cf_factory 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- data/examples/base_vpc.rb +40 -0
- data/examples/cloudinit_script_for_one_instance.rb +77 -0
- data/examples/cloudinit_script_with_autoscaling.rb +85 -0
- data/examples/elb_with_cloudfront.rb +101 -0
- data/examples/instance_with_eip.rb +38 -0
- data/examples/instance_with_yum.rb +38 -0
- data/examples/just_an_instance.rb +29 -0
- data/examples/play_with_region_and_zones.rb +26 -0
- data/examples/ra_web_hosting.rb +146 -0
- data/examples/s3_with_cloudfront.rb +36 -0
- data/examples/test_vpc.rb +53 -0
- data/lib/cf_factory/as/cf_as_group.rb +75 -0
- data/lib/cf_factory/as/cf_as_launch_config.rb +53 -0
- data/lib/cf_factory/as/cf_as_scaling_policy.rb +33 -0
- data/lib/cf_factory/base/cf_base.rb +97 -0
- data/lib/cf_factory/base/cf_ec2_tag.rb +32 -0
- data/lib/cf_factory/base/cf_generator.rb +18 -0
- data/lib/cf_factory/base/cf_helper.rb +91 -0
- data/lib/cf_factory/base/cf_inner.rb +55 -0
- data/lib/cf_factory/base/cf_main.rb +101 -0
- data/lib/cf_factory/base/cf_mapping.rb +26 -0
- data/lib/cf_factory/base/cf_named_inner.rb +0 -0
- data/lib/cf_factory/base/cf_output.rb +24 -0
- data/lib/cf_factory/base/cf_parameter.rb +25 -0
- data/lib/cf_factory/base/cf_script_reader.rb +32 -0
- data/lib/cf_factory/cloudformation/cf_cloud_formation_init.rb +25 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_command.rb +37 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_commands.rb +25 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_config.rb +33 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_file.rb +38 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_files.rb +25 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_inner.rb +28 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_package.rb +34 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_packages.rb +42 -0
- data/lib/cf_factory/cloudformation/cf_cloudformation_sources.rb +30 -0
- data/lib/cf_factory/cloudformation/cf_init_script.rb +73 -0
- data/lib/cf_factory/cloudfront/cf_cache_behavior.rb +37 -0
- data/lib/cf_factory/cloudfront/cf_cache_behaviors.rb +28 -0
- data/lib/cf_factory/cloudfront/cf_cloudfront_distribution.rb +64 -0
- data/lib/cf_factory/cloudfront/cf_custom_origin_config.rb +37 -0
- data/lib/cf_factory/cloudfront/cf_default_cache_behavior.rb +32 -0
- data/lib/cf_factory/cloudfront/cf_distribution_config.rb +31 -0
- data/lib/cf_factory/cloudfront/cf_forwarded_values.rb +25 -0
- data/lib/cf_factory/cloudfront/cf_logging.rb +24 -0
- data/lib/cf_factory/cloudfront/cf_origin.rb +40 -0
- data/lib/cf_factory/cloudfront/cf_s3_origin_config.rb +25 -0
- data/lib/cf_factory/cloudwatch/cf_cloud_watch_alarm.rb +58 -0
- data/lib/cf_factory/ec2/cf_ebs_volume.rb +54 -0
- data/lib/cf_factory/ec2/cf_ec2_instance.rb +62 -0
- data/lib/cf_factory/ec2/cf_ec2_security_group.rb +40 -0
- data/lib/cf_factory/ec2/cf_ec2_security_group_egress.rb +28 -0
- data/lib/cf_factory/ec2/cf_ec2_security_group_ingress.rb +39 -0
- data/lib/cf_factory/ec2/cf_eip.rb +26 -0
- data/lib/cf_factory/ec2/cf_eip_association.rb +29 -0
- data/lib/cf_factory/elb/cf_app_cookie_stickiness_policy.rb +15 -0
- data/lib/cf_factory/elb/cf_elb.rb +49 -0
- data/lib/cf_factory/elb/cf_health_check.rb +23 -0
- data/lib/cf_factory/elb/cf_lb_cookie_stickiness_policy.rb +15 -0
- data/lib/cf_factory/elb/cf_listener.rb +26 -0
- data/lib/cf_factory/help/fixes.rb +14 -0
- data/lib/cf_factory/help/ip_mask.rb +165 -0
- data/lib/cf_factory/help/template_validation.rb +28 -0
- data/lib/cf_factory/iam/cf_iam_access_key.rb +32 -0
- data/lib/cf_factory/iam/cf_iam_group.rb +30 -0
- data/lib/cf_factory/iam/cf_iam_instance_profile.rb +30 -0
- data/lib/cf_factory/iam/cf_iam_policy.rb +18 -0
- data/lib/cf_factory/iam/cf_iam_role.rb +56 -0
- data/lib/cf_factory/iam/cf_iam_statement.rb +23 -0
- data/lib/cf_factory/iam/cf_iam_user.rb +34 -0
- data/lib/cf_factory/iam/cf_policy_document.rb +19 -0
- data/lib/cf_factory/modules/base_vpc.rb +61 -0
- data/lib/cf_factory/rds/cf_rds_instance.rb +53 -0
- data/lib/cf_factory/rds/cf_rds_security_group.rb +33 -0
- data/lib/cf_factory/rds/cf_rds_security_group_ingress.rb +29 -0
- data/lib/cf_factory/rds/cf_rds_subnet_group.rb +29 -0
- data/lib/cf_factory/route53/cf_elb_alias_target.rb +21 -0
- data/lib/cf_factory/route53/cf_record_set.rb +61 -0
- data/lib/cf_factory/route53/cf_route53_record_set.rb +61 -0
- data/lib/cf_factory/route53/cf_route53_record_set_group.rb +42 -0
- data/lib/cf_factory/s3/cf_s3_bucket.rb +32 -0
- data/lib/cf_factory/s3/cf_web_site_config.rb +24 -0
- data/lib/cf_factory/sqs/cf_sqs_queue.rb +26 -0
- data/lib/cf_factory/vpc/cf_attach_gateway.rb +28 -0
- data/lib/cf_factory/vpc/cf_internet_gateway.rb +30 -0
- data/lib/cf_factory/vpc/cf_network_acl.rb +39 -0
- data/lib/cf_factory/vpc/cf_network_acl_association.rb +24 -0
- data/lib/cf_factory/vpc/cf_network_acl_entry.rb +37 -0
- data/lib/cf_factory/vpc/cf_route.rb +43 -0
- data/lib/cf_factory/vpc/cf_route_table.rb +41 -0
- data/lib/cf_factory/vpc/cf_route_table_association.rb +24 -0
- data/lib/cf_factory/vpc/cf_subnet.rb +48 -0
- data/lib/cf_factory/vpc/cf_vpc.rb +64 -0
- data/lib/cf_factory.rb +103 -0
- metadata +140 -0
@@ -0,0 +1,165 @@
|
|
1
|
+
class IpMask
|
2
|
+
attr_reader :bits, :ip_mask
|
3
|
+
|
4
|
+
def initialize(ip_mask, bits = 32) #if one parameter specified, means it's not a range, it's one address
|
5
|
+
@ip_mask = ip_mask
|
6
|
+
@bits = bits.to_i
|
7
|
+
end
|
8
|
+
|
9
|
+
def self.create(ip_mask, bits = 32)
|
10
|
+
cleaned = IpMask.new(ip_mask, bits)
|
11
|
+
cleaned.clean_mask()
|
12
|
+
end
|
13
|
+
|
14
|
+
def self.create_from_cidr(cidr)
|
15
|
+
#ip = cidr.split("/")[0].split(".")
|
16
|
+
#bits = cidr.split("/")[1].to_i
|
17
|
+
ip = cidr.split("/")[0]
|
18
|
+
bits = cidr.split("/")[1]
|
19
|
+
IpMask.new(ip, bits)
|
20
|
+
end
|
21
|
+
|
22
|
+
def self.create_from_num(number, bits)
|
23
|
+
ip_bytes = []
|
24
|
+
3.downto(0) {|i|
|
25
|
+
div = 256 ** i
|
26
|
+
b = number/div.to_i
|
27
|
+
ip_bytes << b.to_i
|
28
|
+
number = number % div
|
29
|
+
}
|
30
|
+
ip_bytes
|
31
|
+
IpMask.new(ip_bytes.join("."), bits)
|
32
|
+
end
|
33
|
+
|
34
|
+
def to_num
|
35
|
+
sum = 0
|
36
|
+
exp = 3
|
37
|
+
@ip_mask.split(".").each() {|ip|
|
38
|
+
sum += ip.to_i * (256 ** exp)
|
39
|
+
exp -= 1
|
40
|
+
}
|
41
|
+
sum
|
42
|
+
end
|
43
|
+
|
44
|
+
def to_mask
|
45
|
+
bit_string = self.to_bit_string
|
46
|
+
r = bit_string.to_i(2)
|
47
|
+
end
|
48
|
+
|
49
|
+
def to_bit_string
|
50
|
+
bit_string = ("1"*@bits+"0"*(32-@bits))
|
51
|
+
#puts "#{bit_string}"
|
52
|
+
bit_string
|
53
|
+
end
|
54
|
+
|
55
|
+
def free()
|
56
|
+
(2 ** 32) / used()
|
57
|
+
end
|
58
|
+
|
59
|
+
def used()
|
60
|
+
2 ** @bits
|
61
|
+
end
|
62
|
+
|
63
|
+
def generate_free()
|
64
|
+
self.to_num()
|
65
|
+
end
|
66
|
+
|
67
|
+
def to_s
|
68
|
+
if @bits.to_i == 32
|
69
|
+
"#{@ip_mask}"
|
70
|
+
else
|
71
|
+
"#{@ip_mask}/#{@bits}"
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
def clean_mask
|
76
|
+
ip_base_num = self.to_num
|
77
|
+
ip_bits_num = self.to_mask()
|
78
|
+
clean_mask = ip_base_num & ip_bits_num
|
79
|
+
#puts "clean_mask = #{clean_mask}"
|
80
|
+
IpMask.create_from_num(clean_mask,@bits)
|
81
|
+
end
|
82
|
+
|
83
|
+
def is_clean?
|
84
|
+
comp = self.clean_mask
|
85
|
+
return self.ip_mask != comp.ip_mask
|
86
|
+
end
|
87
|
+
|
88
|
+
def divide(number_of_addresses)
|
89
|
+
possible_ranges = []
|
90
|
+
bits_to_move = (Math.log(number_of_addresses+1)/Math.log(2)).to_i
|
91
|
+
puts "asked to allocate #{number_of_addresses}; that corresponds to #{bits_to_move} bits"
|
92
|
+
puts "#{self.free()} are free"
|
93
|
+
max_subnets = self.free()/number_of_addresses
|
94
|
+
puts "given that every subnet should have #{number_of_addresses} addresses, there is currently space for #{max_subnets}"
|
95
|
+
0.upto(max_subnets-1) {|i|
|
96
|
+
num = self.to_num()
|
97
|
+
num += i*number_of_addresses
|
98
|
+
possible_range = IpMask.create_from_num(num, 32 - bits_to_move)
|
99
|
+
possible_ranges << possible_range
|
100
|
+
puts "possible range: #{possible_range}"
|
101
|
+
}
|
102
|
+
possible_ranges
|
103
|
+
end
|
104
|
+
|
105
|
+
# Takes an array of IP-Address-Numbers into account and allocates corresponding IP address ranges
|
106
|
+
def divide_individually(array_with_number_of_addresses)
|
107
|
+
possible_ranges = []
|
108
|
+
num = self.to_num()
|
109
|
+
bits_to_move = 32 - @bits
|
110
|
+
remaining_addresses = self.free
|
111
|
+
array_with_number_of_addresses.each() {|number_of_addresses_for_subnet|
|
112
|
+
if (2 ** bits_to_move) < number_of_addresses_for_subnet
|
113
|
+
puts "WARNING: could not allocate #{number_of_addresses_for_subnet} anymore (max #{(2 ** bits_to_move)})"
|
114
|
+
next
|
115
|
+
end
|
116
|
+
bits_to_move = [(Math.log(number_of_addresses_for_subnet+1)/Math.log(2)).to_i, bits_to_move].min
|
117
|
+
possible_range = IpMask.create_from_num(num, 32 - bits_to_move)
|
118
|
+
unless self.are_all_in_range?(possible_range)
|
119
|
+
puts "WARNING: the selected range '#{possible_range}' is outside the base range"
|
120
|
+
next
|
121
|
+
end
|
122
|
+
num += number_of_addresses_for_subnet
|
123
|
+
puts "[alloc #{number_of_addresses_for_subnet}] \tpossible range: #{possible_range}"
|
124
|
+
possible_ranges << possible_range
|
125
|
+
remaining_addresses -= (2 ** bits_to_move)
|
126
|
+
#puts "[to allocate = #{number_of_addresses_for_subnet}] => free = #{possible_range.free}"
|
127
|
+
}
|
128
|
+
possible_ranges
|
129
|
+
end
|
130
|
+
|
131
|
+
def is_in_range?(ip_address)
|
132
|
+
comp_mask = IpMask.new(ip_address)
|
133
|
+
# transform ip address string to numerical values for bitwise operations
|
134
|
+
comp_ip = comp_mask.to_num
|
135
|
+
#puts "ip_address checked = #{comp_ip.to_s(2)}"
|
136
|
+
ip_base_num = self.to_num
|
137
|
+
#puts "range_mask = #{ip_base_num.to_s(2)}"
|
138
|
+
ip_bits_num = self.to_mask
|
139
|
+
#puts "bit_mask = #{ip_bits_num.to_s(2)}"
|
140
|
+
# perform an AND operation to get rid of the bits in the mask that don't count
|
141
|
+
clean_mask = ip_base_num & ip_bits_num
|
142
|
+
#puts "cleaned range_mask = #{ip_base_num.to_s(2)}"
|
143
|
+
# the ip address belongs to the range, when an AND with the bitmask equals the cleaned mask
|
144
|
+
#puts "(ip_address&bits = #{(comp_ip & ip_bits_num).to_s(2)}"
|
145
|
+
(comp_ip & ip_bits_num) == clean_mask
|
146
|
+
end
|
147
|
+
|
148
|
+
def are_all_in_range?(ip_mask)
|
149
|
+
#puts "check for #{ip_mask}"
|
150
|
+
return false if ip_mask.bits < self.bits
|
151
|
+
#
|
152
|
+
comp_ip = ip_mask.to_num
|
153
|
+
ip_base_num = self.to_num
|
154
|
+
ip_bits_num = self.to_mask
|
155
|
+
ip_clean = ip_base_num & ip_bits_num
|
156
|
+
#puts "comp = #{(comp_ip & ip_bits_num)} ip_clean = #{ip_clean} (ip_bits_num = #{ip_bits_num})"
|
157
|
+
(comp_ip & ip_bits_num) == ip_clean
|
158
|
+
end
|
159
|
+
|
160
|
+
def ==(comp)
|
161
|
+
puts "comp = #{comp.class} #{comp.inspect}"
|
162
|
+
self.ip_mask == comp.ip_mask && self.bits == comp.bits
|
163
|
+
end
|
164
|
+
|
165
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require 'aws'
|
2
|
+
|
3
|
+
class TemplateValidation
|
4
|
+
def initialize(template_string, config_options)
|
5
|
+
@template_string = template_string
|
6
|
+
@config_options = config_options
|
7
|
+
end
|
8
|
+
|
9
|
+
def validate
|
10
|
+
cf = AWS::CloudFormation.new(@config_options)
|
11
|
+
response = cf.validate_template(@template_string)
|
12
|
+
if response[:code] == "ValidationError"
|
13
|
+
puts "Validation failed: #{response[:message]}"
|
14
|
+
else
|
15
|
+
puts "Validation successful"
|
16
|
+
end
|
17
|
+
response
|
18
|
+
end
|
19
|
+
|
20
|
+
def apply(parameters = {})
|
21
|
+
cf = AWS::CloudFormation.new(@config_options)
|
22
|
+
stack_name = "StackStartedFromEclipse#{Time.new.to_i}"
|
23
|
+
puts "going to start stack #{stack_name} with parameters #{parameters.inspect}"
|
24
|
+
stack = cf.stacks.create(stack_name, @template_string, :parameters => parameters, :capabilities => ["CAPABILITY_IAM"])
|
25
|
+
puts "started stack with parameters: #{stack.parameters}"
|
26
|
+
end
|
27
|
+
|
28
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'cf_factory/base/cf_base'
|
2
|
+
require 'cf_factory/base/cf_helper'
|
3
|
+
require 'cf_factory/iam/cf_iam_instance_profile'
|
4
|
+
|
5
|
+
class CfIamAccessKey
|
6
|
+
include CfBase
|
7
|
+
|
8
|
+
def initialize(name, user_name, status, options = {})
|
9
|
+
@name = name
|
10
|
+
@status = status
|
11
|
+
@user_name = user_name
|
12
|
+
@serial = options[:serial]
|
13
|
+
end
|
14
|
+
|
15
|
+
def get_cf_type
|
16
|
+
"AWS::IAM::AccessKey"
|
17
|
+
end
|
18
|
+
|
19
|
+
def get_cf_attributes
|
20
|
+
{}
|
21
|
+
end
|
22
|
+
|
23
|
+
def get_cf_properties
|
24
|
+
result = {
|
25
|
+
"Status" => @status,
|
26
|
+
"UserName" => @user_name
|
27
|
+
}
|
28
|
+
result["Serial"] = @serial unless @serial.nil?
|
29
|
+
result
|
30
|
+
end
|
31
|
+
|
32
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'cf_factory/base/cf_base'
|
2
|
+
require 'cf_factory/base/cf_helper'
|
3
|
+
require 'cf_factory/iam/cf_iam_instance_profile'
|
4
|
+
|
5
|
+
class CfIamGroup
|
6
|
+
include CfBase
|
7
|
+
|
8
|
+
def initialize(name, path, options)
|
9
|
+
@name = name
|
10
|
+
@path = path
|
11
|
+
@policies = options[:policies]
|
12
|
+
end
|
13
|
+
|
14
|
+
def get_cf_type
|
15
|
+
"AWS::IAM::Group"
|
16
|
+
end
|
17
|
+
|
18
|
+
def get_cf_attributes
|
19
|
+
{}
|
20
|
+
end
|
21
|
+
|
22
|
+
def get_cf_properties
|
23
|
+
result = {
|
24
|
+
"Path" => @path
|
25
|
+
}
|
26
|
+
result["Policies"] = CfHelper.generate_inner_array(@policies) unless @policies.nil?
|
27
|
+
result
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'cf_factory/base/cf_base'
|
2
|
+
require 'cf_factory/base/cf_helper'
|
3
|
+
require 'cf_factory/elb/cf_app_cookie_stickiness_policy'
|
4
|
+
|
5
|
+
class CfIamInstanceProfile
|
6
|
+
include CfBase
|
7
|
+
|
8
|
+
def initialize(name, path, roles)
|
9
|
+
@name = name
|
10
|
+
@path = path
|
11
|
+
@roles = roles
|
12
|
+
end
|
13
|
+
|
14
|
+
def get_cf_type
|
15
|
+
"AWS::IAM::InstanceProfile"
|
16
|
+
end
|
17
|
+
|
18
|
+
def get_cf_attributes
|
19
|
+
{}
|
20
|
+
end
|
21
|
+
|
22
|
+
def get_cf_properties
|
23
|
+
result = {
|
24
|
+
"Path" => @path,
|
25
|
+
"Roles" => "["+@roles.collect() {|r| CfHelper.generate_ref(r)}.join(",")+"]"
|
26
|
+
}
|
27
|
+
result
|
28
|
+
end
|
29
|
+
|
30
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
require 'cf_factory/base/cf_inner'
|
2
|
+
require 'cf_factory/iam/cf_policy_document'
|
3
|
+
|
4
|
+
class CfIamPolicy
|
5
|
+
include CfInner
|
6
|
+
|
7
|
+
def initialize(policy_name, policy_doc)
|
8
|
+
@policy_name = policy_name
|
9
|
+
@policy_doc = policy_doc
|
10
|
+
end
|
11
|
+
|
12
|
+
def get_cf_attributes
|
13
|
+
{"PolicyName" => @policy_name,
|
14
|
+
"PolicyDocument" => @policy_doc.generate
|
15
|
+
}
|
16
|
+
end
|
17
|
+
|
18
|
+
end
|
@@ -0,0 +1,56 @@
|
|
1
|
+
require 'cf_factory/base/cf_base'
|
2
|
+
require 'cf_factory/base/cf_helper'
|
3
|
+
require 'cf_factory/iam/cf_iam_instance_profile'
|
4
|
+
|
5
|
+
class CfIamRole
|
6
|
+
include CfBase
|
7
|
+
|
8
|
+
def initialize(name, path, options)
|
9
|
+
@name = name
|
10
|
+
@path = path
|
11
|
+
@policies = options[:policies]
|
12
|
+
end
|
13
|
+
|
14
|
+
def get_cf_type
|
15
|
+
"AWS::IAM::Role"
|
16
|
+
end
|
17
|
+
|
18
|
+
def get_cf_attributes
|
19
|
+
{}
|
20
|
+
end
|
21
|
+
|
22
|
+
def get_cf_properties
|
23
|
+
result = {
|
24
|
+
"Path" => @path,
|
25
|
+
"AssumeRolePolicyDocument" => assume_role_ec2() #no other supported right now
|
26
|
+
}
|
27
|
+
result["Policies"] = CfHelper.generate_inner_array(@policies) unless @policies.nil?
|
28
|
+
result
|
29
|
+
end
|
30
|
+
|
31
|
+
def generate
|
32
|
+
result = super
|
33
|
+
result += CfIamInstanceProfile.new(@name+"Profile", @path, [@name]).generate
|
34
|
+
end
|
35
|
+
|
36
|
+
private
|
37
|
+
|
38
|
+
def assume_role_ec2
|
39
|
+
' {
|
40
|
+
"Statement":[
|
41
|
+
{
|
42
|
+
"Effect":"Allow",
|
43
|
+
"Principal":{
|
44
|
+
"Service":[
|
45
|
+
"ec2.amazonaws.com"
|
46
|
+
]
|
47
|
+
},
|
48
|
+
"Action":[
|
49
|
+
"sts:AssumeRole"
|
50
|
+
]
|
51
|
+
}
|
52
|
+
]
|
53
|
+
}'
|
54
|
+
end
|
55
|
+
|
56
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'cf_factory/base/cf_inner'
|
2
|
+
|
3
|
+
class CfIamStatement
|
4
|
+
include CfInner
|
5
|
+
|
6
|
+
def initialize(effect, action, resource)
|
7
|
+
@effect = effect
|
8
|
+
@action = action
|
9
|
+
@resource = resource
|
10
|
+
end
|
11
|
+
|
12
|
+
def get_cf_attributes
|
13
|
+
{"Effect" => @effect,
|
14
|
+
"Action" => @action,
|
15
|
+
"Resource" => @resource
|
16
|
+
}
|
17
|
+
end
|
18
|
+
|
19
|
+
def additional_indent
|
20
|
+
4
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
require 'cf_factory/base/cf_base'
|
2
|
+
require 'cf_factory/base/cf_helper'
|
3
|
+
require 'cf_factory/iam/cf_iam_instance_profile'
|
4
|
+
|
5
|
+
class CfIamUser
|
6
|
+
include CfBase
|
7
|
+
|
8
|
+
def initialize(name, path, options = {})
|
9
|
+
@name = name
|
10
|
+
@path = path
|
11
|
+
@policies = options[:policies]
|
12
|
+
@login_profile = options[:login_profile]
|
13
|
+
@groups = options[:groups]
|
14
|
+
end
|
15
|
+
|
16
|
+
def get_cf_type
|
17
|
+
"AWS::IAM::User"
|
18
|
+
end
|
19
|
+
|
20
|
+
def get_cf_attributes
|
21
|
+
{}
|
22
|
+
end
|
23
|
+
|
24
|
+
def get_cf_properties
|
25
|
+
result = {
|
26
|
+
"Path" => @path
|
27
|
+
}
|
28
|
+
result["Policies"] = CfHelper.generate_inner_array(@policies) unless @policies.nil?
|
29
|
+
result["LoginProfile"] = "XXX" unless @login_profile.nil?
|
30
|
+
result["Groups"] = CfHelper.generate_ref_array(@groups) unless @groups.nil?
|
31
|
+
result
|
32
|
+
end
|
33
|
+
|
34
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
require 'cf_factory/base/cf_inner'
|
2
|
+
|
3
|
+
class CfPolicyDocument
|
4
|
+
include CfInner
|
5
|
+
|
6
|
+
def initialize(statements, additional_indent = 2)
|
7
|
+
@additional_indent = additional_indent
|
8
|
+
@statements = statements
|
9
|
+
end
|
10
|
+
|
11
|
+
def get_cf_attributes()
|
12
|
+
{"Statement" => CfHelper.generate_inner_array(@statements)}
|
13
|
+
end
|
14
|
+
|
15
|
+
def additional_indent
|
16
|
+
@additional_indent
|
17
|
+
end
|
18
|
+
|
19
|
+
end
|
@@ -0,0 +1,61 @@
|
|
1
|
+
class BaseVpc
|
2
|
+
attr_reader :vpc, :subnets, :private_route_table, :public_route_table
|
3
|
+
|
4
|
+
def initialize(name, cidr, number_public_subnets, number_private_subnets, availability_zones, subnet_size = 256)
|
5
|
+
@name = name
|
6
|
+
@cidr = cidr
|
7
|
+
@number_public_subnets = number_public_subnets
|
8
|
+
@number_private_subnets = number_private_subnets
|
9
|
+
@subnet_size = subnet_size
|
10
|
+
@availability_zones = availability_zones
|
11
|
+
setup()
|
12
|
+
end
|
13
|
+
|
14
|
+
def add_to_template(cf)
|
15
|
+
cf.add_vpc(@vpc)
|
16
|
+
end
|
17
|
+
|
18
|
+
def setup
|
19
|
+
define_vpc()
|
20
|
+
define_subnets()
|
21
|
+
end
|
22
|
+
|
23
|
+
def define_vpc
|
24
|
+
@vpc = CfVpc.new(@cidr)
|
25
|
+
igw = CfInternetGateway.new("#{@name}Igw", @vpc)
|
26
|
+
@vpc.add_internet_gateway(igw)
|
27
|
+
@private_route_table = CfRouteTable.new("#{@name}PrivRt")
|
28
|
+
@vpc.add_route_table(@private_route_table)
|
29
|
+
@public_route_table = CfRouteTable.new("#{@name}PubRt")
|
30
|
+
igw_route = CfRoute.new("IgwRoute", "0.0.0.0/0", igw)
|
31
|
+
@public_route_table.add_route(igw_route)
|
32
|
+
@vpc.add_route_table(@public_route_table)
|
33
|
+
end
|
34
|
+
|
35
|
+
def define_subnets
|
36
|
+
myMask = IpMask.create_from_cidr(@cidr)
|
37
|
+
puts "myMask = #{myMask.inspect}"
|
38
|
+
divider_array = [@subnet_size]*(@number_public_subnets + @number_private_subnets)
|
39
|
+
puts "divider_array = #{divider_array}"
|
40
|
+
subnet_ranges = myMask.divide_individually(divider_array)
|
41
|
+
puts "subnet ranges = #{subnet_ranges.inspect}"
|
42
|
+
@subnets = []
|
43
|
+
0.upto(@number_public_subnets-1) do |i|
|
44
|
+
@vpc.add_subnet(CfSubnet.new("#{@name}PublicSubnet#{i+1}", @cidr, @availability_zones[i%(@availability_zones.size)], @public_route_table))
|
45
|
+
end
|
46
|
+
0.upto(@number_private_subnets-1) do |i|
|
47
|
+
@vpc.add_subnet(CfSubnet.new("#{@name}PrivateSubnet#{i+1}", @cidr, @availability_zones[i%(@availability_zones.size)], @private_route_table))
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def ip2num(ip_part)
|
52
|
+
sum = 0
|
53
|
+
exp = 3
|
54
|
+
ip_part.split(".").each() {|ip|
|
55
|
+
sum += ip.to_i * (256 ** exp)
|
56
|
+
exp -= 1
|
57
|
+
}
|
58
|
+
sum
|
59
|
+
end
|
60
|
+
|
61
|
+
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
require 'cf_factory/base/cf_base'
|
2
|
+
require 'cf_factory/base/cf_helper'
|
3
|
+
|
4
|
+
class CfRdsInstance
|
5
|
+
VALID_TYPES = ["db.t1.micro", "db.m1.small","db.m1.medium","db.m1.large","db.m1.xlarge","db.m2.xlarge","db.m2.2xlarge","db.m2.4xlarge"]
|
6
|
+
include CfBase
|
7
|
+
|
8
|
+
def initialize(name, allocated_storage, engine, db_instance_class, master_username, master_userpassword, options = {})
|
9
|
+
@name = name
|
10
|
+
@allocated_storage = allocated_storage
|
11
|
+
@db_instance_class = db_instance_class
|
12
|
+
@engine = engine
|
13
|
+
@master_username = master_username
|
14
|
+
@master_userpassword = master_userpassword
|
15
|
+
@multi_az = options[:multi_az]
|
16
|
+
@security_groups = options[:security_groups]
|
17
|
+
@subnet_group = options[:subnet_group]
|
18
|
+
validate()
|
19
|
+
end
|
20
|
+
|
21
|
+
def get_cf_type
|
22
|
+
"AWS::RDS::DBInstance"
|
23
|
+
end
|
24
|
+
|
25
|
+
def get_cf_attributes
|
26
|
+
{}
|
27
|
+
end
|
28
|
+
|
29
|
+
def get_cf_properties
|
30
|
+
result = {"AllocatedStorage" => @allocated_storage,
|
31
|
+
"DBInstanceClass" => @db_instance_class,
|
32
|
+
"Engine" => @engine, "MasterUsername" => @master_username,
|
33
|
+
"MasterUserPassword" => @master_userpassword
|
34
|
+
}
|
35
|
+
result["MultiAZ"] = @multi_az unless @multi_az.nil?
|
36
|
+
result["DBSecurityGroups"] = CfHelper.generate_ref_array(@security_groups) unless @security_groups.nil?
|
37
|
+
result["DBSubnetGroupName"] = @subnet_group.generate_ref unless @subnet_group.nil?
|
38
|
+
result
|
39
|
+
end
|
40
|
+
|
41
|
+
def add_rule(ingress_rule)
|
42
|
+
@rules << ingress_rule
|
43
|
+
end
|
44
|
+
|
45
|
+
private
|
46
|
+
|
47
|
+
def validate
|
48
|
+
if !VALID_TYPES.include?(@db_instance_class)
|
49
|
+
raise Exception.new("invalid type '#{@db_instance_class}' - supported classes are #{@VALID_TYPES.inspect}")
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'cf_factory/base/cf_base'
|
2
|
+
require 'cf_factory/base/cf_helper'
|
3
|
+
|
4
|
+
class CfRdsSecurityGroup
|
5
|
+
include CfBase
|
6
|
+
|
7
|
+
def initialize(name, description, vpc = nil)
|
8
|
+
@name = name
|
9
|
+
@description = description
|
10
|
+
@vpc = vpc
|
11
|
+
@rules = []
|
12
|
+
end
|
13
|
+
|
14
|
+
def get_cf_type
|
15
|
+
"AWS::RDS::DBSecurityGroup"
|
16
|
+
end
|
17
|
+
|
18
|
+
def get_cf_attributes
|
19
|
+
{}
|
20
|
+
end
|
21
|
+
|
22
|
+
def get_cf_properties
|
23
|
+
rules_array = CfHelper.generate_inner_array(@rules)
|
24
|
+
result = {"GroupDescription" => @description, "DBSecurityGroupIngress" => rules_array}
|
25
|
+
result["EC2VpcId"] = @vpc.generate_ref unless @vpc.nil?
|
26
|
+
result
|
27
|
+
end
|
28
|
+
|
29
|
+
def add_rule(ingress_rule)
|
30
|
+
@rules << ingress_rule
|
31
|
+
end
|
32
|
+
|
33
|
+
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
require 'cf_factory/base/cf_inner'
|
2
|
+
|
3
|
+
class CfRdsSecurityGroupIngress
|
4
|
+
include CfInner
|
5
|
+
|
6
|
+
def initialize(cidr = nil, ec2_sec_group = nil, ec2_sec_group_owner_id = nil)
|
7
|
+
@cidr = cidr
|
8
|
+
@ec2_sec_group = ec2_sec_group
|
9
|
+
@ec2_sec_group_owner_id = ec2_sec_group_owner_id
|
10
|
+
@use_sg_id = true
|
11
|
+
end
|
12
|
+
|
13
|
+
def set_use_sg_id(flag)
|
14
|
+
@use_sg_id = flag
|
15
|
+
end
|
16
|
+
|
17
|
+
def get_cf_attributes
|
18
|
+
result = {}
|
19
|
+
result["CIDRIP"] = @cidr unless @cidr.nil?
|
20
|
+
if @use_sg_id
|
21
|
+
result["EC2SecurityGroupId"] = @ec2_sec_group.generate_ref unless @ec2_sec_group.nil?
|
22
|
+
else
|
23
|
+
result["EC2SecurityGroupName"] = @ec2_sec_group.generate_ref unless @ec2_sec_group.nil?
|
24
|
+
end
|
25
|
+
result["EC2SecurityGroupOwnerId"] = @ec2_sec_group_owner_id unless @ec2_sec_group_owner_id.nil?
|
26
|
+
result
|
27
|
+
end
|
28
|
+
|
29
|
+
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
require 'cf_factory/base/cf_base'
|
2
|
+
|
3
|
+
class CfRdsSubnetGroup
|
4
|
+
include CfBase
|
5
|
+
|
6
|
+
def initialize(name, description)
|
7
|
+
@name = name
|
8
|
+
@description = description
|
9
|
+
@subnets = []
|
10
|
+
end
|
11
|
+
|
12
|
+
def get_cf_type
|
13
|
+
"AWS::RDS::DBSubnetGroup"
|
14
|
+
end
|
15
|
+
|
16
|
+
def get_cf_attributes
|
17
|
+
{}
|
18
|
+
end
|
19
|
+
|
20
|
+
def get_cf_properties
|
21
|
+
subnet_array = @subnets.collect() {|s| s.generate_ref}.join(",")
|
22
|
+
{"DBSubnetGroupDescription" => @description, "SubnetIds" => "[#{subnet_array}]"}
|
23
|
+
end
|
24
|
+
|
25
|
+
def add_subnet(subnet)
|
26
|
+
@subnets << subnet
|
27
|
+
end
|
28
|
+
|
29
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'cf_factory/base/cf_inner'
|
2
|
+
|
3
|
+
class CfElbAliasTarget
|
4
|
+
include CfInner
|
5
|
+
|
6
|
+
def additional_indent
|
7
|
+
2
|
8
|
+
end
|
9
|
+
|
10
|
+
def initialize(elb)
|
11
|
+
@elb = elb
|
12
|
+
end
|
13
|
+
|
14
|
+
def get_cf_attributes
|
15
|
+
result = {}
|
16
|
+
result["HostedZoneId"] = @elb.retrieve_attribute("CanonicalHostedZoneNameID")
|
17
|
+
result["DNSName"] = @elb.retrieve_attribute("CanonicalHostedZoneName")
|
18
|
+
result
|
19
|
+
end
|
20
|
+
|
21
|
+
end
|