chef-provisioning-aws 1.3.1 → 1.4.0

data/lib/chef/provisioning/aws_driver/tagging_strategy/ec2.rb

@@ -0,0 +1,64 @@
+require 'chef/provisioning/aws_driver/aws_tagger'
+
+module Chef::Provisioning::AWSDriver::TaggingStrategy
+  module EC2ConvergeTags
+    def aws_tagger
+      @aws_tagger ||= begin
+        ec2_strategy = Chef::Provisioning::AWSDriver::TaggingStrategy::EC2.new(
+          new_resource.driver.ec2_client,
+          new_resource.aws_object_id,
+          new_resource.aws_tags
+        )
+        Chef::Provisioning::AWSDriver::AWSTagger.new(ec2_strategy, action_handler)
+      end
+    end
+    def converge_tags
+      aws_tagger.converge_tags
+    end
+  end
+end
+
+module Chef::Provisioning::AWSDriver::TaggingStrategy
+class EC2
+
+  attr_reader :ec2_client, :aws_object_id, :desired_tags
+
+  def initialize(ec2_client, aws_object_id, desired_tags)
+    @ec2_client = ec2_client
+    @aws_object_id = aws_object_id
+    @desired_tags = desired_tags
+  end
+
+  def current_tags
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Client.html#describe_tags-instance_method
+    resp = ec2_client.describe_tags({
+      filters: [
+        {
+          name: "resource-id",
+          values: [aws_object_id]
+        }
+      ]
+    })
+    Hash[resp.tags.map {|t| [t.key, t.value]}]
+  end
+
+  def set_tags(tags)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Client.html#create_tags-instance_method
+    # "The value parameter is required, but if you don't want the tag to have a value, specify
+    #   the parameter with no value, and we set the value to an empty string."
+    ec2_client.create_tags({
+      resources: [aws_object_id],
+      tags: tags.map {|k,v| {key: k, value: v} }
+    })
+  end
+
+  def delete_tags(tag_keys)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Client.html#delete_tags-instance_method
+    ec2_client.delete_tags({
+      resources: [aws_object_id],
+      tags: tag_keys.map {|k| {key: k} }
+    })
+  end
+
+end
+end

data/lib/chef/provisioning/aws_driver/tagging_strategy/elb.rb

@@ -0,0 +1,39 @@
+require 'chef/provisioning/aws_driver/aws_tagger'
+
+module Chef::Provisioning::AWSDriver::TaggingStrategy
+class ELB
+
+  attr_reader :elb_client, :access_point_name, :desired_tags
+
+  def initialize(elb_client, access_point_name, desired_tags)
+    @elb_client = elb_client
+    @access_point_name = access_point_name
+    @desired_tags = desired_tags
+  end
+
+  def current_tags
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/ElasticLoadBalancing/Client.html#describe_tags-instance_method
+    resp = elb_client.describe_tags({
+      load_balancer_names: [access_point_name]
+    })
+    Hash[resp.tag_descriptions[0].tags.map {|t| [t.key, t.value]}]
+  end
+
+  def set_tags(tags)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/ElasticLoadBalancing/Client.html#add_tags-instance_method
+    elb_client.add_tags({
+      load_balancer_names: [access_point_name],
+      tags: tags.map {|k,v| {key: k, value: v} }
+    })
+  end
+
+  def delete_tags(tag_keys)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/ElasticLoadBalancing/Client.html#remove_tags-instance_method
+    elb_client.remove_tags({
+      load_balancer_names: [access_point_name],
+      tags: tag_keys.map {|k| {key: k} }
+    })
+  end
+
+end
+end

data/lib/chef/provisioning/aws_driver/tagging_strategy/rds.rb

@@ -0,0 +1,92 @@
+require 'chef/provisioning/aws_driver/aws_tagger'
+
+####################
+# NOTE FROM http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html
+# "Note that tags are cached for authorization purposes. Because of this, additions
+#  and updates to tags on Amazon RDS resources may take several minutes before they
+#  are available."
+####################
+
+module Chef::Provisioning::AWSDriver::TaggingStrategy
+  module RDSConvergeTags
+    def aws_tagger
+      @aws_tagger ||= begin
+        rds_strategy = Chef::Provisioning::AWSDriver::TaggingStrategy::RDS.new(
+          new_resource.driver.rds.client,
+          construct_arn(new_resource),
+          new_resource.aws_tags
+        )
+        Chef::Provisioning::AWSDriver::AWSTagger.new(rds_strategy, action_handler)
+      end
+    end
+    def converge_tags
+      aws_tagger.converge_tags
+    end
+
+    # http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN
+    def construct_arn(new_resource)
+      @arn ||= begin
+        region = new_resource.driver.aws_config.region
+        name = new_resource.name
+        rds_type = new_resource.rds_tagging_type
+        # Taken from example on https://forums.aws.amazon.com/thread.jspa?threadID=108012
+        account_id = begin
+          u = new_resource.driver.iam.client.get_user
+          # We've got an AWS account root credential or an IAM admin with access rights
+          u[:user][:arn].match('^arn:aws:iam::([0-9]{12}):.*$')[1]
+        rescue AWS::IAM::Errors::AccessDenied => e
+          # We've got an AWS IAM Credential
+          e.to_s.match('^User: arn:aws:iam::([0-9]{12}):.*$')[1]
+        end
+        # arn:aws:rds:<region>:<account number>:<resourcetype>:<name>
+        "arn:aws:rds:#{region}:#{account_id}:#{rds_type}:#{name}"
+      end
+    end
+  end
+end
+
+module Chef::Provisioning::AWSDriver::TaggingStrategy
+class RDS
+
+  attr_reader :rds_client, :rds_object_arn, :desired_tags
+
+  def initialize(rds_client, rds_object_arn, desired_tags)
+    @rds_client = rds_client
+    @rds_object_arn = rds_object_arn
+    @desired_tags = desired_tags
+  end
+
+  def current_tags
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/RDS/Client.html#list_tags_for_resource-instance_method
+    resp = rds_client.list_tags_for_resource({
+      resource_name: rds_object_arn
+    })
+    Hash[resp.tag_list.map {|t| [t.key, t.value]}]
+  end
+
+  def set_tags(tags)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/RDS/Client.html#add_tags_to_resource-instance_method
+    # Unlike EC2, RDS tags can have a nil value
+    tags = tags.map {|k,v|
+      if v.nil?
+        {key: k}
+      else
+        {key: k, value: v}
+      end
+    }
+    rds_client.add_tags_to_resource({
+      resource_name: rds_object_arn,
+      tags: tags
+    })
+  end
+
+  def delete_tags(tag_keys)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/RDS/Client.html#remove_tags_from_resource-instance_method
+    rds_client.remove_tags_from_resource({
+      resource_name: rds_object_arn,
+      tag_keys: tag_keys
+    })
+  end
+
+end
+end

data/lib/chef/provisioning/aws_driver/tagging_strategy/s3.rb

@@ -0,0 +1,41 @@
+require 'chef/provisioning/aws_driver/aws_tagger'
+module Chef::Provisioning::AWSDriver::TaggingStrategy
+class S3
+
+  attr_reader :s3_client, :bucket_name, :desired_tags
+
+  def initialize(s3_client, bucket_name, desired_tags)
+    @s3_client = s3_client
+    @bucket_name = bucket_name
+    @desired_tags = desired_tags
+  end
+
+  def current_tags
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/S3/Client.html#get_bucket_tagging-instance_method
+    resp = s3_client.get_bucket_tagging({
+      bucket: bucket_name
+    })
+    Hash[resp.tag_set.map {|t| [t.key, t.value]}]
+  rescue Aws::S3::Errors::NoSuchTagSet => e
+    # Instead of returning nil or empty, AWS raises an error :)
+    {}
+  end
+
+  def set_tags(tags)
+    # http://docs.aws.amazon.com/sdkforruby/api/Aws/S3/Client.html#put_bucket_tagging-instance_method
+    s3_client.put_bucket_tagging({
+      bucket: bucket_name,
+      tagging: {
+        tag_set: tags.map {|k,v| {key: k, value: v} }
+      }
+    })
+  end
+
+  def delete_tags(tag_keys)
+    # S3 doesn't have a client action for deleting individual tags, just ALL tags.  But the
+    # put_bucket_tagging method will set the tags to what is provided so we don't need to
+    # worry about this
+  end
+
+end
+end

data/lib/chef/provisioning/aws_driver/version.rb

@@ -1,7 +1,7 @@
 class Chef
 module Provisioning
 module AWSDriver
-  VERSION = '1.3.1'
+  VERSION = '1.4.0'
 end
 end
 end

data/lib/chef/resource/aws_cache_cluster.rb

@@ -13,7 +13,6 @@ class Chef::Resource::AwsCacheCluster < Chef::Provisioning::AWSDriver::AWSResour
   # straight through to AWS, with the exception of security_groups, which
   # may contain a reference to a Chef aws_security_group resource.
 
-
   # Cluster Name
   #
   # @param :cluster_name [String] unique name for a cluster
@@ -54,7 +53,7 @@ class Chef::Resource::AwsCacheCluster < Chef::Provisioning::AWSDriver::AWSResour
 
   # Engine Version
   #
-  # @param :engine_version [String] The version number of the cache engine to be used for this cache cluster. 
+  # @param :engine_version [String] The version number of the cache engine to be used for this cache cluster.
   attribute :engine_version, kind_of: String, required: true
 
   # Subnet Group Name

data/lib/chef/resource/aws_cloudsearch_domain.rb

@@ -0,0 +1,46 @@
+require 'chef/provisioning/aws_driver/aws_resource'
+
+module AWS
+  class CloudSearch
+    class Domain
+      # The version of the AWS sdk we are using doesn't have a model
+      # object for CloudSearch Domains. This empty class is here to
+      # make the reset of chef-provisioning happy.
+    end
+  end
+end
+
+class Chef::Resource::AwsCloudsearchDomain < Chef::Provisioning::AWSDriver::AWSResource
+  aws_sdk_type ::AWS::CloudSearch::Domain
+  attribute :name, kind_of: String, name_attribute: true
+  attribute :cloudsearch_api_version, equal_to: ["20130101", "20110201"], default: "20130101"
+
+  # Availability Options
+  attribute :multi_az, kind_of: [TrueClass, FalseClass], default: false
+
+  # Scaling Parameters
+  attribute :instance_type, equal_to: ["search.m1.small", "search.m3.medium",
+                                       "search.m3.large", "search.m3.xlarge",
+                                       "search.m3.2xlarge"]
+  attribute :partition_count, kind_of: Integer
+  attribute :replication_count, kind_of: Integer
+
+  # Service Access Policies
+  # TODO(ssd): We need to decide how we want to model access policies
+  # For now we just allow the user to shove the policy in via a string.
+  attribute :access_policies, kind_of: String
+
+
+  # Indexing Options
+  # TODO(ssd): Like Access Polcies, we should decide
+  # whether we want a DSL for defining index fields, or just allow the
+  # user to pass in an array properly formated hash.
+  attribute :index_fields, kind_of: Array
+
+  # None of the cloudsearch objects actually have instance-specific
+  # objects in the version of the AWS API we are using.  This will
+  # return a hash with some relevant information about the domain.
+  def aws_object
+    driver.cloudsearch.describe_domains(domain_names: [name])[:domain_status_list].find {|d| !d[:deleted] }
+  end
+end

data/lib/chef/resource/aws_dhcp_options.rb

@@ -11,6 +11,8 @@ require 'chef/provisioning/aws_driver/aws_resource_with_entry'
 # - http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_DHCP_Options.html
 #
 class Chef::Resource::AwsDhcpOptions < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
   aws_sdk_type AWS::EC2::DHCPOptions
 
   #

data/lib/chef/resource/aws_ebs_volume.rb

@@ -2,11 +2,13 @@ require 'chef/provisioning/aws_driver/aws_resource_with_entry'
 require 'chef/resource/aws_instance'
 
 class Chef::Resource::AwsEbsVolume < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
   aws_sdk_type AWS::EC2::Volume, backcompat_data_bag_name: 'ebs_volumes'
 
   attribute :name,    kind_of: String, name_attribute: true
 
-  attribute :machine,           kind_of: [ String, FalseClass, AwsInstance, AWS::EC2::Instance ]
+  attribute :machine,           kind_of: [ String, FalseClass, AwsInstance, AWS::EC2::Instance, ::Aws::EC2::Instance ]
 
   attribute :availability_zone, kind_of: String, default: 'a'
   attribute :size,              kind_of: Integer, default: 8

data/lib/chef/resource/aws_eip_address.rb

@@ -6,9 +6,6 @@ class Chef::Resource::AwsEipAddress < Chef::Provisioning::AWSDriver::AWSResource
 
   attribute :name, kind_of: String, name_attribute: true
 
-  # guh - every other AWSResourceWithEntry accepts tags EXCEPT this one
-  undef_method(:aws_tags)
-
   # TODO network interface
   attribute :machine,          kind_of: [String, FalseClass]
   attribute :associate_to_vpc, kind_of: [TrueClass, FalseClass]

data/lib/chef/resource/aws_image.rb

@@ -1,6 +1,9 @@
 require 'chef/provisioning/aws_driver/aws_resource_with_entry'
+require 'chef/provisioning/aws_driver/aws_taggable'
 
 class Chef::Resource::AwsImage < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
   aws_sdk_type AWS::EC2::Image,
                managed_entry_type:    :machine_image,
                managed_entry_id_name: 'image_id'

data/lib/chef/resource/aws_instance.rb

@@ -1,7 +1,12 @@
 require 'chef/provisioning/aws_driver/aws_resource_with_entry'
+require 'chef/provisioning/aws_driver/aws_taggable'
 
 class Chef::Resource::AwsInstance < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
-  aws_sdk_type AWS::EC2::Instance,
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
+  # The require needs to be inside this class otherwise it gets loaded before the rest of the SDK
+  # and starts causing issues - AWS expects to load all this stuff itself
+  aws_sdk_type ::Aws::EC2::Instance,
     managed_entry_type: :machine,
     managed_entry_id_name: 'instance_id'
 
@@ -13,7 +18,7 @@ class Chef::Resource::AwsInstance < Chef::Provisioning::AWSDriver::AWSResourceWi
 
   def aws_object
     driver, id = get_driver_and_id
-    result = driver.ec2.instances[id] if id
+    result = driver.ec2_resource.instance(id) if id
     result && result.exists? ? result : nil
   end
 end

data/lib/chef/resource/aws_internet_gateway.rb

@@ -1,6 +1,8 @@
 require 'chef/provisioning/aws_driver/aws_resource'
 
 class Chef::Resource::AwsInternetGateway < Chef::Provisioning::AWSDriver::AWSResource
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
   aws_sdk_type AWS::EC2::InternetGateway, load_provider: false, id: :id
 
   attribute :name, kind_of: String, name_attribute: true

data/lib/chef/resource/aws_load_balancer.rb

@@ -1,6 +1,9 @@
 require 'chef/provisioning/aws_driver/aws_resource'
+require 'chef/provisioning/aws_driver/aws_taggable'
 
 class Chef::Resource::AwsLoadBalancer < Chef::Provisioning::AWSDriver::AWSResource
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
   aws_sdk_type AWS::ELB::LoadBalancer
 
   attribute :name, kind_of: String,  name_attribute: true

data/lib/chef/resource/aws_network_acl.rb

@@ -3,6 +3,8 @@ require 'chef/resource/aws_vpc'
 require 'chef/resource/aws_subnet'
 
 class Chef::Resource::AwsNetworkAcl < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
   aws_sdk_type AWS::EC2::NetworkACL
 
   #

data/lib/chef/resource/aws_network_interface.rb

@@ -3,6 +3,8 @@ require 'chef/resource/aws_subnet'
 require 'chef/resource/aws_eip_address'
 
 class Chef::Resource::AwsNetworkInterface < Chef::Provisioning::AWSDriver::AWSResourceWithEntry
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
   aws_sdk_type AWS::EC2::NetworkInterface
 
   attribute :name,                   kind_of: String, name_attribute: true
@@ -19,7 +21,7 @@ class Chef::Resource::AwsNetworkInterface < Chef::Provisioning::AWSDriver::AWSRe
 
   attribute :security_groups,        kind_of: Array #(Array<SecurityGroup>, Array<String>)
 
-  attribute :machine,                kind_of: [ String, FalseClass, AwsInstance, AWS::EC2::Instance ]
+  attribute :machine,                kind_of: [ String, FalseClass, AwsInstance, AWS::EC2::Instance, ::Aws::EC2::Instance ]
 
   attribute :device_index,           kind_of: Integer
 

data/lib/chef/resource/aws_rds_instance.rb

@@ -0,0 +1,42 @@
+require 'chef/provisioning/aws_driver/aws_rds_resource'
+require 'chef/provisioning/aws_driver/aws_taggable'
+
+class Chef::Resource::AwsRdsInstance < Chef::Provisioning::AWSDriver::AWSRDSResource
+  include Chef::Provisioning::AWSDriver::AWSTaggable
+
+  aws_sdk_type AWS::RDS::DBInstance, id: :db_instance_identifier
+
+  attribute :db_instance_identifier, kind_of: String, name_attribute: true
+
+  attribute :engine, kind_of: String
+  attribute :engine_version, kind_of: String
+  attribute :db_instance_class, kind_of: String
+  attribute :multi_az, default: false, kind_of: [TrueClass, FalseClass]
+  attribute :allocated_storage, kind_of: Integer
+  attribute :iops, kind_of: Integer
+  attribute :publicly_accessible, kind_of: [TrueClass, FalseClass], default: false
+  attribute :master_username, kind_of: String
+  attribute :master_user_password, kind_of: String
+  attribute :db_name, kind_of: String
+  attribute :port, kind_of: Integer
+  # We cannot pass the resource or an AWS object because there is no AWS model
+  # and that causes lookup_options to fail
+  attribute :db_subnet_group_name, kind_of: String
+
+  # RDS has a ton of options, allow users to set any of them via a
+  # custom Hash
+  attribute :additional_options, kind_of: Hash, default: {}
+
+  def aws_object
+    res = driver.rds.instances[name]
+    if res.exists? && ! ['deleted', 'deleting'].include?(res.status)
+      res
+    else
+      nil
+    end
+  end
+
+  def rds_tagging_type
+    "db"
+  end
+end