def configure_instance_security(self, parameters): """ Setup EC2 security keys and groups. Required input values are read from the parameters dictionary. More specifically, this method expects to find a 'keyname' parameter and a 'group' parameter in the parameters dictionary. Using these provided values, this method will create a new EC2 key-pair and a security group. Security group will be granted permissions to access any port on the instantiated VMs. (Also see documentation for the BaseAgent class) Args: parameters A dictionary of parameters """ keyname = parameters[self.PARAM_KEYNAME] group = parameters[self.PARAM_GROUP] ssh_key = os.path.abspath('/etc/appscale/keys/cloud1/{0}.key'.format(keyname)) utils.log('About to spawn EC2 instances - Expecting to find a key at {0}'.format(ssh_key)) utils.log(utils.get_obscured_env(['EC2_ACCESS_KEY', 'EC2_SECRET_KEY'])) if not os.path.exists(ssh_key): utils.log('Creating keys/security group') ec2_output = '' while True: ec2_output = utils.shell('{0}-add-keypair {1} 2>&1'.format(self.prefix, keyname)) if ec2_output.find('BEGIN RSA PRIVATE KEY') != -1: break utils.log('Trying again. Saw this from {0}-add-keypair: {1}'.format( self.prefix, ec2_output)) utils.shell('{0}-delete-keypair {1} 2>&1'.format(self.prefix, keyname)) utils.write_key_file(ssh_key, ec2_output) utils.shell('{0}-add-group {1} -d appscale 2>&1'.format(self.prefix, group)) utils.shell('{0}-authorize {1} -p 1-65535 -P udp 2>&1'.format(self.prefix, group)) utils.shell('{0}-authorize {1} -p 1-65535 -P tcp 2>&1'.format(self.prefix, group)) utils.shell('{0}-authorize {1} -s 0.0.0.0/0 -P icmp -t -1:-1 2>&1'.format(self.prefix, group)) return True else: utils.log('Not creating keys/security group') return False
def test_get_obscured_env(self): result = utils.get_obscured_env() self.assertTrue(result is not None and len(result) > 0) environ['TEST_VAR_1'] = 'forward_unto_dawn' environ['TEST_VAR_2'] = 'truth_and_reconciliation' result = utils.get_obscured_env() self.assertTrue(result.find('forward_unto_dawn') != -1) self.assertTrue(result.find('truth_and_reconciliation') != -1) result = utils.get_obscured_env(['TEST_VAR_1']) self.assertTrue(result.find('TEST_VAR_1=*************dawn') != -1) self.assertTrue(result.find('forward_unto_dawn') == -1) result = utils.get_obscured_env(['TEST_VAR_1', 'TEST_VAR_2']) self.assertTrue(result.find('TEST_VAR_1=*************dawn') != -1) self.assertTrue(result.find('TEST_VAR_2=********************tion') != -1) self.assertTrue(result.find('forward_unto_dawn') == -1) self.assertTrue(result.find('truth_and_reconciliation') == -1) original = utils.get_obscured_env() result = utils.get_obscured_env(['NON_EXISTING_BOGUS_VARIABLE']) self.assertEquals(original, result)