def __initializeResources(self):
self.vpc = VPC(self.cidrBlock)
self.igw = IGW()
self.igwVpcAssoc = IgwVpcAssoc()
self.pubRouteTable = RouteTable("public")
self.pubRoute = Route("publicRoute", self.pubRouteTable,
self.cidrBlock)
self.subnet = Subnet("subnet1", self.cidrBlock, self.az)
self.routeTableAssociation = RouteTableAssociation(
"public", self.subnet, self.pubRouteTable)
self.securitygroup = SecurityGroup("test", self.vpc)
self.instance = Ec2Instance("test-name", "ami-12345", "t2.micro",
"key.pem", self.subnet, self.securitygroup,
False, "192.168.007.007")
def build_graph(icp_config, aws_profile, **kwargs):
"""
Builds graphs for all of the ICP stacks
Args:
icp_config (dict): dictionary representation of `default.yml`
aws_profile (str): name of AWS profile to use for authentication
"""
if kwargs['stack_color'] is not None:
icp_config['StackColor'] = kwargs['stack_color'].capitalize()
global_config = GlobalConfigNode(**icp_config)
vpc = VPC(globalconfig=global_config, aws_profile=aws_profile)
data_plane = DataPlane(globalconfig=global_config, VPC=vpc,
aws_profile=aws_profile)
application = Application(globalconfig=global_config, VPC=vpc,
DataPlane=data_plane,
aws_profile=aws_profile)
worker = Worker(globalconfig=global_config, VPC=vpc,
DataPlane=data_plane, aws_profile=aws_profile)
public_hosted_zone = PublicHostedZone(globalconfig=global_config,
Application=application,
aws_profile=aws_profile)
return data_plane, application, worker, public_hosted_zone
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# The code that defines your stack goes here
vpc01 = VPC(self,
'vpc01',
cidr_block='10.0.0.0/16',
enable_dns_hostnames=True,
enable_dns_support=True,
instance_tenancy='default',
tags={
'vpc': [{
'key': 'AAAA',
'value': 'test'
}],
'internetgateway': [{
'key': 'FFFF',
'value': 'test'
}],
})
Subnet(self,
'subnet01',
vpc_id=vpc01.vpc,
cidr_block='10.0.0.0/24',
availability_zone='ap-northeast-1a')
RouteTable(self,
'routetable01',
vpc_id=vpc01.vpc,
internetgateway_id=vpc01.internetgateway)
def __initializeResources(self):
self.vpc = VPC(self.cidrBlock)
self.igw = IGW()
self.igwVpcAssoc = IgwVpcAssoc()
self.pubRouteTable = RouteTable("public")
self.pubRoute = Route("publicRoute", self.pubRouteTable, self.cidrBlock)
self.subnet = Subnet("subnet1", self.cidrBlock, self.az)
self.routeTableAssociation = RouteTableAssociation("public", self.subnet, self.pubRouteTable)
self.securitygroup = SecurityGroup("test", self.vpc)
self.instance = Ec2Instance("test-name", "ami-12345", "t2.micro", "key.pem", self.subnet, self.securitygroup, False, "192.168.007.007")
def build_graph(mmw_config, aws_profile, **kwargs):
"""
Builds graphs for all of the MMW stacks
Args:
mmw_config (dict): dictionary representation of `default.yml`
aws_profile (str): name of AWS profile to use for authentication
"""
if kwargs['stack_color'] is not None:
mmw_config['StackColor'] = kwargs['stack_color'].capitalize()
global_config = GlobalConfigNode(**mmw_config)
vpc = VPC(globalconfig=global_config, aws_profile=aws_profile)
s3_vpc_endpoint = S3VPCEndpoint(globalconfig=global_config,
VPC=vpc,
aws_profile=aws_profile)
private_hosted_zone = PrivateHostedZone(globalconfig=global_config,
VPC=vpc,
aws_profile=aws_profile)
data_plane = DataPlane(globalconfig=global_config,
VPC=vpc,
PrivateHostedZone=private_hosted_zone,
aws_profile=aws_profile)
tiler = Tiler(globalconfig=global_config,
VPC=vpc,
aws_profile=aws_profile,
DataPlane=data_plane)
tile_delivery_network = TileDeliveryNetwork(
globalconfig=global_config,
VPC=vpc,
PrivateHostedZone=private_hosted_zone, # NOQA
aws_profile=aws_profile)
application = Application(globalconfig=global_config,
VPC=vpc,
DataPlane=data_plane,
TileDeliveryNetwork=tile_delivery_network,
aws_profile=aws_profile)
worker = Worker(globalconfig=global_config,
VPC=vpc,
DataPlane=data_plane,
aws_profile=aws_profile)
public_hosted_zone = PublicHostedZone(globalconfig=global_config,
Application=application,
aws_profile=aws_profile)
return vpc, s3_vpc_endpoint, data_plane, tiler, application, \
worker, public_hosted_zone
class PubVPCCfnGenerator:
def __init__(self, cidrBlock, az):
self.cidrBlock = cidrBlock
self.az = az
self.__initializeResources()
self.__generateCfnConfiguration()
def __initializeResources(self):
self.vpc = VPC(self.cidrBlock)
self.igw = IGW()
self.igwVpcAssoc = IgwVpcAssoc()
self.pubRouteTable = RouteTable("public")
self.pubRoute = Route("publicRoute", self.pubRouteTable,
self.cidrBlock)
self.subnet = Subnet("subnet1", self.cidrBlock, self.az)
self.routeTableAssociation = RouteTableAssociation(
"public", self.subnet, self.pubRouteTable)
self.securitygroup = SecurityGroup("test", self.vpc)
self.instance = Ec2Instance("test-name", "ami-12345", "t2.micro",
"key.pem", self.subnet, self.securitygroup,
False, "192.168.007.007")
def __generateCfnConfiguration(self):
self.cfnConfiguration = self.vpc.getVPCTeplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.igw.getIGWTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.igwVpcAssoc.getIgwVpcAssociationTemplate(
)
self.cfnConfiguration += ","
self.cfnConfiguration += self.pubRouteTable.getRouteTableTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.routeTableAssociation.getRouteTableAssociationTemplate(
)
self.cfnConfiguration += ","
self.cfnConfiguration += self.pubRoute.getRouteTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.securitygroup.getSecurityGroupTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.instance.getEc2InstanceTemplate()
def getCfnConfiguration(self):
return self.cfnConfiguration
def build_stacks(options, stack_type, stack_color):
"""
Given options, the stack type, and an optional stack color, build
the stack graph and launch the stacks.
If the stack color is specified, this will build the full stack.
If it is not, it will only build up to the data plane node.
"""
options['StackType'] = stack_types[stack_type.lower()]
if stack_color:
options['StackColor'] = stack_colors[stack_color.lower()]
g = GlobalConfigNode(**options)
v = VPC(globalconfig=g)
hs = R53PrivateHostedZone(globalconfig=g, VPC=v)
d = DataPlaneGenerator(globalconfig=g, VPC=v, R53PrivateHostedZone=hs)
if not stack_color:
d.go()
else:
if options['StackColor'] != 'Orange':
OtpServerStack(globalconfig=g, VPC=v, DataPlane=d).go()
WebServerStack(globalconfig=g, VPC=v, DataPlane=d).go()
class SingleCfnGenerator:
def __init__(self, cidrBlock):
self.cidrBlock = cidrBlock
self.__initializeResources()
self.__generateCfnConfiguration()
def __initializeResources(self):
self.vpc = VPC(self.cidrBlock)
self.igw = IGW()
self.igwVpcAssoc = IgwVpcAssoc()
def __generateCfnConfiguration(self):
self.cfnConfiguration = self.vpc.getVPCTeplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.igw.getIGWTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.igwVpcAssoc.getIgwVpcAssociationTemplate(
)
def getCfnConfiguration(self):
return self.cfnConfiguration
class SingleCfnGenerator:
def __init__(self, cidrBlock):
self.cidrBlock = cidrBlock
self.__initializeResources()
self.__generateCfnConfiguration()
def __initializeResources(self):
self.vpc = VPC(self.cidrBlock)
self.igw = IGW()
self.igwVpcAssoc = IgwVpcAssoc()
def __generateCfnConfiguration(self):
self.cfnConfiguration = self.vpc.getVPCTeplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.igw.getIGWTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.igwVpcAssoc.getIgwVpcAssociationTemplate()
def getCfnConfiguration(self):
return self.cfnConfiguration
class PubVPCCfnGenerator:
def __init__(self, cidrBlock, az):
self.cidrBlock = cidrBlock
self.az = az
self.__initializeResources()
self.__generateCfnConfiguration()
def __initializeResources(self):
self.vpc = VPC(self.cidrBlock)
self.igw = IGW()
self.igwVpcAssoc = IgwVpcAssoc()
self.pubRouteTable = RouteTable("public")
self.pubRoute = Route("publicRoute", self.pubRouteTable, self.cidrBlock)
self.subnet = Subnet("subnet1", self.cidrBlock, self.az)
self.routeTableAssociation = RouteTableAssociation("public", self.subnet, self.pubRouteTable)
self.securitygroup = SecurityGroup("test", self.vpc)
self.instance = Ec2Instance("test-name", "ami-12345", "t2.micro", "key.pem", self.subnet, self.securitygroup, False, "192.168.007.007")
def __generateCfnConfiguration(self):
self.cfnConfiguration = self.vpc.getVPCTeplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.igw.getIGWTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.igwVpcAssoc.getIgwVpcAssociationTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.pubRouteTable.getRouteTableTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.routeTableAssociation.getRouteTableAssociationTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.pubRoute.getRouteTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.securitygroup.getSecurityGroupTemplate()
self.cfnConfiguration += ","
self.cfnConfiguration += self.instance.getEc2InstanceTemplate()
def getCfnConfiguration(self):
return self.cfnConfiguration
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
# The code that defines your stack goes here
# vpc network
vpc = VPC(self,
'vpc',
cidr_block='10.0.0.0/16',
enable_dns_hostnames=True,
enable_dns_support=True,
tags=[{
'key': 'Name',
'value': 'vpc'
}])
internetgateway = InternetGateway(self,
'internetgateway',
vpc_id=vpc.vpc,
tags=[{
'key': 'Name',
'value': 'internetgateway'
}])
# public network
publicsubnet01 = Subnet(self,
'publicsubnet01',
vpc_id=vpc.vpc,
cidr_block='10.0.0.0/24',
availability_zone='ap-northeast-1a',
tags=[{
'key': 'Name',
'value': 'publicsubnet01'
}])
publicsubnet02 = Subnet(self,
'publicsubnet02',
vpc_id=vpc.vpc,
cidr_block='10.0.1.0/24',
availability_zone='ap-northeast-1c',
tags=[{
'key': 'Name',
'value': 'publicsubnet02'
}])
publicsubnet03 = Subnet(self,
'publicsubnet03',
vpc_id=vpc.vpc,
cidr_block='10.0.2.0/24',
availability_zone='ap-northeast-1d',
tags=[{
'key': 'Name',
'value': 'publicsubnet03'
}])
publicroutetable01 = RouteTable(self,
'publicroutetable01',
vpc_id=vpc.vpc,
tags=[{
'key': 'Name',
'value': 'publicroutetable01'
}])
publicroutetable02 = RouteTable(self,
'publicroutetable02',
vpc_id=vpc.vpc,
tags=[{
'key': 'Name',
'value': 'publicroutetable02'
}])
publicroutetable03 = RouteTable(self,
'publicroutetable03',
vpc_id=vpc.vpc,
tags=[{
'key': 'Name',
'value': 'publicroutetable03'
}])
Route(self,
'publicroute01',
internetgateway_id=internetgateway.internetgateway,
routetable_id=publicroutetable01.routetable)
Route(self,
'publicroute02',
internetgateway_id=internetgateway.internetgateway,
routetable_id=publicroutetable02.routetable)
Route(self,
'publicroute03',
internetgateway_id=internetgateway.internetgateway,
routetable_id=publicroutetable03.routetable)
SubnetRouteTableAssociation(
self,
'publicsubnetroutetableassociation01',
route_table_id=publicroutetable01.routetable,
subnet_id=publicsubnet01.subnet)
SubnetRouteTableAssociation(
self,
'publicsubnetroutetableassociation02',
route_table_id=publicroutetable02.routetable,
subnet_id=publicsubnet02.subnet)
SubnetRouteTableAssociation(
self,
'publicsubnetroutetableassociation03',
route_table_id=publicroutetable03.routetable,
subnet_id=publicsubnet03.subnet)
# private network
privatesubnet01 = Subnet(self,
'privatesubnet01',
vpc_id=vpc.vpc,
cidr_block='10.0.10.0/24',
availability_zone='ap-northeast-1a',
tags=[{
'key': 'Name',
'value': 'privatesubnet01'
}])
privatesubnet02 = Subnet(self,
'privatesubnet02',
vpc_id=vpc.vpc,
cidr_block='10.0.11.0/24',
availability_zone='ap-northeast-1c',
tags=[{
'key': 'Name',
'value': 'privatesubnet02'
}])
privatesubnet03 = Subnet(self,
'privatesubnet03',
vpc_id=vpc.vpc,
cidr_block='10.0.12.0/24',
availability_zone='ap-northeast-1d',
tags=[{
'key': 'Name',
'value': 'privatesubnet03'
}])
privateroutetable01 = RouteTable(self,
'privateroutetable01',
vpc_id=vpc.vpc,
tags=[{
'key': 'Name',
'value': 'privateroutetable01'
}])
privateroutetable02 = RouteTable(self,
'privateroutetable02',
vpc_id=vpc.vpc,
tags=[{
'key': 'Name',
'value': 'privateroutetable02'
}])
privateroutetable03 = RouteTable(self,
'privateroutetable03',
vpc_id=vpc.vpc,
tags=[{
'key': 'Name',
'value': 'privateroutetable03'
}])
SubnetRouteTableAssociation(
self,
'privatesubnetroutetableassociation01',
route_table_id=privateroutetable01.routetable,
subnet_id=privatesubnet01.subnet)
SubnetRouteTableAssociation(
self,
'privatesubnetroutetableassociation02',
route_table_id=privateroutetable02.routetable,
subnet_id=privatesubnet02.subnet)
SubnetRouteTableAssociation(
self,
'privatesubnetroutetableassociation03',
route_table_id=privateroutetable03.routetable,
subnet_id=privatesubnet03.subnet)
eip01 = EIP(self, 'eip01', tags=[{'key': 'Name', 'value': 'eip01'}])
eip02 = EIP(self, 'eip02', tags=[{'key': 'Name', 'value': 'eip02'}])
eip03 = EIP(self, 'eip03', tags=[{'key': 'Name', 'value': 'eip03'}])
NatGateway(self,
'natgateway01',
eip_attr_allocation_id=eip01.eip,
subnet_id=publicsubnet01.subnet,
tags=[{
'key': 'Name',
'value': 'natgateway01'
}])
NatGateway(self,
'natgateway02',
eip_attr_allocation_id=eip02.eip,
subnet_id=publicsubnet02.subnet,
tags=[{
'key': 'Name',
'value': 'natgateway02'
}])
NatGateway(self,
'natgateway03',
eip_attr_allocation_id=eip03.eip,
subnet_id=publicsubnet03.subnet,
tags=[{
'key': 'Name',
'value': 'natgateway03'
}])
# isolate network
Subnet(self,
'isolatesubnet01',
vpc_id=vpc.vpc,
cidr_block='10.0.20.0/24',
availability_zone='ap-northeast-1a',
tags=[{
'key': 'Name',
'value': 'isolatesubnet01'
}])
Subnet(self,
'isolatesubnet02',
vpc_id=vpc.vpc,
cidr_block='10.0.21.0/24',
availability_zone='ap-northeast-1c',
tags=[{
'key': 'Name',
'value': 'isolatesubnet02'
}])
Subnet(self,
'isolatesubnet03',
vpc_id=vpc.vpc,
cidr_block='10.0.22.0/24',
availability_zone='ap-northeast-1d',
tags=[{
'key': 'Name',
'value': 'isolatesubnet03'
}])
def main():
# Create a VPC
ec2_client = EC2Client().get_client()
vpc = VPC(ec2_client)
vpc_response = vpc.create_vpc()
print('VPC created:' + str(vpc_response))
# Add name tag to VPC
vpc_name = 'Boto3-VPC'
vpc_id = vpc_response['Vpc']['VpcId']
vpc.add_name_tag(vpc_id, vpc_name)
print('Added ' + vpc_name + ' to ' + vpc_id)
# Create an IGW
igw_response = vpc.create_internet_gateway()
igw_id = igw_response['InternetGateway']['InternetGatewayId']
vpc.attach_igw_to_vpc(vpc_id, igw_id)
# Create a public subnet
public_subnet_response = vpc.create_subnet(vpc_id, '10.0.1.0/24')
public_subnet_id = public_subnet_response['Subnet']['SubnetId']
print('Subnet created for VPC ' + vpc_id + ':' +
str(public_subnet_response))
# Add name tag to Public Subnet
vpc.add_name_tag(public_subnet_id, 'Boto3-Public-Subnet')
# Create a public route table
public_route_table_response = vpc.create_public_route_table(vpc_id)
rtb_id = public_route_table_response['RouteTable']['RouteTableId']
# Adding the IGW to public route table
vpc.create_igw_route_to_public_route_table(rtb_id, igw_id)
# Associate Public Subnet with Route Table
vpc.associate_subnet_with_route_table(public_subnet_id, rtb_id)
# Allow auto-assign public ip addresses for subnet
vpc.allow_auto_assign_ip_addresses_for_subnet(public_subnet_id)
# Create a Private Subnet
private_subnet_response = vpc.create_subnet(vpc_id, '10.0.2.0/24')
private_subnet_id = private_subnet_response['Subnet']['SubnetId']
print('Created private subnet ' + private_subnet_id + ' for VPC ' + vpc_id)
# Add name tag to private subnet
vpc.add_name_tag(private_subnet_id, 'Boto3-Private-Subnet')
# EC2 Instances
ec2 = EC2(ec2_client)
# Create a key pair
key_pair_name = 'Boto3-KeyPair'
key_pair_response = ec2.create_key_pair(key_pair_name)
print('Created Key Pair with name ' + key_pair_name + ':' +
str(key_pair_response))
# Create a Security Group
public_security_group_name = 'Boto3-Public-SG'
public_security_group_description = 'Public Security Group for Public Subnet Internet Access'
public_security_group_response = ec2.create_security_group(
public_security_group_name, public_security_group_description, vpc_id)
public_security_group_id = public_security_group_response['GroupId']
# Add Public Access to Security Group
ec2.add_inbound_rule_to_sg(public_security_group_id)
print('Added public access rule to Security Group ' +
public_security_group_name)
user_data = """#!/bin/bash
yum update -y
yum install httpd24 -y
service httpd start
chkconfig httpd on
echo "<html><body><h1>Hello from <b>Boto3</b> using Python!</h1></body></html>" > /var/www/html/index.html"""
ami_id = 'ami-1b316af0'
# Launch a public EC2 Instance
ec2.launch_ec2_instance(ami_id, key_pair_name, 1, 1,
public_security_group_id, public_subnet_id,
user_data)
print('Launching Public EC2 Instance using AMI ' + ami_id)
# Adding another Security Group for Private EC2 Instance
private_security_group_name = 'Boto3-Private-SG'
private_security_group_description = 'Private Security Group for Private Subnet'
private_security_group_response = ec2.create_security_group(
private_security_group_name, private_security_group_description,
vpc_id)
private_security_group_id = private_security_group_response['GroupId']
# Add rule to private security group
ec2.add_inbound_rule_to_sg(private_security_group_id)
# Launch a private EC2 Instance
ec2.launch_ec2_instance(ami_id, key_pair_name, 1, 1,
private_security_group_id, private_subnet_id,
"""""")
print('Launching Private EC2 Instance using AMI' + ami_id)
def __initializeResources(self):
self.vpc = VPC(self.cidrBlock)
self.igw = IGW()
self.igwVpcAssoc = IgwVpcAssoc()
import sys
sys.path.append("/vagrant/src/aws_resources")
from vpc import VPC
from igw import IGW
vpc = VPC("10.0.1.0/16")
vpc.setId("vpcDummy")
igw = IGW(vpc)
igwTemplate = igw.getIGWTemplate()
print igwTemplate
def __initializeResources(self):
self.vpc = VPC(self.cidrBlock)
self.igw = IGW()
self.igwVpcAssoc = IgwVpcAssoc()
import sys
sys.path.append("/vagrant/src/aws_resources")
from vpc import VPC
vpc = VPC("10.0.1.0/16")
vpcTemplate = vpc.getVPCTeplate()
print vpcTemplate
class RDS():
def __init__(self, args):
self.args = args
self.vpc = VPC(self.args)
self.route53 = ROUTE53(self.args)
self.client = boto3.client('rds', region_name=self.args.aws_region)
def set_new_instance_attributes(self):
now = str(time.time()).split('.')[0]
if not self.args.from_snapshot:
target_attributes = self.get_target_instance_attributes(
self.args.target_instance)
target_name = target_attributes['DBInstanceIdentifier']
else:
target_name = self.args.target_instance
# Get security group IDs based on the security group names specified
# Otherwise, use the target instance's security group IDs
# Specify security group names if you are restoring to a different VPC
if self.args.security_group_names:
if self.args.vpc_tag_name:
vpc_id = self.vpc.get_vpc_id_by_name_tag(
self.args.vpc_tag_name)
security_group_ids = self.vpc.get_security_groups(
vpc_id, self.args.security_group_names)
else:
logging.critical(
"You must specifiy a VPC Name Tag to search for when using the -S option. Exiting"
)
sys.exit(1)
else:
security_group_ids = [
vsg['VpcSecurityGroupId']
for vsg in target_attributes['VpcSecurityGroups']
]
# Set the DB Subnet group if specified - otherwise, use the target instance's
if self.args.subnet_group_name:
db_subnet_group = self.args.subnet_group_name
else:
db_subnet_group = target_attributes['DBSubnetGroup'][
'DBSubnetGroupName']
if self.args.db_param_group:
db_param_group = self.args.db_param_group
else:
db_param_group = target_attributes['DBParameterGroups'][0][
'DBParameterGroupName']
# Set the Route53 Hosted Zone ID
if self.args.zone_match_string and not self.args.zone_id:
zone_id = self.route53.get_route53_zone_id(
self.args.zone_match_string)
elif self.args.zone_id and not self.args.zone_match_string:
zone_id = self.args.zone_id
else:
logging.critical(
'You must use --zone-id or --match-zone in order for DNS update to work. Both cannot be specified at the same time. Exiting.'
)
sys.exit(1)
# If prefix is specified, prepend it to the new_instance_name
if self.args.prefix:
new_instance_base = "%s-%s" % (self.args.prefix, target_name)
else:
new_instance_base = target_name
new_instance_name = "%s-%s" % (new_instance_base, now)
tag_key = "%s-automated-restore" % new_instance_base
tags = [{
'Key': f'{new_instance_base}-automated-restore',
'Value': 'true'
}]
if self.args.src_rds_snapshot == None:
source_rds = target_name
else:
source_rds = self.args.src_rds_snapshot
restore_snapshot_id = self.get_recent_rds_snapshot(
self.args.snapshot_type, source_rds)
new_instance_attributes = {
'name':
new_instance_name,
'existing_instances':
self.find_snapshot_restored_instances(new_instance_base),
'security_group_ids':
security_group_ids,
'db_subnet_group':
db_subnet_group,
'db_param_group':
db_param_group,
'zone_id':
zone_id,
'instance_class':
self.args.instance_class,
'restore_snapshot_id':
restore_snapshot_id,
'snapshot_type':
self.args.snapshot_type,
'dns_suffix':
self.args.dns_suffix,
'cname_name':
self.args.cname_name,
'publicly_accessible':
False,
'multi_az':
False,
'region':
self.args.aws_region,
'auto_minor_version_upgrade':
False,
'tags':
tags
}
return new_instance_attributes
def get_target_instance_attributes(self, instance_identifier):
response = self.client.describe_db_instances(
DBInstanceIdentifier=instance_identifier)
if response:
return response['DBInstances'][0]
else:
logging.critical(
"Could not find an instance that matches %s. Exiting." %
instance_identifier)
sys.exit(1)
def find_snapshot_restored_instances(self, instance_match_string):
logging.info(
"Determine if there are currently any existing snapshot-restored instances matching %s tag"
% instance_match_string)
existing_instances = []
try:
all_instances = self.client.describe_db_instances()
for instance in all_instances['DBInstances']:
instance_id = instance['DBInstanceIdentifier']
if instance_match_string in instance_id:
existing_instances.append(instance_id)
if existing_instances:
logging.info(
"These instances were found and will be deleted when the new one is active %s"
% existing_instances)
return existing_instances
except:
logging.critical(
"No existing instances found with with substring %s" %
instance_match_string)
return None
def get_recent_rds_snapshot(self, snapshot_type, target_rds_instance):
def filter_snapshots(snapshot):
if snapshot['Status'] != "available":
return False
for tag in snapshot.get("TagList", []):
if tag.get("Key") == "Ready" and tag.get("Value") == "true":
return True
return False
logging.info(
"Finding most recent %s snapshot from master instance %s" %
(snapshot_type, target_rds_instance))
# Get all snapshots for the account, which we will filter in the next step
snapshots = self.client.describe_db_snapshots(
DBInstanceIdentifier=target_rds_instance,
SnapshotType=snapshot_type)['DBSnapshots']
# Filter to get only available snapshots
available_snapshots = list(filter(filter_snapshots, snapshots))
# From https://github.com/truffls/rds_snapshot_restore/blob/master/rds_snapshot_restore.py
# sort descending and retrieve most current entry
try:
most_current_snapshot = sorted(
available_snapshots,
key=lambda x: x.get('SnapshotCreateTime'),
reverse=True)[0]
except IndexError:
raise Exception('Could not find a snapshot')
logging.info(sys.exc_info()[0])
identifier = most_current_snapshot.get('DBSnapshotIdentifier')
if identifier:
logging.info(
"Most recent snapshot for %s is %s - using it to restore from"
% (target_rds_instance, identifier))
return identifier
else:
raise Exception(
'ERROR: Could not determine most current snapshot with filter %s'
% target_rds_instance)
def restore_rds_snapshot(self, attributes):
"""Create new RDS instance as a mirror of the target instance (from snapshot)"""
logging.info('Making sure database subnet group %s exists' %
attributes['db_subnet_group'])
# Verify that the specified database subnet group is real
db_subnet_group = self.client.describe_db_subnet_groups(
DBSubnetGroupName=attributes['db_subnet_group'])
logging.info('Making sure database parameter group %s exists' %
attributes['db_param_group'])
# Verify that the specified database param group is real
db_param_group = self.client.describe_db_parameter_groups(
DBParameterGroupName=attributes['db_param_group'])
if (db_subnet_group and db_param_group):
logging.info(
'Restoring snapshot %s to new instance %s' %
(attributes['restore_snapshot_id'], attributes['name']))
response = self.client.restore_db_instance_from_db_snapshot(
DBInstanceIdentifier=attributes['name'],
DBSnapshotIdentifier=attributes['restore_snapshot_id'],
DBInstanceClass=attributes['instance_class'],
PubliclyAccessible=attributes['publicly_accessible'],
MultiAZ=attributes['multi_az'],
AutoMinorVersionUpgrade=attributes[
'auto_minor_version_upgrade'],
DBSubnetGroupName=attributes['db_subnet_group'],
Tags=attributes['tags'],
DBParameterGroupName=attributes['db_param_group'],
)
logging.info(
"Restore initiated, waiting for database to become available..."
)
waiter = self.client.get_waiter('db_instance_available')
waiter.wait(DBInstanceIdentifier=attributes['name'],
WaiterConfig={
'Delay': 60,
'MaxAttempts': 30
})
else:
raise Exception('ERROR: Could not find subnet group %s' %
attributes['db_subnet_group'])
def modify_new_rds_instance(self, attributes):
"""
Modify new instance with desired parameters
"""
try:
logging.info('Modifying db instance %s' % attributes['name'])
if self.args.read_replica:
backup_retention = 1
else:
backup_retention = 0
response = self.client.modify_db_instance(
ApplyImmediately=True,
DBInstanceIdentifier=attributes['name'],
VpcSecurityGroupIds=attributes['security_group_ids'],
BackupRetentionPeriod=backup_retention)
waiter = self.client.get_waiter('db_instance_available')
waiter.wait(DBInstanceIdentifier=attributes['name'],
WaiterConfig={
'Delay': 15,
'MaxAttempts': 60
})
if self.args.read_replica:
logging.info('Waiting for db snapshot...')
waiter = self.client.get_waiter('db_snapshot_completed')
waiter.wait(DBInstanceIdentifier=attributes['name'],
WaiterConfig={
'Delay': 15,
'MaxAttempts': 60
})
return response
except:
raise Exception(
'ERROR: Could there was a problem modifying the instance %s' %
attributes['name'])
def destroy_old_instances(self, old_rds_instances):
"""
Delete the old instance once we know the new one is healthy
"""
for instance in old_rds_instances:
logging.info("Destroying old instance %s" % instance)
try:
response = self.client.delete_db_instance(
DBInstanceIdentifier=instance, SkipFinalSnapshot=True)
waiter = self.client.get_waiter('db_instance_deleted')
waiter.wait(DBInstanceIdentifier=instance,
WaiterConfig={
'Delay': 60,
'MaxAttempts': 120
})
except Exception as e:
logging.critical("Error deleting %s - %s" % (instance, str(e)))
raise
def get_rds_instances(self, pattern=''):
instances_lst = []
try:
rds_instances = self.client.describe_db_instances()['DBInstances']
for instance in rds_instances:
instance_attr = {
"instance_address": instance['Endpoint']['Address'],
"instance_name": instance['DBInstanceIdentifier']
}
if (re.search(pattern, instance_attr['instance_name'])):
instances_lst.append(instance_attr)
return instances_lst
except Exception as e:
logging.critical("Error retrieving list of instances - %s" %
(str(e)))
raise
def create_read_replica(self, attributes):
waiter = self.client.get_waiter('db_instance_available')
waiter.wait(DBInstanceIdentifier=attributes['name'],
WaiterConfig={
'Delay': 15,
'MaxAttempts': 60
})
read_replica_id = f'{attributes["name"]}-{self.args.replica_suffix}'
try:
logging.info("Initiating read replica creation ...")
replica = self.client.create_db_instance_read_replica(
DBInstanceIdentifier=read_replica_id,
DBInstanceClass=self.args.replica_instance_class,
SourceDBInstanceIdentifier=attributes["name"],
Tags=attributes['tags'],
)
logging.info(
"Read replica creation initiated, waiting for database to become available..."
)
waiter = self.client.get_waiter('db_instance_available')
waiter.wait(DBInstanceIdentifier=read_replica_id,
WaiterConfig={
'Delay': 15,
'MaxAttempts': 60
})
return replica
except Exception as e:
logging.critical("Error while creating read replica - %s" %
(str(e)))
def rename_rds_instance(self, old_identifier, new_identifier):
"""
Rename instance
"""
try:
logging.info(
f'Renaming db instance {old_identifier} to {new_identifier}')
response = self.client.modify_db_instance(
ApplyImmediately=True,
DBInstanceIdentifier=old_identifier,
NewDBInstanceIdentifier=new_identifier)
time.sleep(180)
return response
except:
raise Exception(
f'ERROR: Could there was a problem renaming the instance {old_identifier}'
)
def __init__(self, args):
self.args = args
self.vpc = VPC(self.args)
self.route53 = ROUTE53(self.args)
self.client = boto3.client('rds', region_name=self.args.aws_region)
#!/usr/bin/env python from vpc import VPC v = VPC() v.buildTemplate() v.uploadTemplate()
def main():
template = Template()
template.add_description("Example Server")
for key, value in Mappings().mappings.iteritems():
template.add_mapping(key, value)
parameters = Parameters()
for param in parameters.values():
template.add_parameter(param)
template.add_metadata({
"AWS::CloudFormation::Interface": {
"ParameterGroups": [
{
"Label": {
"default": "Required parameters."
},
"Parameters": [
"DBPassword",
"KeyPair",
]
},
{
"Label": {
"default": "Advanced: Database and instance"
},
"Parameters": [
"DBInstanceType", "DBStorageSize", "DBBackupRetention",
"EC2InstanceType"
]
},
],
"ParameterLabels": {
"DBPassword": {
"default": "Choose a database password"
},
"DBStorageSize": {
"default": "Database storage (advanced)"
},
"DBBackupRetention": {
"default": "How long to keep backups (advanced)"
},
"DBInstanceType": {
"default": "Database instance class (advanced)"
},
"KeyPair": {
"default": "Choose a key pair"
},
"EC2InstanceType": {
"default": "Instance class (advanced)"
},
}
}
})
vpc = VPC()
for res in vpc.values():
template.add_resource(res)
elb = LoadBalancer(vpc=vpc)
for res in elb.values():
template.add_resource(res)
db = Database(parameters=parameters, vpc=vpc, loadbalancer=elb)
for res in db.values():
template.add_resource(res)
ec2 = EC2(parameters=parameters, vpc=vpc, loadbalancer=elb)
for res in ec2.values():
template.add_resource(res)
template.add_output(
Output("LoadBalancerDNSName",
Value=GetAtt(elb.load_balancer, "DNSName")))
print(template.to_json())