aws-insight 0.14.0

data/lib/terraforming/resource/kms_alias.rb

@@ -0,0 +1,55 @@
+module Terraforming
+  module Resource
+    class KMSAlias
+      include Terraforming::Util
+
+      def self.tf(client: Aws::KMS::Client.new)
+        self.new(client).tf
+      end
+
+      def self.tfstate(client: Aws::KMS::Client.new)
+        self.new(client).tfstate
+      end
+
+      def initialize(client)
+        @client = client
+      end
+
+      def tf
+        apply_template(@client, "tf/kms_alias")
+      end
+
+      def tfstate
+        aliases.inject({}) do |resources, als|
+          resources["aws_kms_alias.#{module_name_of(als)}"] = {
+            "type" => "aws_kms_alias",
+            "primary" => {
+              "id" => als.alias_name,
+              "attributes" => {
+                "arn" => als.alias_arn,
+                "id" => als.alias_name,
+                "name" => als.alias_name,
+                "target_key_id" => als.target_key_id,
+              },
+            },
+          }
+          resources
+        end
+      end
+
+      private
+
+      def aliases
+        @client.list_aliases.aliases.reject { |als| managed_master_key_alias?(als) }
+      end
+
+      def managed_master_key_alias?(als)
+        als.alias_name =~ %r{\Aalias/aws/}
+      end
+
+      def module_name_of(als)
+        normalize_module_name(als.alias_name.gsub(%r{\Aalias/}, ""))
+      end
+    end
+  end
+end

data/lib/terraforming/resource/kms_key.rb

@@ -0,0 +1,84 @@
+module Terraforming
+  module Resource
+    class KMSKey
+      include Terraforming::Util
+
+      def self.tf(client: Aws::KMS::Client.new)
+        self.new(client).tf
+      end
+
+      def self.tfstate(client: Aws::KMS::Client.new)
+        self.new(client).tfstate
+      end
+
+      def initialize(client)
+        @client = client
+      end
+
+      def tf
+        apply_template(@client, "tf/kms_key")
+      end
+
+      def tfstate
+        keys.inject({}) do |resources, key|
+          resources["aws_kms_key.#{module_name_of(key)}"] = {
+            "type" => "aws_kms_key",
+            "primary" => {
+              "id" => key.key_id,
+              "attributes" => {
+                "arn" => key.arn,
+                "description" => key.description,
+                "enable_key_rotation" => key_rotation_status_of(key).key_rotation_enabled.to_s,
+                "id" => key.key_id,
+                "is_enabled" => key.enabled.to_s,
+                "key_id" => key.key_id,
+                "key_usage" => key_usage_of(key),
+                "policy" => key_policy_of(key),
+              },
+            },
+          }
+          resources
+        end
+      end
+
+      private
+
+      def aliases
+        @aliases ||= @client.list_aliases.aliases
+      end
+
+      def keys
+        @client
+          .list_keys
+          .keys
+          .reject { |key| managed_master_key?(key) }
+          .map { |key| @client.describe_key(key_id: key.key_id) }
+          .map(&:key_metadata)
+      end
+
+      def key_policy_of(key)
+        policies = @client.list_key_policies(key_id: key.key_id).policy_names
+
+        return "" if policies.empty?
+
+        @client.get_key_policy(key_id: key.key_id, policy_name: policies[0]).policy
+      end
+
+      def key_rotation_status_of(key)
+        @client.get_key_rotation_status(key_id: key.key_id)
+      end
+
+      def key_usage_of(key)
+        key.key_usage.tr("_", "/")
+      end
+
+      def managed_master_key?(key)
+        !aliases.select { |a| a.target_key_id == key.key_id && a.alias_name =~ %r{\Aalias/aws/} }.empty?
+      end
+
+      def module_name_of(key)
+        normalize_module_name(key.key_id)
+      end
+    end
+  end
+end

data/lib/terraforming/resource/launch_configuration.rb

@@ -0,0 +1,106 @@
+module Terraforming
+  module Resource
+    class LaunchConfiguration
+      include Terraforming::Util
+
+      def self.tf(client: Aws::AutoScaling::Client.new)
+        self.new(client).tf
+      end
+
+      def self.tfstate(client: Aws::AutoScaling::Client.new)
+        self.new(client).tfstate
+      end
+
+      def initialize(client)
+        @client = client
+      end
+
+      def tf
+        apply_template(@client, "tf/launch_configuration")
+      end
+
+      def tfstate
+        launch_configurations.inject({}) do |resources, lc|
+          attributes = {
+            "name" => lc.launch_configuration_name,
+            "image_id" => lc.image_id,
+            "instance_type" => lc.instance_type,
+            "key_name" => lc.key_name,
+            "security_groups.#" => lc.security_groups.length.to_s,
+            "associate_public_ip_address" => lc.associate_public_ip_address.to_s,
+            "user_data" => lc.user_data,
+            "enable_monitoring" => lc.instance_monitoring.enabled.to_s,
+            "ebs_optimized" => lc.ebs_optimized.to_s,
+            "root_block_device.#" => root_block_device_count(lc).to_s,
+            "ebs_block_device.#" => ebs_block_device_count(lc).to_s,
+            "ephemeral_block_device.#" => ephemeral_block_device_count(lc).to_s
+          }
+
+          lc.security_groups.each do |sg|
+            hash = hash_security_group(sg)
+            attributes["security_groups.#{hash}"] = sg
+          end
+
+          attributes["iam_instance_profile"] = lc.iam_instance_profile if lc.iam_instance_profile
+          attributes["spot_price"] = lc.spot_price if lc.spot_price
+          attributes["placement_tenancy"] = lc.placement_tenancy if lc.placement_tenancy
+
+          resources["aws_launch_configuration.#{module_name_of(lc)}"] = {
+            "type" => "aws_launch_configuration",
+            "primary" => {
+              "id" => lc.launch_configuration_name,
+              "attributes" => attributes
+            }
+          }
+
+          resources
+        end
+      end
+
+      private
+
+      # Taken from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html
+      def root_block_device?(block_device)
+        %w(/dev/sda1 /dev/xvda).include? block_device.device_name
+      end
+
+      def root_block_device_count(launch_configuration)
+        launch_configuration.block_device_mappings.select do |volume|
+          root_block_device?(volume)
+        end.length
+      end
+
+      def ebs_block_device?(block_device)
+        block_device.virtual_name.nil? && block_device.ebs
+      end
+
+      def ebs_block_device_count(launch_configuration)
+        launch_configuration.block_device_mappings.select do |volume|
+          ebs_block_device?(volume) && !root_block_device?(volume)
+        end.length
+      end
+
+      def ephemeral_block_device?(block_device)
+        block_device.virtual_name != nil
+      end
+
+      def ephemeral_block_device_count(launch_configuration)
+        launch_configuration.block_device_mappings.select do |volume|
+          ephemeral_block_device?(volume)
+        end.length
+      end
+
+      def hash_security_group(name)
+        Zlib.crc32(name)
+      end
+
+      def launch_configurations
+        @client.describe_launch_configurations.map(&:launch_configurations).flatten
+      end
+
+      def module_name_of(launch_configuration)
+        normalize_module_name(launch_configuration.launch_configuration_name)
+      end
+    end
+  end
+end

data/lib/terraforming/resource/nat_gateway.rb

@@ -0,0 +1,57 @@
+module Terraforming
+  module Resource
+    class NATGateway
+      include Terraforming::Util
+
+      def self.tf(client: Aws::EC2::Client.new)
+        self.new(client).tf
+      end
+
+      def self.tfstate(client: Aws::EC2::Client.new)
+        self.new(client).tfstate
+      end
+
+      def initialize(client)
+        @client = client
+      end
+
+      def tf
+        apply_template(@client, "tf/nat_gateway")
+      end
+
+      def tfstate
+        nat_gateways.inject({}) do |resources, nat_gateway|
+          next resources if nat_gateway.nat_gateway_addresses.empty?
+
+          attributes = {
+            "id" => nat_gateway.nat_gateway_id,
+            "allocation_id" => nat_gateway.nat_gateway_addresses[0].allocation_id,
+            "subnet_id" => nat_gateway.subnet_id,
+            "network_inferface_id" => nat_gateway.nat_gateway_addresses[0].network_interface_id,
+            "private_ip" => nat_gateway.nat_gateway_addresses[0].private_ip,
+            "public_ip" => nat_gateway.nat_gateway_addresses[0].public_ip,
+          }
+          resources["aws_nat_gateway.#{module_name_of(nat_gateway)}"] = {
+            "type" => "aws_nat_gateway",
+            "primary" => {
+              "id"         => nat_gateway.nat_gateway_id,
+              "attributes" => attributes
+            }
+          }
+
+          resources
+        end
+      end
+
+      private
+
+      def nat_gateways
+        @client.describe_nat_gateways.nat_gateways
+      end
+
+      def module_name_of(nat_gateway)
+        normalize_module_name(nat_gateway.nat_gateway_id)
+      end
+    end
+  end
+end

data/lib/terraforming/resource/network_acl.rb

@@ -0,0 +1,83 @@
+module Terraforming
+  module Resource
+    class NetworkACL
+      include Terraforming::Util
+
+      def self.tf(client: Aws::EC2::Client.new)
+        self.new(client).tf
+      end
+
+      def self.tfstate(client: Aws::EC2::Client.new)
+        self.new(client).tfstate
+      end
+
+      def initialize(client)
+        @client = client
+      end
+
+      def tf
+        apply_template(@client, "tf/network_acl")
+      end
+
+      def tfstate
+        network_acls.inject({}) do |resources, network_acl|
+          attributes = {
+            "egress.#" => egresses_of(network_acl).length.to_s,
+            "id" => network_acl.network_acl_id,
+            "ingress.#" => ingresses_of(network_acl).length.to_s,
+            "subnet_ids.#" => subnet_ids_of(network_acl).length.to_s,
+            "tags.#" => network_acl.tags.length.to_s,
+            "vpc_id" => network_acl.vpc_id,
+          }
+          resources["aws_network_acl.#{module_name_of(network_acl)}"] = {
+            "type" => "aws_network_acl",
+            "primary" => {
+              "id" => network_acl.network_acl_id,
+              "attributes" => attributes
+            }
+          }
+
+          resources
+        end
+      end
+
+      private
+
+      def default_entry?(entry)
+        entry.rule_number == default_rule_number
+      end
+
+      def default_rule_number
+        32767
+      end
+
+      def egresses_of(network_acl)
+        network_acl.entries.select { |entry| entry.egress && !default_entry?(entry) }
+      end
+
+      def from_port_of(entry)
+        entry.port_range ? entry.port_range.from : 0
+      end
+
+      def ingresses_of(network_acl)
+        network_acl.entries.select { |entry| !entry.egress && !default_entry?(entry) }
+      end
+
+      def module_name_of(network_acl)
+        normalize_module_name(name_from_tag(network_acl, network_acl.network_acl_id))
+      end
+
+      def network_acls
+        @client.describe_network_acls.map(&:network_acls).flatten
+      end
+
+      def subnet_ids_of(network_acl)
+        network_acl.associations.map { |association| association.subnet_id }
+      end
+
+      def to_port_of(entry)
+        entry.port_range ? entry.port_range.to : 0
+      end
+    end
+  end
+end

data/lib/terraforming/resource/network_interface.rb

@@ -0,0 +1,68 @@
+module Terraforming
+  module Resource
+    class NetworkInterface
+      include Terraforming::Util
+
+      def self.tf(client: Aws::EC2::Client.new)
+        self.new(client).tf
+      end
+
+      def self.tfstate(client: Aws::EC2::Client.new)
+        self.new(client).tfstate
+      end
+
+      def initialize(client)
+        @client = client
+      end
+
+      def tf
+        apply_template(@client, "tf/network_interface")
+      end
+
+      def tfstate
+        network_interfaces.inject({}) do |resources, network_interface|
+          attributes = {
+            "attachment.#" => attachment_of(network_interface) ? "1" : "0",
+            "id" => network_interface.network_interface_id,
+            "private_ips.#" => private_ips_of(network_interface).length.to_s,
+            "security_groups.#" => security_groups_of(network_interface).length.to_s,
+            "source_dest_check" => network_interface.source_dest_check.to_s,
+            "subnet_id" => network_interface.subnet_id,
+            "tags.#" => network_interface.tag_set.length.to_s,
+          }
+          resources["aws_network_interface.#{module_name_of(network_interface)}"] = {
+            "type" => "aws_network_interface",
+            "primary" => {
+              "id" => network_interface.network_interface_id,
+              "attributes" => attributes
+            }
+          }
+
+          resources
+        end
+      end
+
+      private
+
+      def attachment_of(network_interface)
+        network_interface.attachment
+      end
+
+      def private_ips_of(network_interface)
+        network_interface.private_ip_addresses.map { |addr| addr.private_ip_address }
+      end
+
+      def security_groups_of(network_interface)
+        network_interface.groups.map { |group| group.group_id }
+      end
+
+      def module_name_of(network_interface)
+        network_interface.network_interface_id
+      end
+
+      def network_interfaces
+        @client.describe_network_interfaces.map(&:network_interfaces).flatten
+      end
+    end
+  end
+end