chef-provisioning-aws 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/Rakefile +2 -0
  3. data/lib/chef/provider/aws_auto_scaling_group.rb +30 -41
  4. data/lib/chef/provider/aws_dhcp_options.rb +70 -0
  5. data/lib/chef/provider/aws_ebs_volume.rb +182 -34
  6. data/lib/chef/provider/aws_eip_address.rb +63 -60
  7. data/lib/chef/provider/aws_key_pair.rb +18 -27
  8. data/lib/chef/provider/aws_launch_configuration.rb +50 -0
  9. data/lib/chef/provider/aws_route_table.rb +122 -0
  10. data/lib/chef/provider/aws_s3_bucket.rb +42 -49
  11. data/lib/chef/provider/aws_security_group.rb +252 -59
  12. data/lib/chef/provider/aws_sns_topic.rb +10 -26
  13. data/lib/chef/provider/aws_sqs_queue.rb +16 -38
  14. data/lib/chef/provider/aws_subnet.rb +85 -32
  15. data/lib/chef/provider/aws_vpc.rb +163 -23
  16. data/lib/chef/provisioning/aws_driver.rb +18 -1
  17. data/lib/chef/provisioning/aws_driver/aws_provider.rb +206 -0
  18. data/lib/chef/provisioning/aws_driver/aws_resource.rb +186 -0
  19. data/lib/chef/provisioning/aws_driver/aws_resource_with_entry.rb +114 -0
  20. data/lib/chef/provisioning/aws_driver/driver.rb +317 -255
  21. data/lib/chef/provisioning/aws_driver/resources.rb +8 -5
  22. data/lib/chef/provisioning/aws_driver/super_lwrp.rb +45 -0
  23. data/lib/chef/provisioning/aws_driver/version.rb +1 -1
  24. data/lib/chef/resource/aws_auto_scaling_group.rb +15 -13
  25. data/lib/chef/resource/aws_dhcp_options.rb +57 -0
  26. data/lib/chef/resource/aws_ebs_volume.rb +20 -22
  27. data/lib/chef/resource/aws_eip_address.rb +50 -25
  28. data/lib/chef/resource/aws_image.rb +20 -0
  29. data/lib/chef/resource/aws_instance.rb +20 -0
  30. data/lib/chef/resource/aws_internet_gateway.rb +16 -0
  31. data/lib/chef/resource/aws_key_pair.rb +6 -10
  32. data/lib/chef/resource/aws_launch_configuration.rb +15 -0
  33. data/lib/chef/resource/aws_load_balancer.rb +16 -0
  34. data/lib/chef/resource/aws_network_interface.rb +16 -0
  35. data/lib/chef/resource/aws_route_table.rb +76 -0
  36. data/lib/chef/resource/aws_s3_bucket.rb +8 -18
  37. data/lib/chef/resource/aws_security_group.rb +49 -19
  38. data/lib/chef/resource/aws_sns_topic.rb +14 -15
  39. data/lib/chef/resource/aws_sqs_queue.rb +16 -14
  40. data/lib/chef/resource/aws_subnet.rb +87 -17
  41. data/lib/chef/resource/aws_vpc.rb +137 -15
  42. data/spec/integration/aws_security_group_spec.rb +55 -0
  43. data/spec/spec_helper.rb +8 -2
  44. data/spec/support/aws_support.rb +211 -0
  45. metadata +33 -10
  46. data/lib/chef/provider/aws_launch_config.rb +0 -43
  47. data/lib/chef/provider/aws_provider.rb +0 -22
  48. data/lib/chef/provisioning/aws_driver/aws_profile.rb +0 -73
  49. data/lib/chef/resource/aws_launch_config.rb +0 -14
  50. data/lib/chef/resource/aws_resource.rb +0 -10
  51. data/spec/chef_zero_rspec_helper.rb +0 -8
  52. data/spec/unit/provider/aws_subnet_spec.rb +0 -67
  53. data/spec/unit/resource/aws_subnet_spec.rb +0 -23
@@ -1,25 +1,15 @@
1
- require 'chef/resource/aws_resource'
2
- require 'chef/provisioning/aws_driver'
1
+ require 'chef/provisioning/aws_driver/aws_resource'
3
2
 
4
- class Chef::Resource::AwsS3Bucket < Chef::Resource::AwsResource
5
- self.resource_name = 'aws_s3_bucket'
6
- self.databag_name = 's3_buckets'
7
-
8
- actions :create, :delete, :nothing
9
- default_action :create
3
+ class Chef::Resource::AwsS3Bucket < Chef::Provisioning::AWSDriver::AWSResource
4
+ aws_sdk_type AWS::S3::Bucket, id: :name
10
5
 
11
6
  attribute :name, :kind_of => String, :name_attribute => true
12
- attribute :bucket_name, :kind_of => String
7
+ attribute :options, :kind_of => Hash, :default => {}
13
8
  attribute :enable_website_hosting, :kind_of => [TrueClass, FalseClass], :default => false
14
- attribute :website_options, :kind_of => Hash
15
-
16
- stored_attribute :endpoint
17
-
18
- def initialize(*args)
19
- super
20
- end
9
+ attribute :website_options, :kind_of => Hash, :default => {}
21
10
 
22
- def after_created
23
- super
11
+ def aws_object
12
+ result = driver.s3.buckets[name]
13
+ result && result.exists? ? result : nil
24
14
  end
25
15
  end
@@ -1,26 +1,56 @@
1
- require 'chef/resource/aws_resource'
2
- require 'chef/provisioning/aws_driver'
1
+ require 'chef/provisioning/aws_driver/aws_resource_with_entry'
2
+ require 'chef/resource/aws_vpc'
3
3
 
4
- class Chef::Resource::AwsSecurityGroup < Chef::Resource::AwsResource
5
- self.resource_name = 'aws_security_group'
6
- self.databag_name = 'aws_security_groups'
4
+ class Chef::Resource::AwsSecurityGroup < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
5
+ aws_sdk_type AWS::EC2::SecurityGroup
7
6
 
8
- actions :create, :delete, :nothing
9
- default_action :create
7
+ attribute :name, kind_of: String, name_attribute: true
8
+ attribute :vpc, kind_of: [ String, AwsVpc, AWS::EC2::VPC ]
9
+ attribute :description, kind_of: String
10
10
 
11
- attribute :name, :kind_of => String, :name_attribute => true
12
- attribute :vpc_id, :kind_of => String
13
- attribute :vpc_name, :kind_of => String
14
- attribute :inbound_rules
15
- attribute :outbound_rules
16
- stored_attribute :security_group_id
17
- stored_attribute :description
11
+ #
12
+ # Accepts rules in the format:
13
+ # [
14
+ # { port: 22, protocol: :tcp, sources: [<source>, <source>, ...] }
15
+ # ]
16
+ #
17
+ # Or:
18
+ # {
19
+ # <permitted_source> => <port>,
20
+ # ...
21
+ # }
22
+ #
23
+ # Where <port> is one of:
24
+ # - <port number/range>: the port number. e.g. `80`; or a port range: `1024..2048`
25
+ # - [ <port number/range>, <protocol> ] or [ <protocol>, <number> ], e.g. `[ 80, :http ]`
26
+ # - { port: <port number/range>, protocol: <protocol> }, e.g. { port: 80, protocol: :http }
27
+ #
28
+ # And <permitted_source> is one of:
29
+ # - <CIDR>: An IP or CIDR of IPs to talk to.
30
+ # - `inbound_rules '1.2.3.4' => 80`
31
+ # - `inbound_rules '1.2.3.4/24' => 80`
32
+ # - <Security Group>: A security group to authorize.
33
+ # - `inbound_rules 'mysecuritygroup'`
34
+ # - `inbound_rules { security_group: 'mysecuritygroup' }`
35
+ # - `inbound_rules 'sg-1234abcd' => 80`
36
+ # - `inbound_rules aws_security_group('mysecuritygroup') => 80`
37
+ # - `inbound_rules AWS.ec2.security_groups.first => 80`
38
+ # - <Load Balancer>: A load balancer to authorize.
39
+ # - `inbound_rules { load_balancer: 'myloadbalancer' } => 80`
40
+ # - `inbound_rules 'elb-1234abcd' => 80`
41
+ # - `inbound_rules load_balancer('myloadbalancer') => 80`
42
+ # - `inbound_rules AWS.ec2.security_groups.first => 80`
43
+ #
44
+ attribute :inbound_rules, kind_of: [ Array, Hash ]
45
+ attribute :outbound_rules, kind_of: [ Array, Hash ]
18
46
 
19
- def initialize(*args)
20
- super
21
- end
47
+ attribute :security_group_id, kind_of: String, aws_id_attribute: true, lazy_default: proc {
48
+ name =~ /^sg-[a-f0-9]{8}$/ ? name : nil
49
+ }
22
50
 
23
- def after_created
24
- super
51
+ def aws_object
52
+ driver, id = get_driver_and_id
53
+ result = driver.ec2.security_groups[id] if id
54
+ result && result.exists? ? result : nil
25
55
  end
26
56
  end
@@ -1,20 +1,19 @@
1
- require 'chef/resource/aws_resource'
2
- require 'chef/provisioning/aws_driver'
1
+ require 'chef/provisioning/aws_driver/aws_resource'
3
2
 
4
- class Chef::Resource::AwsSnsTopic < Chef::Resource::AwsResource
5
- self.resource_name = 'aws_sns_topic'
3
+ class Chef::Resource::AwsSnsTopic < Chef::Provisioning::AWSDriver::AWSResource
4
+ aws_sdk_type AWS::SNS::Topic
6
5
 
7
- actions :create, :delete, :nothing
8
- default_action :create
6
+ attribute :name, kind_of: String, name_attribute: true
7
+ attribute :arn, kind_of: String, lazy_default: proc { driver.build_arn(service: 'sns', resource: name) }
9
8
 
10
- attribute :name, :kind_of => String, :name_attribute => true
11
- attribute :topic_name, :kind_of => String
12
-
13
- def initialize(*args)
14
- super
15
- end
16
-
17
- def after_created
18
- super
9
+ def aws_object
10
+ result = driver.sns.topics[arn]
11
+ begin
12
+ # Test whether it exists or not by asking for a property
13
+ result.display_name
14
+ rescue AWS::SNS::Errors::NotFound
15
+ result = nil
16
+ end
17
+ result
19
18
  end
20
19
  end
@@ -1,21 +1,23 @@
1
- require 'chef/resource/aws_resource'
2
- require 'chef/provisioning/aws_driver'
1
+ require 'chef/provisioning/aws_driver/aws_resource'
3
2
 
4
- class Chef::Resource::AwsSqsQueue < Chef::Resource::AwsResource
5
- self.resource_name = 'aws_sqs_queue'
3
+ class Chef::Resource::AwsSqsQueue < Chef::Provisioning::AWSDriver::AWSResource
4
+ aws_sdk_type AWS::SQS::Queue
6
5
 
7
- actions :create, :delete, :nothing
8
- default_action :create
6
+ attribute :name, kind_of: String, name_attribute: true
7
+ attribute :options, kind_of: Hash
9
8
 
10
- attribute :name, :kind_of => String, :name_attribute => true
11
- attribute :queue_name, :kind_of => String
12
- stored_attribute :created_at
13
-
14
- def initialize(*args)
15
- super
9
+ def aws_object
10
+ begin
11
+ driver.sqs.queues.named(name)
12
+ rescue AWS::SQS::Errors::NonExistentQueue
13
+ nil
14
+ end
16
15
  end
17
16
 
18
- def after_created
19
- super
17
+ protected
18
+
19
+ def self.get_aws_object_id(value, **options)
20
+ aws_object = get_aws_object(value, **options)
21
+ aws_object.arn.split(':')[-1] if aws_object
20
22
  end
21
23
  end
@@ -1,25 +1,95 @@
1
- require 'chef/resource/aws_resource'
2
- require 'chef/provisioning/aws_driver'
1
+ require 'chef/provisioning/aws_driver/aws_resource_with_entry'
3
2
 
4
- class Chef::Resource::AwsSubnet < Chef::Resource::AwsResource
5
- self.resource_name = 'aws_subnet'
6
- self.databag_name = 'aws_subnet'
3
+ #
4
+ # An AWS subnet is a sub-section of a VPC, walled gardens within the walled garden;
5
+ # they share a space of IP addresses with other subnets in the VPC but can otherwise
6
+ # be walled off from each other.
7
+ #
8
+ # `name` is not guaranteed unique for an AWS account; therefore, Chef will
9
+ # store the subnet ID associated with this name in your Chef server in the
10
+ # data bag `data/aws_subnet/<name>`.
11
+ #
12
+ # API documentation for the AWS Ruby SDK for VPCs (and the object returned from `aws_object` can be found here:
13
+ #
14
+ # - http://docs.aws.amazon.com/AWSRubySDK/latest/AWS/EC2/Subnet.html
15
+ #
16
+ class Chef::Resource::AwsSubnet < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
17
+ aws_sdk_type AWS::EC2::Subnet
7
18
 
8
- actions :create, :delete, :nothing
9
- default_action :create
19
+ require 'chef/resource/aws_vpc'
20
+ require 'chef/resource/aws_route_table'
10
21
 
11
- attribute :name, :kind_of => String, :name_attribute => true
12
- attribute :cidr_block, :kind_of => String
13
- attribute :vpc, :kind_of => String
14
- attribute :availability_zone, :kind_of => String
22
+ #
23
+ # The name of this subnet.
24
+ #
25
+ attribute :name, kind_of: String, name_attribute: true
15
26
 
16
- stored_attribute :subnet_id
27
+ #
28
+ # The VPC of this subnet.
29
+ #
30
+ # May be one of:
31
+ # - The name of an `aws_vpc` Chef resource.
32
+ # - An actual `aws_vpc` resource.
33
+ # - An AWS `VPC` object.
34
+ #
35
+ attribute :vpc, kind_of: [ String, AwsVpc, AWS::EC2::VPC ]
17
36
 
18
- def initialize(*args)
19
- super
20
- end
37
+ #
38
+ # The CIDR block of IP addresses allocated to this subnet.
39
+ # Must be a subset of the IP addresses in the VPC, and must not overlap the
40
+ # IP addresses of any other subnet in the VPC.
41
+ #
42
+ # For example:
43
+ # - `'10.0.0.0/24'` gives you 256 addresses.
44
+ # - `'10.0.0.0/16'` gives you 65536 addresses.
45
+ #
46
+ # This defaults to taking all IP addresses in the VPC.
47
+ #
48
+ attribute :cidr_block, kind_of: String
49
+
50
+ #
51
+ # The availability zone of this subnet.
52
+ #
53
+ # e.g. us-east-1a or us-east-1b.
54
+ #
55
+ # By default, AWS will pick an AZ for a given subnet.
56
+ #
57
+ attribute :availability_zone, kind_of: String
58
+
59
+ #
60
+ # Whether to give public IP addresses to new instances in this subnet by default.
61
+ #
62
+ attribute :map_public_ip_on_launch, kind_of: [ TrueClass, FalseClass ]
63
+
64
+ #
65
+ # The route table to associate with this subnet.
66
+ #
67
+ # May be one of:
68
+ # - The name of an `aws_route_table` Chef resource.
69
+ # - An actual `aws_route_table` resource.
70
+ # - An AWS `route_table` object.
71
+ # - `:default_to_main`, which will detach any explicit route tables associated
72
+ # with the subnet, causing it to use the default (main) route table for the VPC.
73
+ #
74
+ # By default, an implicit association with the main route table is made (`:default_to_main`)
75
+ #
76
+ attribute :route_table#, kind_of: [ String, AwsRouteTable, AWS::EC2::RouteTable ], equal_to: [ :default_to_main ]
77
+
78
+ attribute :subnet_id, kind_of: String, aws_id_attribute: true, lazy_default: proc {
79
+ name =~ /^subnet-[a-f0-9]{8}$/ ? name : nil
80
+ }
21
81
 
22
- def after_created
23
- super
82
+ def aws_object
83
+ driver, id = get_driver_and_id
84
+ result = driver.ec2.subnets[id] if id
85
+ if result
86
+ begin
87
+ # Try to access it to see if it exists (no `exists?` method)
88
+ result.vpc_id
89
+ rescue AWS::EC2::Errors::InvalidSubnetID::NotFound
90
+ result = nil
91
+ end
92
+ end
93
+ result
24
94
  end
25
95
  end
@@ -1,23 +1,145 @@
1
- require 'chef/resource/aws_resource'
2
- require 'chef/provisioning/aws_driver'
1
+ require 'chef/provisioning/aws_driver/aws_resource_with_entry'
3
2
 
4
- class Chef::Resource::AwsVpc < Chef::Resource::AwsResource
5
- self.resource_name = 'aws_vpc'
6
- self.databag_name = 'aws_vpc'
3
+ #
4
+ # Represents an AWS VPC.
5
+ #
6
+ # This allows you to finely control network access and security for your
7
+ # instances, creating a "walled garden" which cannot be accessed by the Internet
8
+ # (or get out to it) without explicitly enabling it through subnets, route tables,
9
+ # internet gateways and NATs.
10
+ #
11
+ # VPCs and network security are closely related with the following other resources:
12
+ # - `aws_subnet`: sub-sections of a VPC that can be walled off from each other, which actually contain instances
13
+ # - `aws_security_group`: descriptions of instances--particularly, who can talk to them and who they can talk to.
14
+ # - `aws_route_table`: descriptions of where traffic should be routed when an instance in a subnet tries to talk to a particular IP.
15
+ #
16
+ # `name` is not guaranteed unique for an AWS account; therefore, Chef will
17
+ # store the VPC ID associated with this name in your Chef server in the
18
+ # data bag `data/aws_vpc/<name>`.
19
+ #
20
+ # General documentation on AWS VPCs can be found here:
21
+ #
22
+ # - http://aws.amazon.com/documentation/vpc/
23
+ #
24
+ # API documentation for the AWS Ruby SDK for VPCs (and the object returned from `aws_object` can be found here:
25
+ #
26
+ # - http://docs.aws.amazon.com/AWSRubySDK/latest/AWS/EC2/VPC.html
27
+ #
28
+ class Chef::Resource::AwsVpc < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
29
+ aws_sdk_type AWS::EC2::VPC
7
30
 
8
- actions :create, :delete, :nothing
9
- default_action :create
31
+ require 'chef/resource/aws_dhcp_options'
32
+ require 'chef/resource/aws_route_table'
10
33
 
11
- attribute :name, :kind_of => String, :name_attribute => true
12
- attribute :cidr_block, :kind_of => String
34
+ #
35
+ # The name of this VPC.
36
+ #
37
+ attribute :name, kind_of: String, name_attribute: true
13
38
 
14
- stored_attribute :vpc_id
39
+ #
40
+ # The CIDR block of IP addresses allocated to this VPC.
41
+ #
42
+ # For example:
43
+ # - `'10.0.0.0/24'` gives you 256 addresses.
44
+ # - `'10.0.0.0/16'` gives you 65536 addresses.
45
+ #
46
+ # This must be specified: there is no default, and it cannot be changed.
47
+ #
48
+ attribute :cidr_block, kind_of: String
15
49
 
16
- def initialize(*args)
17
- super
18
- end
50
+ #
51
+ # The instance tenancy of this VPC.
52
+ #
53
+ # - `:default` allows any tenancy
54
+ # - `:dedicated` forces all instances to be dedicated
55
+ #
56
+ # Defaults, not surprisingly, to `default`.
57
+ #
58
+ attribute :instance_tenancy, equal_to: [ :default, :dedicated ]
59
+
60
+ #
61
+ # Whether this VPC should have an Internet Gateway or not.
62
+ #
63
+ # - `true` will create an Internet Gateway and attach it to the VPC, if one is not attached currently.
64
+ # - `false` will delete or detache the Internet Gateway attached to the VPC, if any.
65
+ # It will delete if the tag "Owned": true is on the Internet Gateway; it will
66
+ # detach if not.
67
+ # - You may specify the AWS ID of an actual Internet Gateway
68
+ #
69
+ attribute :internet_gateway#, kind_of: [ String, AWS::EC2::InternetGateway ], equal_to: [ true, false, :detach ]
70
+
71
+ #
72
+ # The main route table.
73
+ #
74
+ # May be one of:
75
+ # - The name of an `aws_route_table` Chef resource.
76
+ # - An actual `aws_route_table` resource.
77
+ # - An AWS `route_table` object.
78
+ #
79
+ attribute :main_route_table, kind_of: [ String, AwsRouteTable, AWS::EC2::RouteTable ]
80
+
81
+ #
82
+ # The routes for the main route table.
83
+ #
84
+ # This is in the form of a Hash, like so:
85
+ #
86
+ # ```ruby
87
+ # main_routes '10.0.0.0/8' => 'internal_vpn',
88
+ # '0.0.0.0/0' => :internet_gateway
89
+ # ```
90
+ #
91
+ # The destination (the left side of the `=>`) is always a CIDR block.
92
+ # The target (the right side of the `=>`) can be one of several things:
93
+ # - { internet_gateway: <AWS Internet Gateway ID or object> }
94
+ # - { instance: <Chef machine name or resource, AWS Instance ID or object> }
95
+ # - { network_interface: <AWS Network Interface ID or object> }
96
+ # - <AWS Internet Gateway, Instance or Network Interface <ID or object)>
97
+ # - Chef machine name
98
+ # - Chef machine resource
99
+ #
100
+ attribute :main_routes, kind_of: Hash
101
+
102
+ #
103
+ # The DHCP options for this VPC.
104
+ #
105
+ attribute :dhcp_options, kind_of: [ AwsDhcpOptions, AWS::EC2::DHCPOptions, String ]
106
+
107
+ #
108
+ # Indicates whether the DNS resolution is supported for the VPC. If this
109
+ # attribute is false, the Amazon provided DNS service in the VPC that resolves
110
+ # public DNS hostnames to IP addresses is not enabled. If this attribute is
111
+ # true, queries to the Amazon provided DNS server at the 169.254.169.253 IP
112
+ # address, or the reserved IP address at the base of the VPC network range
113
+ # "plus two" will succeed.
114
+ #
115
+ # For more information, see Amazon DNS Server:
116
+ # - http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html#AmazonDNS
117
+ #
118
+ attribute :enable_dns_support, equal_to: [ true, false ]
119
+
120
+ #
121
+ # Indicates whether the instances launched in the VPC get DNS hostnames. If
122
+ # this attribute is true, instances in the VPC get DNS hostnames; otherwise,
123
+ # they do not. If you want your instances to get DNS hostnames, you must also
124
+ # set enable_dns_support to true.
125
+ #
126
+ attribute :enable_dns_hostnames, equal_to: [ true, false ]
127
+
128
+ #
129
+ # A list of tags to put on the VPC.
130
+ #
131
+ # The "Name" tag will always be set to the Chef name of the instance if you do
132
+ # not specify it.
133
+ #
134
+ attribute :tags, kind_of: Array
135
+
136
+ attribute :vpc_id, kind_of: String, aws_id_attribute: true, lazy_default: proc {
137
+ name =~ /^vpc-[a-f0-9]{8}$/ ? name : nil
138
+ }
19
139
 
20
- def after_created
21
- super
140
+ def aws_object
141
+ driver, id = get_driver_and_id
142
+ result = driver.ec2.vpcs[id] if id
143
+ result && result.exists? ? result : nil
22
144
  end
23
145
  end