_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
this_subnet = aws_subnet_id[str(resource_subnet)]
# Check if the KeyPair is provided or not
if resource_keypair is not None:
this_keypair = aws_keypair_id[str(resource_keypair)]
# Getting the list of security groups found
security_groups_list = []
for each_security_group_found in resource_security_groups:
this_security_group = aws_sg_id[str(each_security_group_found)]
security_groups_list.append(this_security_group)
for number_of_instances in range(
1,
int(resource_number_of_instances) + 1):
if resource_number_of_instances > 1:
resource_final_name = (
resource_name +
str("-" + str(number_of_instances)).zfill(4))
else:
resource_final_name = resource_name
#
# Create EC2
#
ec2_instance = ec2.Instance(
resource_final_name,
ami=resource_ami,
instance_type=resource_instance_type,
associate_public_ip_address=resource_public_ipv4_address,
subnet_id=this_subnet,
vpc_security_group_ids=security_groups_list,
key_name=this_keypair,
ebs_optimized=resource_ebs_optimization,
root_block_device={
"volume_type": resource_root_disk_volume_type,
"volume_size": resource_root_disk_volume_size
},
user_data=resource_user_data,
get_password_data=resource_password_data,
tags=tags_list)
#
# Additional Disks (EBS Volumes)
#
if resource_additional_disks is not None:
# This variable is used down below
# by Volume Attachment
additional_disks_found = 0
for additional_disk_name, additional_disk_config in resource_additional_disks.items(
):
if additional_disk_name is not None:
# Setting up the default values
# for each individual EBS volume
default_additional_disk_config_az = ec2_instance.availability_zone
default_additional_disk_config_type = "gp2"
default_additional_disk_config_size = 20
if additional_disk_config is not None:
additional_disk_config_az = additional_disk_config[
"availability_zone"] if "availability_zone" in additional_disk_config else default_additional_disk_config_az
additional_disk_config_type = additional_disk_config[
"volume_type"] if "volume_type" in additional_disk_config else default_additional_disk_config_type
additional_disk_config_size = additional_disk_config[
"volume_size"] if "volume_size" in additional_disk_config else default_additional_disk_config_size
else:
additional_disk_config_az = default_additional_disk_config_az
additional_disk_config_type = default_additional_disk_config_type
additional_disk_config_size = default_additional_disk_config_size
# Create EBS Volume
ebs_volume = ebs.Volume(
additional_disk_name,
availability_zone=additional_disk_config_az,
type=additional_disk_config_type,
size=additional_disk_config_size,
tags={
"Name": additional_disk_name,
})
#
# EBS Volume Attachment
#
additional_disks_letter = range(
98, 123) # Getting a letter between 'b' and 'z'
additional_disk_assigned_letter = additional_disks_letter[
additional_disks_found]
additional_disk_device_lettet = "/dev/sd{:c}".format(
additional_disk_assigned_letter)
ebs_attachment = ec2.VolumeAttachment(
(additional_disk_name + "-attachment"),
device_name=additional_disk_device_lettet,
volume_id=ebs_volume.id,
instance_id=ec2_instance.id)
additional_disks_found = additional_disks_found + 1
# NOTE EC2 ID Dictionary
# Update resource dictionaries
ec2_ids_dict.update({ec2_instance._name: ec2_instance.id})
# NOTE Values Test
# Print statements below are used only for
# testing the functionality, can be ignored
# print("Instance name:", ec2_instance._name)
# print("Instance ID:", ec2_instance.id)
# Export the name of each EC2 Instance
pulumi.export(
ec2_instance._name,
[{
"ID": ec2_instance.id,
"ARN": ec2_instance.arn,
"State": ec2_instance.instance_state,
"Password (Windows)": ec2_instance.password_data,
"Private DNS": ec2_instance.private_dns,
"Public DNS": ec2_instance.public_dns,
"Public IP": ec2_instance.public_ip,
"Primary ENI":
ec2_instance.primary_network_interface_id
}])
def Redis(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_elasticache_subnet_group_id = Elasticache.SubnetGroupId()
aws_sg_id = SecurityGroups.SecurityGroupId()
for elasticache_redis_name, elasticache_redis_configuration in resource_specs[
"redis"].items():
# AWS EC2 Dynamic Variables
resource_specific_type = "redis"
resource_name = elasticache_redis_name
resource_number_of_nodes = elasticache_redis_configuration[
"number_of_nodes"]
resource_node_type = elasticache_redis_configuration["node_type"]
resource_engine_version = elasticache_redis_configuration[
"engine_version"]
resource_port = elasticache_redis_configuration["port"]
resource_subnet_group = elasticache_redis_configuration[
"subnet_group"]
resource_parameter_group = elasticache_redis_configuration[
"parameter_group"]
resource_security_groups = elasticache_redis_configuration[
"security_groups"]
resource_tags = None
resource_tags = elasticache_redis_configuration[
"tags"] if "tags" in elasticache_redis_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
resource_security_groups_list = []
this_subnet_group = aws_elasticache_subnet_group_id[str(
resource_subnet_group)]
for each_security_group_found in resource_security_groups:
resource_security_groups_list.append(
aws_sg_id[str(each_security_group_found)])
# this_security_group = aws_sg_id[str(resource_security_groups)]
redis = elasticache.Cluster(
resource_name,
engine=resource_specific_type,
num_cache_nodes=resource_number_of_nodes,
node_type=resource_node_type,
engine_version=resource_engine_version,
port=resource_port,
subnet_group_name=this_subnet_group,
parameter_group_name=resource_parameter_group,
security_group_ids=resource_security_groups_list,
tags=tags_list)
def __init__(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
# aws_keypair_id = KeyPairs.KeyPairId()
for efs_name, efs_configuration in resource_specs.items():
# Resource Name
resource_name = efs_name
# File System Configuration and its Default values
resource_file_system = efs_configuration["file-system"] if "file-system" in efs_configuration else None
resource_file_system_encryption = resource_file_system["encrypted"] if "encrypted" in resource_file_system else True
resource_file_system_performance_mode = resource_file_system["performance_mode"] if "performance_mode" in resource_file_system else "generalPurpose"
# Target Configuration and its Default values
resource_target = efs_configuration["target"] if "target" in efs_configuration else None
resource_target_vpc = resource_target["vpc"] if "vpc" in resource_target else None
resource_target_subnets = resource_target["subnets"] if "subnets" in resource_target else None
resource_target_security_groups = resource_target["security_groups"] if "security_groups" in resource_target else None
# Resource Tags and its Default values
resource_tags = None
resource_tags = efs_configuration["tags"] if "tags" in efs_configuration else None
# Get the list of subnets from the configuration file
# subnets_list = []
# for each_subnet_found in resource_target_subnets:
# this_subnet = aws_subnet_id[str(each_subnet_found)]
# subnets_list.append(this_subnet)
# Getting the list of security groups found
security_groups_list = []
for each_security_group_found in resource_target_security_groups:
this_security_group = aws_sg_id[str(each_security_group_found)]
security_groups_list.append(this_security_group)
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
#
# Create EFS Resource
#
# EFS File System
efs_file_system = efs.FileSystem(
resource_name,
encrypted = resource_file_system_encryption,
performance_mode = resource_file_system_performance_mode,
tags = tags_list,
)
# Return a list of all EFSs created
efs_ids_dict.update({efs_file_system._name: efs_file_system.id})
# Create Target(s) based on the number of
# Subnets found in the configuration file
target_index = 0
for each_subnet in resource_target_subnets:
target_index = target_index + 1
this_subnet = aws_subnet_id[str(each_subnet)]
target_name = (resource_name+str("-target-" + str(target_index).zfill(2)))
efs_target = efs.MountTarget(
target_name,
file_system_id = efs_file_system.id,
subnet_id = this_subnet,
security_groups = security_groups_list
)
def ALB(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_subnet_id = Subnets.SubnetId()
aws_sg_id = SecurityGroups.SecurityGroupId()
for alb_name, alb_configuration in resource_specs["alb"].items():
# AWS ALB Dynamic Variables
resource_specific_type = "alb"
resource_name = alb_name
resource_subnets = alb_configuration[
"subnets"] if "subnets" in alb_configuration else None
resource_security_groups = alb_configuration[
"security_groups"] if "security_groups" in alb_configuration else None
resource_deletion_protection = alb_configuration[
"deletion_protection"] if "deletion_protection" in alb_configuration else None
resource_exposure = alb_configuration[
"exposure"] if "exposure" in alb_configuration else None
resource_http2 = alb_configuration[
"http2"] if "http2" in alb_configuration else None
resource_idle_timeout = alb_configuration[
"idle_timeout"] if "idle_timeout" in alb_configuration else None
resource_listeners = alb_configuration[
"listeners"] if "listeners" in alb_configuration else None
resource_tags = None
resource_tags = alb_configuration[
"tags"] if "tags" in alb_configuration else None
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({
"Project/Stack":
pulumi.get_project() + "/" + pulumi.get_stack()
})
tags_list.update(resource_mandatory_tags)
resource_subnets_list = []
for each_subnet_found in resource_subnets:
resource_subnets_list.append(
aws_subnet_id[str(each_subnet_found)])
resource_security_groups_list = []
for each_security_group_found in resource_security_groups:
resource_security_groups_list.append(
aws_sg_id[str(each_security_group_found)])
# ALB exposure [internal|external]
# - internal for private connections (VPN, TGW etc.)
# - external for internet-facing / publicly exposed load balancers
if resource_exposure is not None:
if resource_exposure == "internal":
resource_exposure is False
elif resource_exposure == "external":
resource_exposure is True
else:
resource_exposure = None
# NOTE: Work in progress
# Listeners [http|https]
# if resource_listeners is not None:
# # print("Found listeners")
# for listener_protocol in resource_listeners.items():
# print(listener_protocol)
# if listener_protocol[0] == "http":
# print("HTTP Found")
# elif listener_protocol[0] == "https":
# print("HTTPS Found")
# else:
# print("No valid ALB listener found, must be 'http' or 'https'")
# FIXME:
# This needs to be reviewed as currently the subnets
# are being added in a non-dynamic fashion
alb = lb.LoadBalancer(
resource_name,
load_balancer_type="application",
name=resource_name,
subnet_mappings=[
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[0], ),
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[1], ),
lb.LoadBalancerSubnetMappingArgs(
subnet_id=resource_subnets_list[2], ),
],
security_groups=resource_security_groups_list,
enable_deletion_protection=resource_deletion_protection,
internal=bool(resource_exposure),
enable_http2=resource_http2,
idle_timeout=resource_idle_timeout,
tags=tags_list)
def Cluster(self):
resource_specs = ParseYAML(resource_type).getSpecs()
aws_docdb_sng_id = DocumentDB.SubnetGroupId()
aws_docdb_pg_id = DocumentDB.ParameterGroupId()
aws_sg_id = SecurityGroups.SecurityGroupId()
for docdb_name, docdb_configuration in resource_specs["cluster"].items():
# AWS DocumentDB Dynamic Variables
resource_name = (docdb_name + "-cluster")
resource_identifier = (docdb_name + "-cluster")
resource_engine = docdb_configuration["engine"]
resource_engine_version = docdb_configuration["engine_version"]
resource_az = docdb_configuration["az"]
resource_subnet_group = docdb_configuration["subnet_group"]
resource_parameter_group = docdb_configuration["parameter_group"]
resource_security_groups = docdb_configuration["security_groups"]
resource_port = docdb_configuration["port"]
resource_master_username = docdb_configuration["master_username"]
resource_master_password = docdb_configuration["master_password"]
resource_backup_retention_period = docdb_configuration["backup_retention_period"]
resource_preferred_backup_window = docdb_configuration["preferred_backup_window"]
resource_preferred_maintenance_window = docdb_configuration["preferred_maintenance_window"]
resource_deletion_protection = docdb_configuration["deletion_protection"]
resource_apply_immediately = docdb_configuration["apply_immediately"]
resource_skip_final_snapshot = docdb_configuration["skip_final_snapshot"]
resource_tags = None
resource_tags = docdb_configuration["tags"] if "tags" in docdb_configuration else None
this_subnet_group = aws_docdb_sng_id[str(resource_subnet_group)]
this_parameter_group = aws_docdb_pg_id[str(resource_parameter_group)]
security_groups_list = []
# Get the password from Pulumi Config
resource_retrieved_password = config.require_secret(resource_master_password)
# Getting list of tags from configuration file
tags_list = {}
if resource_tags is not None:
for each_tag_name, each_tag_value in resource_tags.items():
tags_list.update({each_tag_name: each_tag_value})
# Adding mandatory tags
tags_list.update({"Name": resource_name})
tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
tags_list.update(resource_mandatory_tags)
for each_security_group_found in resource_security_groups:
this_security_group = aws_sg_id[str(each_security_group_found)]
security_groups_list.append(this_security_group)
documentdb = docdb.Cluster(
resource_name,
cluster_identifier = resource_identifier,
engine = resource_engine,
engine_version = resource_engine_version,
availability_zones = resource_az,
db_subnet_group_name = this_subnet_group,
db_cluster_parameter_group_name = this_parameter_group,
vpc_security_group_ids = security_groups_list,
port = resource_port,
master_username = resource_master_username,
master_password = resource_retrieved_password,
backup_retention_period = resource_backup_retention_period,
preferred_backup_window = resource_preferred_backup_window,
preferred_maintenance_window = resource_preferred_maintenance_window,
deletion_protection = resource_deletion_protection,
skip_final_snapshot = resource_skip_final_snapshot,
apply_immediately = resource_apply_immediately,
tags = tags_list
)
for number_of_instances in range (1, int(docdb_configuration["instances"]["number_of_instances"])+1):
resource_instance_name = (docdb_name + "-instance" + str("-" + str(number_of_instances)).zfill(4))
resource_instance_class = docdb_configuration["instances"]["instance_class"]
instance_tags_list = {}
instance_tags_list.update({"Name": resource_instance_name})
instance_tags_list.update({"Project/Stack": pulumi.get_project() + "/" + pulumi.get_stack()})
instance_tags_list.update(resource_mandatory_tags)
cluster_instance = docdb.ClusterInstance(
resource_instance_name,
identifier = resource_instance_name,
cluster_identifier = documentdb.id,
instance_class = resource_instance_class,
tags = instance_tags_list
)
pulumi.export(documentdb._name, [("Cluster ID:", documentdb.id), ("Cluster Endpoint:", documentdb.endpoint)])