aws_pocketknife 0.1.7

data/lib/aws_pocketknife/elastic_beanstalk.rb

@@ -0,0 +1,62 @@
+require 'aws_pocketknife'
+
+module AwsPocketknife
+  module ElasticBeanstalk
+
+    class << self
+      include AwsPocketknife::Common::Utils
+
+      def describe_environment_resources(environment_name: '')
+        elastic_beanstalk_client.describe_environment_resources({
+             environment_name: environment_name,
+         })
+      end
+
+      def list_environments()
+        describe_environment
+      end
+
+      def describe_environment(environment_name: '')
+        resp = nil
+        if environment_name.length == 0
+          resp = elastic_beanstalk_client.describe_environments({})
+        else
+          environment_list = environment_name.split(";")
+          resp = elastic_beanstalk_client.describe_environments({
+                                                   environment_names: environment_list,
+          })
+        end
+
+        resp[:environments]
+      end
+
+      def list_environment_variables(environment_name: '')
+
+        #get application name
+        environment = describe_environment(environment_name: environment_name)[0]
+        app_name = environment.application_name
+
+        #get environment_variables
+        resp = elastic_beanstalk_client.describe_configuration_settings({
+               application_name: app_name,
+               environment_name: environment_name,
+           })
+
+        configuration_setting = resp.configuration_settings[0]
+        option_settings = configuration_setting.option_settings
+        environment_variables = []
+        option_settings.each do |option|
+          if option.option_name == "EnvironmentVariables"
+            environment_variables = option.value.split(",")
+            break
+          end
+        end
+
+        environment_variables
+
+      end
+
+    end
+
+  end
+end

data/lib/aws_pocketknife/elb.rb

@@ -0,0 +1,25 @@
+require 'aws_pocketknife'
+
+module AwsPocketknife
+  module Elb
+
+    class << self
+      include AwsPocketknife::Common::Utils
+
+      def describe_elb_by_name(name: '')
+        resp = elb_client.describe_load_balancers({
+                                                  load_balancer_names: [name],
+                                                  page_size: 1,
+                                              })
+
+        if resp.nil? or resp.load_balancer_descriptions.empty?
+          return nil
+        else
+          return resp.load_balancer_descriptions.first
+        end
+      end
+
+    end
+
+  end
+end

data/lib/aws_pocketknife/iam.rb

@@ -0,0 +1,135 @@
+require 'erubis'
+require 'aws_pocketknife'
+
+module AwsPocketknife
+  module Iam
+
+    class << self
+      include AwsPocketknife::Common::Utils
+
+      def list_ssl_certificates
+        iam_client.list_server_certificates({})
+      end
+      
+      def create_iam_user(username)
+        puts "Creating iam user: #{username}"
+        iam_client.create_user({user_name: username})
+        puts "Iam user: #{username} created"
+      end
+
+      def create_group(group_name)
+        puts "Creating group: #{group_name}"
+        iam_client.create_group({group_name: group_name})
+        puts "Created group: #{group_name}"
+      end
+
+      def create_policy(policy_name, policy)
+        puts "Creating policy: #{policy_name}"
+        iam_client.create_policy({policy_name: policy_name,policy_document: policy})
+        puts "Created policy: #{policy_name}"
+      end
+
+      def create_policy_from_policy_file(policy_name: "", policy_file: "", s3_buckets: "")
+        puts "Creating policy #{policy_name} from saved policy #{policy_file}"
+        policy = IO.read(policy_file)
+        buckets = get_bucket_list(buckets_list: s3_buckets)
+        template = Erubis::Eruby.new(policy)
+        vars = {buckets: buckets}
+
+        policy = template.result(vars)
+
+        puts policy
+
+        unless (policy.nil?)
+          iam_client.create_policy({policy_name: policy_name, policy_document: policy})
+        else
+          puts 'Policy not found'
+        end
+        puts "Created Policy #{policy_name}"
+      end
+
+      def attach_policy_to_group(policy_name, group_name )
+        puts "Attaching policy #{policy_name} to group #{group_name}"
+        arn_number = get_policy_arn(policy_name)
+
+        unless arn_number.nil?
+          iam_client.attach_group_policy(group_name: group_name, policy_arn: arn_number)
+        else
+          puts "The policy #{policy_name} could not be found"
+        end
+        puts "Policy #{policy_name} attached to group #{group_name}"
+      end
+
+      def add_user_to_group(username,group_name)
+        puts "Attaching user: #{username} to group: #{group_name}"
+        iam_client.add_user_to_group(group_name: group_name, user_name: username)
+        puts "User: #{username} attached to group: #{group_name}"
+
+      end
+
+      def create_role(role_name, trust_relationship_file)
+        begin
+          if File.exist?(trust_relationship_file)
+            trust_relationship = IO.read(trust_relationship_file)
+            unless trust_relationship.nil?
+              puts "Creating role: #{role_name} with trust relationship #{trust_relationship}"
+              iam_client.create_role(role_name: role_name, assume_role_policy_document: trust_relationship)
+              puts "Created role: #{role_name} with trust relationship #{trust_relationship}"
+            else
+              raise "Trust Relationship file could not be loaded"
+            end
+          else
+            raise "Trust Relationship file could not be loaded"
+          end
+        rescue Exception => e
+          puts e
+          raise e
+        end
+      end
+
+      def attach_policy_to_role(role_name, policy_name)
+        arn_number = get_policy_arn(policy_name)
+        unless arn_number.nil?
+          puts "Attach policy: #{policy_name} to role: #{role_name}"
+          iam_client.attach_role_policy(role_name: role_name, policy_arn: arn_number)
+          puts "Attached policy: #{policy_name} to role: #{role_name}"
+        else
+          raise "The policy #{policy_name} could not be found"
+        end
+      end
+
+      def create_instance_profile(instance_profile_name)
+        puts "Creating instance profile: #{instance_profile_name}"
+        iam_client.create_instance_profile(instance_profile_name: instance_profile_name)
+        puts "Created instance profile: #{instance_profile_name}"
+      end
+
+      def add_role_to_instance_profile(role_name,instance_profile_name)
+        puts "Adding role #{role_name} to instance profile: #{instance_profile_name}"
+        iam_client.add_role_to_instance_profile(instance_profile_name: instance_profile_name, role_name: role_name)
+        puts "Added role #{role_name} to instance profile: #{instance_profile_name}"
+      end
+
+
+      private
+
+      def get_bucket_list(buckets_list: "")
+        buckets_list.strip.split(";")
+      end
+
+      def get_policy_arn(policy_name)
+        response = iam_client.list_policies({scope: 'Local'})
+        arn_number = nil
+        response.policies.each do |value|
+          if value.policy_name == policy_name
+            arn_number = value.arn
+            break;
+          end
+        end
+        arn_number
+      end
+
+    end
+
+  end
+end

data/lib/aws_pocketknife/rds.rb

@@ -0,0 +1,84 @@
+require 'aws_pocketknife'
+
+module AwsPocketknife
+  module Rds
+
+    AVAILABLE = 'available'.freeze
+    CREATING = 'creating'.freeze
+    DELETING = 'deleting'.freeze
+
+    class << self
+      include AwsPocketknife::Common::Utils
+
+      def describe_snapshots(options)
+        db_name = options.fetch(:db_name, '')
+        rds_client.describe_db_snapshots({db_instance_identifier: db_name}).db_snapshots
+      end
+
+      # creates snapshot for the database name
+      def create_snapshot(options)
+        db_name = options.fetch(:db_name, 'my-snapshot')
+        snapshot_name = get_snapshot_name(db_name)
+        rds_client.create_db_snapshot(db_instance_identifier: db_name, db_snapshot_identifier: snapshot_name)
+
+        Retryable.retryable(:tries => 15, :sleep => lambda { |n| 2**n }, :on => StandardError) do |retries, exception|
+          response = rds_client.describe_db_snapshots(db_snapshot_identifier: snapshot_name)
+
+          snapshot = response.db_snapshots.find { |s| s.db_snapshot_identifier == snapshot_name }
+          status = snapshot.status
+          percent_progress = snapshot.percent_progress
+          puts "RDS Snapshot #{snapshot_name} status: #{status}, progress #{percent_progress}%"
+          raise StandardError if status != AwsPocketknife::Rds::AVAILABLE
+        end
+
+      end
+
+      def get_snapshot_name(db_name)
+        now_str = Time.now.strftime('%Y-%m-%d-%H-%M')
+        "#{db_name}-#{now_str}"
+      end
+
+      def clean_snapshots(options)
+        puts "options: #{options}"
+
+        db_name = options.fetch(:db_name, '')
+        days = options.fetch(:days, '30').to_i * 24 * 3600
+        dry_run = options.fetch(:dry_run, true)
+
+        creation_time = Time.now - days
+        puts "Cleaning up MANUAL snapshots older than #{days} days, i.e, with creation_time < #{creation_time} for db [#{db_name}]"
+
+        snapshots_to_remove = []
+        snapshots = describe_snapshots options
+        snapshots.each do |snapshot|
+          snapshot.snapshot_create_time.is_a?(String) ? snapshot_creation_time = Time.parse(snapshot.snapshot_create_time) : snapshot_creation_time = snapshot.snapshot_create_time
+
+          msg = "Snapshot #{snapshot.db_snapshot_identifier} (type=#{snapshot.snapshot_type}) (snapshot_creation_time: #{snapshot_creation_time}) > (#{creation_time})? "
+          if creation_time <= snapshot_creation_time
+            if (snapshot.snapshot_type == 'manual')
+              snapshots_to_remove << snapshot
+              msg << " YES, marking to be deleted"
+            else
+              msg << " NO"
+            end
+          else
+            msg << "NO (is not a manual snapshot)"
+          end
+          puts msg
+        end
+
+        puts "snapshots_to_remove: #{snapshots_to_remove.map { |s| s.db_snapshot_identifier}}"
+
+        unless dry_run
+          snapshots_to_remove.each do |snapshot|
+            puts "Removing snapshot #{snapshot.db_snapshot_identifier} (status=#{snapshot.status})"
+            rds_client.delete_db_snapshot({db_snapshot_identifier:snapshot.db_snapshot_identifier})
+          end
+        end
+
+      end
+
+    end
+
+  end
+end

data/lib/aws_pocketknife/route53.rb

@@ -0,0 +1,234 @@
+require 'aws_pocketknife'
+
+module AwsPocketknife
+  module Route53
+
+    class << self
+      include AwsPocketknife::Common::Utils
+
+      Logging = Common::Logging.logger
+
+      def list_hosted_zones
+        result = route53_client.list_hosted_zones
+        unless result.nil?
+         return result.hosted_zones
+        else
+          return []
+        end
+      end
+
+      def describe_hosted_zone(hosted_zone: "")
+        hosted_zones = list_hosted_zones
+        zone = find_hosted_zone_id(list: hosted_zones, name: hosted_zone)
+      end
+
+      def get_hosted_zone_id_and_origin_record(origin_dns_name, origin_hosted_zone, record_type)
+        hosted_zone = describe_hosted_zone(hosted_zone: origin_hosted_zone)
+        hosted_zone_id = get_hosted_zone_id(hosted_zone: hosted_zone.id)
+
+        # get origin record
+        origin_record = get_record(hosted_zone_name: origin_hosted_zone,
+                                   record_name: origin_dns_name,
+                                   record_type: record_type)
+
+        if origin_record.empty?
+          Logging.warn "Could not find record for #{origin_dns_name} at #{origin_hosted_zone}"
+        end
+        return hosted_zone_id, origin_record
+      end
+
+
+      def update_record(origin_hosted_zone: "",
+                        origin_dns_name: "",
+                        record_type: "A",
+                        destiny_dns_name:"",
+                        destiny_hosted_zone: ""
+      )
+
+
+        puts "Updating #{origin_dns_name} at #{origin_hosted_zone} with #{destiny_dns_name} at #{destiny_hosted_zone}"
+        if destiny_hosted_zone.empty?
+          return update_cname_record(origin_hosted_zone: origin_hosted_zone,
+                        origin_dns_name: origin_dns_name,
+                        destiny_dns_name:destiny_dns_name,
+                        destiny_hosted_zone: destiny_hosted_zone
+          )
+        else
+          return update_record_from_existing_dns_entry(origin_hosted_zone: origin_hosted_zone,
+                                                       origin_dns_name: origin_dns_name,
+                                                       record_type: record_type,
+                                                       destiny_dns_name:destiny_dns_name,
+                                                       destiny_hosted_zone: destiny_hosted_zone
+          )
+        end
+
+
+      end
+
+      def get_payload_for_record_update(change: "", hosted_zone_id: "")
+        {
+            hosted_zone_id: hosted_zone_id,
+            change_batch: {
+                comment: "",
+                changes: [change]
+            }
+
+        }
+      end
+
+      def get_record(hosted_zone_name: "", record_name: "", record_type: "")
+        record = []
+        records = list_records_for_zone_name(
+            hosted_zone_name: hosted_zone_name,
+            record_name:record_name,
+            record_type: record_type)
+
+        records.each do |r|
+          return [r] if r.name == record_name
+        end
+
+        return record
+      end
+
+      def list_records_for_zone_name(hosted_zone_name: "", record_name: "", record_type: "")
+        records = []
+        hosted_zone = describe_hosted_zone(hosted_zone: hosted_zone_name)
+        return records if hosted_zone.nil?
+
+        hosted_zone_id = get_hosted_zone_id(hosted_zone: hosted_zone.id)
+
+        result = nil
+        if record_name.length != 0 and record_type != 0
+          result = route53_client.list_resource_record_sets({hosted_zone_id: hosted_zone_id,
+                                                      start_record_name: record_name,
+                                                      start_record_type: record_type, # accepts SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA
+                                                      max_items: 1,
+                                                     })
+        else
+          result = route53_client.list_resource_record_sets({hosted_zone_id: hosted_zone_id})
+        end
+        result.resource_record_sets.each do |record|
+          if ["A", "CNAME", "AAAA"].include?record.type
+            records << record
+          end
+        end
+        return records
+      end
+
+      def get_hosted_zone_id(hosted_zone: "")
+        hosted_zone.split("/").reverse[0]
+      end
+
+      private
+
+      def update_cname_record(origin_hosted_zone: "",
+                              origin_dns_name: "",
+                              record_type: "CNAME",
+                              destiny_dns_name:"",
+                              destiny_hosted_zone: ""
+      )
+
+        hosted_zone_id, origin_record = get_hosted_zone_id_and_origin_record(origin_dns_name, origin_hosted_zone, record_type)
+
+        new_dns_name = destiny_dns_name
+        origin_record = origin_record[0]
+
+        if not origin_record.alias_target.nil? and new_dns_name == origin_record.alias_target.dns_name
+          Logging.info "Origin and destiny alias_target.dns_name are the same: #{new_dns_name} Aborting..."
+          return false
+        elsif origin_record.resource_records.length != 0 and new_dns_name == origin_record.resource_records[0].value
+          Loggin.info "Origin and destiny alias_target.dns_name are the same: #{new_dns_name} Aborting..."
+          return false
+        end
+
+        change = {
+            action: "UPSERT",
+            resource_record_set: {
+                name: origin_dns_name,
+                type: record_type,
+                ttl: 300,
+                resource_records: [{value: new_dns_name}]
+            }
+        }
+
+        payload = get_payload_for_record_update(change: change, hosted_zone_id: hosted_zone_id)
+
+        nice_print(object: payload)
+        result = route53_client.change_resource_record_sets(payload)
+
+      end
+
+      def update_record_from_existing_dns_entry(origin_hosted_zone: "",
+                                                origin_dns_name: "",
+                                                record_type: "A",
+                                                destiny_dns_name:"",
+                                                destiny_hosted_zone: ""
+      )
+
+        # get hosted zone
+        hosted_zone_id, origin_record = get_hosted_zone_id_and_origin_record(origin_dns_name, origin_hosted_zone, record_type)
+
+
+        # get record for new dns name
+        destiny_record = get_record(hosted_zone_name: destiny_hosted_zone,
+                                    record_name: destiny_dns_name,
+                                    record_type: record_type)
+
+        if destiny_record.empty?
+          Logging.warn "Could not find destiny record for #{destiny_dns_name} at #{destiny_hosted_zone}"
+          return nil
+        end
+
+        if destiny_record[0].alias_target.nil?
+          Logging.warn "DNS #{destiny_dns_name} is invalid"
+          return nil
+        end
+
+        destiny_hosted_zone_id = destiny_record[0].alias_target.hosted_zone_id
+        new_dns_name = destiny_record[0].alias_target.dns_name
+        origin_record = origin_record[0]
+
+        unless new_dns_name.start_with?("dualstack.")
+          Logging.info "Adding dualstack. to #{new_dns_name}"
+          new_dns_name = "dualstack." + new_dns_name
+        end
+
+        if not origin_record.alias_target.nil? and new_dns_name == origin_record.alias_target.dns_name
+          Logging.info "Origin dns and destiny alias_target.dns_name points to the same record: #{new_dns_name}\nAborting..."
+          return false
+        elsif origin_record.resource_records.length != 0 and new_dns_name == origin_record.resource_records[0].value
+          Logging.info "Origin dns and destiny alias_target.dns_name points to the same record: #{new_dns_name}\nAborting..."
+          return false
+        end
+
+        change = {
+            action: "UPSERT",
+            resource_record_set: {
+                name: origin_dns_name,
+                type: record_type,
+                alias_target: {
+                    hosted_zone_id: destiny_hosted_zone_id, # required
+                    dns_name: new_dns_name, # required
+                    evaluate_target_health: false, # required
+                }
+            }
+        }
+
+        payload = get_payload_for_record_update(change: change, hosted_zone_id: hosted_zone_id)
+
+        nice_print(object: payload)
+        result = route53_client.change_resource_record_sets(payload)
+
+      end
+
+      # Recevies a list of hosted zones and returns the element specified in name
+      def find_hosted_zone_id(list: nil, name: nil)
+        list.each do |h|
+            return h if h.name == name
+        end
+        return nil
+      end
+    end
+
+  end
+end