chef-provisioning-aws 0.1.1 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3acb67df3a046b0298b40a390a7cacee7e700b51
-  data.tar.gz: 0e7d8231c5a682d1b25c6c8ca138abbec7422494
+  metadata.gz: 5d4c4e48ec76622cc159966e0862a69e92dcc794
+  data.tar.gz: 6db5dc3f481f314c3abc02d8389d773e84cd01b7
 SHA512:
-  metadata.gz: dca5eec228b058b87d02c7da2098806073c904e1369672f724a2dfd4ad5115b248241defe1aa5a8dd9c5b1d1b18340fbdabe9e4c66bff7a3f9099e8eae8e4729
-  data.tar.gz: 821c4ba12a4dedba7cdd7da366f277e2c32ab14215a9de36d30078dc9c1ea1eb9c3bb9619bec6aad11b27922fdf6d94566d89747dd55a1cc0347cb07257c488e
+  metadata.gz: 31a85827c948b002ccc16889f9e075f1689b05d26a38a24ce6bf871b94b609dcf828b7baf3f1cec46e4d0f270bd129fed9a1bf66fe0ad63fb4413c3ba41a712f
+  data.tar.gz: f7d87089964113885f12dcfe193af3dbc7fb39d0bbb955fd4da53bb30c682701c54d6b35a051f922300ecbd848dd1ac87e0b963509af212f1a8d8ef02469c801

data/README.md

@@ -10,3 +10,17 @@ development.
 
 This requires the latest from chef-provisioning's load_balancer branch for some 
 features like region support (until it gets merged into master, which should be soon)
+
+
+List of resources (these may not have 100% of SDK functionality mapped but can be provisioned): 
+
+* SQS Queues
+* SNS Topics
+* Elastic Load Balancers
+* VPCs
+* Security Groups
+* Instances
+* Images
+* Autoscaling Groups
+* SSH Key pairs
+* Launch configs

data/lib/chef/provider/aws_key_pair.rb

@@ -1,9 +1,10 @@
 require 'chef/provider/lwrp_base'
-require 'chef/provisioning/aws_driver/aws_driver'
+require 'chef/provisioning/aws_driver'
+require 'chef/provider/aws_provider'
 require 'aws-sdk-v1'
 
 
-class Chef::Provider::AwsKeyPair < Chef::Provider::LWRPBase
+class Chef::Provider::AwsKeyPair < Chef::Provider::AwsProvider
 
   use_inline_resources
 
@@ -17,7 +18,7 @@ class Chef::Provider::AwsKeyPair < Chef::Provider::LWRPBase
 
   action :delete do
     if current_resource_exists?
-      compute.key_pairs.delete(new_resource.name)
+      ec2.key_pairs[new_resource.name].delete
     end
   end
 
@@ -78,8 +79,8 @@ class Chef::Provider::AwsKeyPair < Chef::Provider::LWRPBase
       if !new_fingerprints.any? { |f| compare_public_key f }
         if new_resource.allow_overwrite
           converge_by "update #{key_description} to match local key at #{new_resource.private_key_path}" do
-            ec2.key.key_pairs.get(new_resource.name).destroy
-            compute.import_key_pair(new_resource.name, Cheffish::KeyFormatter.encode(desired_key, :format => :openssh))
+            ec2.key_pairs[new_resource.name].delete
+            ec2.key_pairs.import(new_resource.name, Cheffish::KeyFormatter.encode(desired_key, :format => :openssh))
           end
         else
           raise "#{key_description} with fingerprint #{@current_fingerprint} does not match local key fingerprint(s) #{new_fingerprints}, and allow_overwrite is false!"
@@ -91,7 +92,7 @@ class Chef::Provider::AwsKeyPair < Chef::Provider::LWRPBase
 
       # Create key
       converge_by "create #{key_description} from local key at #{new_resource.private_key_path}" do
-        compute.import_key_pair(new_resource.name, Cheffish::KeyFormatter.encode(desired_key, :format => :openssh))
+        ec2.key_pairs.import(new_resource.name, Cheffish::KeyFormatter.encode(desired_key, :format => :openssh))
       end
     end
   end
@@ -133,6 +134,14 @@ class Chef::Provider::AwsKeyPair < Chef::Provider::LWRPBase
     end
   end
 
+  def existing_keypair
+    @existing_keypair ||= begin
+      ec2.key_pairs[fqn]
+    rescue
+      nil
+    end
+  end
+
   def current_resource_exists?
     @current_resource.action != [ :delete ]
   end
@@ -143,10 +152,6 @@ class Chef::Provider::AwsKeyPair < Chef::Provider::LWRPBase
     c == n
   end
 
-  def compute
-    new_driver.compute
-  end
-
   def current_public_key
     current_resource.source_key
   end
@@ -170,7 +175,7 @@ class Chef::Provider::AwsKeyPair < Chef::Provider::LWRPBase
   def load_current_resource
     @current_resource = Chef::Resource::AwsKeyPair.new(new_resource.name, run_context)
 
-    current_key_pair = compute.key_pairs.get(new_resource.name)
+    current_key_pair = ec2.key_pairs[new_resource.name]
     if current_key_pair
       @current_fingerprint = current_key_pair ? current_key_pair.fingerprint : nil
     else

data/lib/chef/provider/aws_security_group.rb

@@ -0,0 +1,89 @@
+require 'chef/provider/aws_provider'
+require 'date'
+
+class Chef::Provider::AwsSecurityGroup < Chef::Provider::AwsProvider
+
+  action :create do
+    if existing_sg == nil
+      converge_by "Creating new SG #{new_resource.name} in #{new_resource.region_name}" do
+        opts = {
+            :description => new_resource.description,
+            :vpc => nil
+        }
+        # Use VPC ID if provided, otherwise lookup VPC by name
+        if new_resource.vpc_id
+          opts[:vpc] = new_resource.vpc_id
+        elsif new_resource.vpc_name
+          existing_vpc = ec2.vpcs.with_tag('Name', new_resource.vpc_name).first
+          Chef::Log.debug("Existing VPC: #{existing_vpc.inspect}")
+          if existing_vpc
+            opts[:vpc] = existing_vpc
+          end
+        end
+
+        sg = ec2.security_groups.create(new_resource.name, opts)
+        new_resource.security_group_id sg.group_id
+        new_resource.save
+      end
+    end
+
+    # Update rules
+    apply_rules(existing_sg)
+  end
+
+  action :delete do
+    if existing_vpc
+      converge_by "Deleting SG #{new_resource.name} in #{new_resource.region_name}" do
+        existing_sg.delete
+      end
+    end
+
+    new_resource.delete
+  end
+
+  # TODO check existing rules and compare / remove?
+  def apply_rules(security_group)
+    # Incoming
+    if new_resource.inbound_rules
+      new_resource.inbound_rules.each do |rule|
+        begin
+          converge_by "Updating SG #{new_resource.name} in #{new_resource.region_name} to allow inbound #{rule[:protocol]}/#{rule[:ports]} from #{rule[:sources]}" do
+            security_group.authorize_ingress(rule[:protocol], rule[:ports], *rule[:sources])
+          end
+        rescue AWS::EC2::Errors::InvalidPermission::Duplicate
+          Chef::Log.debug 'Duplicate rule, ignoring.'
+        end
+      end
+    end
+
+    # Outgoing
+    if new_resource.outbound_rules
+      new_resource.outbound_rules.each do |rule|
+        begin
+          converge_by "Updating SG #{new_resource.name} in #{new_resource.region_name} to allow outbound #{rule[:protocol]}/#{rule[:ports]} to #{rule[:destinations]}" do
+            security_group.authorize_egress( *rule[:destinations], :protocol => rule[:protocol], :ports => rule[:ports])
+          end
+        rescue AWS::EC2::Errors::InvalidPermission::Duplicate
+          Chef::Log.debug 'Duplicate rule, ignoring.'
+        end
+      end
+    end
+  end
+
+  def existing_sg
+    @existing_sg ||= begin
+      if id != nil
+        ec2.security_groups[id]
+      else
+        nil
+      end
+    rescue
+      nil
+    end
+  end
+
+  def id
+    new_resource.security_group_id
+  end
+
+end

data/lib/chef/provider/aws_sns_topic.rb

@@ -8,7 +8,7 @@ class Chef::Provider::AwsSnsTopic < Chef::Provider::AwsProvider
       converge_by "Creating new SNS topic #{fqn} in #{new_resource.region_name}" do
         sns.topics.create(fqn)
 
-        new_resource.created_at DataTime.now.to_s
+        new_resource.created_at DateTime.now.to_s
         new_resource.save
       end
     end

data/lib/chef/provider/aws_vpc.rb

@@ -0,0 +1,42 @@
+require 'chef/provider/aws_provider'
+require 'date'
+
+class Chef::Provider::AwsVpc < Chef::Provider::AwsProvider
+
+  action :create do
+    fail "Can't create a VPC without a CIDR block" if new_resource.cidr_block.nil?
+
+    if existing_vpc == nil
+      converge_by "Creating new VPC #{fqn} in #{new_resource.region_name}" do
+        opts = { :instance_tenancy => :default}
+        vpc = ec2.vpcs.create(new_resource.cidr_block, opts)
+        vpc.tags['Name'] = new_resource.name
+        new_resource.vpc_id vpc.id
+        new_resource.save
+      end
+    end
+  end
+
+  action :delete do
+    if existing_vpc
+      converge_by "Deleting VPC #{fqn} in #{new_resource.region_name}" do
+        existing_vpc.delete
+      end
+    end
+
+    new_resource.delete
+  end
+
+  def existing_vpc
+    @existing_vpc ||= begin
+      ec2.vpcs.with_tag('Name', new_resource.name).first
+    rescue
+      nil
+    end
+  end
+
+  def id
+    new_resource.vpc_id
+  end
+
+end

data/lib/chef/provisioning/aws_driver/driver.rb

@@ -8,6 +8,8 @@ require 'chef/provisioning/machine/windows_machine'
 require 'chef/provisioning/machine/unix_machine'
 require 'chef/provisioning/machine_spec'
 
+require 'chef/provider/aws_key_pair'
+require 'chef/resource/aws_key_pair'
 require 'chef/provisioning/aws_driver/version'
 require 'chef/provisioning/aws_driver/credentials'
 
@@ -50,79 +52,142 @@ module AWSDriver
 
 
     # Load balancer methods
-    def allocate_load_balancer(action_handler, lb_spec, lb_options)
-      existing_elb = load_balancer_for(lb_spec)
-      if !existing_elb.exists?
-        lb_spec.location = {
+    def allocate_load_balancer(action_handler, lb_spec, lb_options, machine_specs)
+      security_group_name = lb_options[:security_group_name] || 'default'
+      security_group_id = lb_options[:security_group_id]
+
+      # TODO confused: this variable doesn't appear to be used?
+#        default_sg = ec2.security_groups.filter('group-name', 'default')
+      security_group = if security_group_id.nil?
+                         ec2.security_groups.filter('group-name', security_group_name).first
+                       else
+                         ec2.security_groups[security_group_id]
+                       end
+      availability_zones = lb_options[:availability_zones]
+      listeners = lb_options[:listeners]
+
+      actual_elb = load_balancer_for(lb_spec)
+      if !actual_elb.exists?
+        perform_action = proc { |desc, &block| action_handler.perform_action(desc, &block) }
+
+        updates = [ "Create load balancer #{lb_spec.name} in #{@region}" ]
+        updates << "  enable availability zones #{availability_zones.join(', ')}" if availability_zones && availability_zones.size > 0
+        updates << "  with listeners #{listeners.join(', ')}" if listeners && listeners.size > 0
+        updates << "  with security group #{security_group.name}" if security_group
+
+        action_handler.perform_action updates do
+          actual_elb = elb.load_balancers.create(lb_spec.name,
+            availability_zones: availability_zones,
+            listeners:          listeners,
+            security_groups:    [security_group])
+
+          lb_spec.location = {
             'driver_url' => driver_url,
             'driver_version' => Chef::Provisioning::AWSDriver::VERSION,
             'allocated_at' => Time.now.utc.to_s,
-            'host_node' => action_handler.host_node,
-        }
-
-        security_group_name = lb_options[:security_group_name] || 'default'
-        security_group_id = lb_options[:security_group_id]
-
-        default_sg = ec2.security_groups.filter('group-name', 'default')
-        security_group = if security_group_id.nil?
-                           ec2.security_groups.filter('group-name', security_group_name).first
-                         else
-                           ec2.security_groups[security_group_id]
-                         end
-
-        availability_zones = lb_options[:availability_zones]
-        listeners = lb_options[:listeners]
-        elb.load_balancers.create(lb_spec.name,
-                :availability_zones => availability_zones,
-                :listeners => listeners,
-                :security_groups => [security_group])
-      end
-    end
-
-    def ready_load_balancer(action_handler, lb_spec, lb_options)
-    end
-
-    def destroy_load_balancer(action_handler, lb_spec, lb_options)
-    end
-
-    # TODO update listeners and zones, and other bits
-    def update_load_balancer(action_handler, lb_spec, lb_options, opts = {})
-      existing_elb = load_balancer_for(lb_spec)
-
-      # Try to recreate it if it doesn't exist in AWS
-      action_handler.report_progress "Checking for ELB named #{lb_spec.name}..."
-      allocate_load_balancer(action_handler, lb_spec, lb_options) unless existing_elb.exists?
-
-      # Try to find it again -- if we can't, consider it fatal
-      existing_elb = load_balancer_for(lb_spec)
-      fail "Unable to find specified ELB instance. Already tried to recreate it!" if !existing_elb.exists?
-
-      action_handler.report_progress "Updating ELB named #{lb_spec.name}..."
+          }
+        end
+      else
+        # Header gets printed the first time we make an update
+        perform_action = proc do |desc, &block|
+          perform_action = proc { |desc, &block| action_handler.perform_action(desc, &block) }
+          action_handler.perform_action [ "Update load balancer #{lb_spec.name} in #{@region}", desc ].flatten, &block
+        end
 
-      machines = opts[:machines]
-      existing_instance_ids = existing_elb.instances.collect { |i| i.instance_id }
+        # Update availability zones
+        enable_zones = (availability_zones || []).dup
+        disable_zones = []
+        actual_elb.availability_zones.each do |availability_zone|
+          if !enable_zones.delete(availability_zone.name)
+            disable_zones << availability_zone.name
+          end
+        end
+        if enable_zones.size > 0
+          perform_action.call("  enable availability zones #{enable_zones.join(', ')}") do
+            actual_elb.availability_zones.enable(*enable_zones)
+          end
+        end
+        if disable_zones.size > 0
+          perform_action.call("  disable availability zones #{disable_zones.join(', ')}") do
+            actual_elb.availability_zones.disable(*disable_zones)
+          end
+        end
 
-      new_instance_ids = machines.keys.collect do |machine_name|
-        machine_spec = machines[machine_name]
-        machine_spec.location['instance_id']
+        # Update listeners
+        perform_listener_action = proc do |desc, &block|
+          perform_listener_action = proc { |desc, &block| perform_action(desc, &block) }
+          perform_action([ "  update listener #{listener.port}", desc ], &block)
+        end
+        add_listeners = {}
+        listeners.each { |l| add_listeners[l[:port]] = l } if listeners
+        actual_elb.listeners.each do |listener|
+          desired_listener = add_listeners.delete(listener.port)
+          if desired_listener
+            if listener.protocol != desired_listener[:protocol]
+              perform_listener_action.call("    update protocol from #{listener.protocol.inspect} to #{desired_listener[:protocol].inspect}'") do
+                listener.protocol = desired_listener[:protocol]
+              end
+            end
+            if listener.instance_port != desired_listener[:instance_port]
+              perform_listener_action.call("    update instance port from #{listener.instance_port.inspect} to #{desired_listener[:instance_port].inspect}'") do
+                listener.instance_port = desired_listener[:instance_port]
+              end
+            end
+            if listener.instance_protocol != desired_listener[:instance_protocol]
+              perform_listener_action.call("    update instance protocol from #{listener.instance_protocol.inspect} to #{desired_listener[:instance_protocol].inspect}'") do
+                listener.instance_protocol = desired_listener[:instance_protocol]
+              end
+            end
+            if listener.server_certificate != desired_listener[:server_certificate]
+              perform_listener_action.call("    update server certificate from #{listener.server_certificate} to #{desired_listener[:server_certificate]}'") do
+                listener.server_certificate = desired_listener[:server_certificate]
+              end
+            end
+          else
+            perform_action.call("  remove listener #{listener.port}") do
+              listener.delete
+            end
+          end
+        end
+        add_listeners.each do |listener|
+          updates = [ "  add listener #{listener[:port]}" ]
+          updates << "    set protocol to #{listener[:protocol].inspect}"
+          updates << "    set instance port to #{listener[:instance_port].inspect}"
+          updates << "    set instance protocol to #{listener[:instance_protocol].inspect}"
+          updates << "    set server certificate to #{listener[:server_certificate]}" if listener[:server_certificate]
+          perform_action.call(updates) do
+            actual_elb.listeners.create(listener)
+          end
+        end
       end
 
-      instance_ids_to_add = new_instance_ids - existing_instance_ids
-      instance_ids_to_remove = existing_instance_ids - new_instance_ids
+      # Update instance list
+      actual_instance_ids = Set.new(actual_elb.instances.map { |i| i.instance_id })
+
+      instances_to_add = machine_specs.select { |s| !actual_instance_ids.include?(s.location['instance_id']) }
+      instance_ids_to_remove = actual_instance_ids - machine_specs.map { |s| s.location['instance_id'] }
 
-      if instance_ids_to_add && instance_ids_to_add.size > 0
-        action_handler.perform_action "Adding instances: #{instance_ids_to_add}" do
-          existing_elb.instances.add(instance_ids_to_add)
+      if instances_to_add.size > 0
+        perform_action.call("  add machines #{instances_to_add.map { |s| s.name }.join(', ')}") do
+          instance_ids_to_add = instances_to_add.map { |s| s.location['instance_id'] }
+          Chef::Log.debug("Adding instances #{instance_ids_to_add.join(', ')} to load balancer #{actual_elb.name} in region #{@region}")
+          actual_elb.instances.add(instance_ids_to_add)
         end
       end
 
-      if instance_ids_to_remove && instance_ids_to_remove.size > 0
-        action_handler.perform_action "Removing instances: #{instance_ids_to_remove}" do
-          existing_elb.instances.remove(instance_ids_to_remove)
+      if instance_ids_to_remove.size > 0
+        perform_action.call("  remove instances #{instance_ids_to_remove}") do
+          actual_elb.instances.remove(instance_ids_to_remove)
         end
       end
     end
 
+    def ready_load_balancer(action_handler, lb_spec, lb_options, machine_specs)
+    end
+
+    def destroy_load_balancer(action_handler, lb_spec, lb_options)
+    end
+
     # Image methods
     def allocate_image(action_handler, image_spec, image_options, machine_spec)
     end
@@ -135,26 +200,31 @@ module AWSDriver
 
     # Machine methods
     def allocate_machine(action_handler, machine_spec, machine_options)
-      existing_instance = instance_for(machine_spec)
-      if existing_instance == nil || !existing_instance.exists?
-
-        machine_spec.location = {
-            'driver_url' => driver_url,
-            'driver_version' => Chef::Provisioning::AWSDriver::VERSION,
-            'allocated_at' => Time.now.utc.to_s,
-            'host_node' => action_handler.host_node,
-            'image_id' => machine_options[:image_id]
-        }
-
+      actual_instance = instance_for(machine_spec)
+      if actual_instance == nil || !actual_instance.exists?
         image_id = machine_options[:image_id] || default_ami_for_region(@region)
-        action_handler.report_progress "Creating #{machine_spec.name} with AMI #{image_id} in #{@region}..."
         bootstrap_options = machine_options[:bootstrap_options] || {}
         bootstrap_options[:image_id] = image_id
+        if !bootstrap_options[:key_name]
+          Chef::Log.debug('No key specified, generating a default one...')
+          bootstrap_options[:key_name] = default_aws_keypair(action_handler, machine_spec)
+        end
         Chef::Log.debug "AWS Bootstrap options: #{bootstrap_options.inspect}"
-        instance = ec2.instances.create(bootstrap_options)
-        instance.tags['Name'] = machine_spec.name
-        machine_spec.location['instance_id'] = instance.id
-        action_handler.report_progress "Created #{instance.id} in #{@region}..."
+
+        action_handler.perform_action "Create #{machine_spec.name} with AMI #{image_id} in #{@region}" do
+          Chef::Log.debug "Creating instance with bootstrap options #{bootstrap_options}"
+          instance = ec2.instances.create(bootstrap_options)
+          # TODO add other tags identifying user / node url (same as fog)
+          instance.tags['Name'] = machine_spec.name
+          machine_spec.location = {
+              'driver_url' => driver_url,
+              'driver_version' => Chef::Provisioning::AWSDriver::VERSION,
+              'allocated_at' => Time.now.utc.to_s,
+              'host_node' => action_handler.host_node,
+              'image_id' => machine_options[:image_id],
+              'instance_id' => instance.id
+          }
+        end
       end
     end
 
@@ -166,11 +236,14 @@ module AWSDriver
       end
 
       if instance.status != :running
-        action_handler.report_progress "Starting #{machine_spec.name} (#{machine_spec.location['instance_id']}) in #{@region}..."
-        wait_until_ready(action_handler, machine_spec)
+        wait_until(action_handler, machine_spec, instance) { instance.status != :stopping }
+        if instance.status == :stopped
+          action_handler.perform_action "Start #{machine_spec.name} (#{machine_spec.location['instance_id']}) in #{@region} ..." do
+            instance.start
+          end
+        end
+        wait_until_ready(action_handler, machine_spec, instance)
         wait_for_transport(action_handler, machine_spec, machine_options)
-      else
-        action_handler.report_progress "#{machine_spec.name} (#{machine_spec.location['instance_id']}) already running in #{@region}..."
       end
 
       machine_for(machine_spec, machine_options, instance)
@@ -180,14 +253,24 @@ module AWSDriver
     def destroy_machine(action_handler, machine_spec, machine_options)
       instance = instance_for(machine_spec)
       if instance
-        instance.terminate
+        # TODO do we need to wait_until(action_handler, machine_spec, instance) { instance.status != :shutting_down } ?
+        action_handler.perform_action "Terminate #{machine_spec.name} (#{machine_spec.location['instance_id']}) in #{@region} ..." do
+          instance.terminate
+          machine_spec.location = nil
+        end
+      else
+        Chef::Log.warn "Unable to find and destroy instance for #{machine_spec.inspect}"
       end
-    end
 
+      strategy = convergence_strategy_for(machine_spec, machine_options)
+      strategy.cleanup_convergence(action_handler, machine_spec)
+    end
 
+    private
 
+    # For creating things like AWS keypairs exclusively
+    @@chef_default_lock = Mutex.new
 
-    private
     def machine_for(machine_spec, machine_options, instance = nil)
       instance ||= instance_for(machine_spec)
 
@@ -220,11 +303,11 @@ module AWSDriver
     def keypair_for(bootstrap_options)
       if bootstrap_options[:key_name]
         keypair_name = bootstrap_options[:key_name]
-        existing_key_pair = ec2.key_pairs[keypair_name]
-        if !existing_key_pair.exists?
+        actual_key_pair = ec2.key_pairs[keypair_name]
+        if !actual_key_pair.exists?
           ec2.key_pairs.create(keypair_name)
         end
-        existing_key_pair
+        actual_key_pair
       end
     end
 
@@ -375,15 +458,19 @@ module AWSDriver
       end
     end
 
-    def wait_until_ready(action_handler, machine_spec)
-      instance = instance_for(machine_spec)
+    def wait_until_ready(action_handler, machine_spec, instance=nil)
+      wait_until(action_handler, machine_spec, instance) { instance.status == :running }
+    end
+
+    def wait_until(action_handler, machine_spec, instance=nil, &block)
+      instance ||= instance_for(machine_spec)
       time_elapsed = 0
       sleep_time = 10
       max_wait_time = 120
-      unless instance.status == :running
+      if !yield(instance)
         if action_handler.should_perform_actions
           action_handler.report_progress "waiting for #{machine_spec.name} (#{instance.id} on #{driver_url}) to be ready ..."
-          while time_elapsed < 120 && instance.status != :running
+          while time_elapsed < 120 && !yield(instance)
             action_handler.report_progress "been waiting #{time_elapsed}/#{max_wait_time} -- sleeping #{sleep_time} seconds for #{machine_spec.name} (#{instance.id} on #{driver_url}) to be ready ..."
             sleep(sleep_time)
             time_elapsed += sleep_time
@@ -413,6 +500,36 @@ module AWSDriver
       end
     end
 
+    def default_aws_keypair_name(machine_spec)
+      if machine_spec.location &&
+          Gem::Version.new(machine_spec.location['driver_version']) < Gem::Version.new('0.10')
+        'metal_default'
+      else
+        'chef_default'
+      end
+    end
+
+    def default_aws_keypair(action_handler, machine_spec)
+      driver = self
+      default_key_name = default_aws_keypair_name(machine_spec)
+      _region = region
+      updated = @@chef_default_lock.synchronize do
+        Provisioning.inline_resource(action_handler) do
+          aws_key_pair default_key_name do
+            driver driver
+            allow_overwrite true
+            region_name _region
+          end
+        end
+      end
+
+      # Only warn the first time
+      default_warning = 'Using default key, which is not shared between machines!  It is recommended to create an AWS key pair with the fog_key_pair resource, and set :bootstrap_options => { :key_name => <key name> }'
+      Chef::Log.warn(default_warning) if updated
+
+      default_key_name
+    end
+
   end
 end
 end

data/lib/chef/provisioning/aws_driver/resources.rb

@@ -1,4 +1,4 @@
-resources = %w(sqs_queue sns_topic ebs_volume s3_bucket auto_scaling_group launch_config)
+resources = %w(sqs_queue sns_topic ebs_volume s3_bucket auto_scaling_group launch_config vpc security_group)
 
 resources.each do |r|
   Chef::Log.debug "AWS driver loading resource: #{r}"

data/lib/chef/provisioning/aws_driver/version.rb

@@ -1,7 +1,7 @@
 class Chef
 module Provisioning
 module AWSDriver
-  VERSION = '0.1.1'
+  VERSION = '0.1.2'
 end
 end
 end

data/lib/chef/resource/aws_ebs_mount.rb

@@ -0,0 +1,31 @@
+require 'chef/resource/aws_resource'
+require 'chef_metal_aws'
+
+class Chef::Resource::AwsEbsVolume < Chef::Resource::AwsResource
+  self.resource_name = 'aws_ebs_mount'
+  self.databag_name = 'ebs_mounts'
+
+  actions :create, :delete, :nothing
+  default_action :create
+
+  stored_attribute :instance_id
+  stored_attribute :volume_id
+
+  attribute :name, :kind_of => String, :name_attribute => true
+  attribute :volume_name, :kind_of => String
+
+  attribute :size
+  attribute :mount_point
+  attribute :availability_zone
+
+
+  def initialize(*args)
+    super
+  end
+
+  def after_created
+    super
+  end
+
+
+end

data/lib/chef/resource/aws_key_pair.rb

@@ -1,7 +1,8 @@
 require 'chef/provisioning'
+require 'chef/resource/aws_resource'
 
-class Chef::Resource::FogKeyPair < Chef::Resource::LWRPBase
-  self.resource_name = 'fog_key_pair'
+class Chef::Resource::AwsKeyPair < Chef::Resource::AwsResource
+  self.resource_name = 'aws_key_pair'
 
   def initialize(*args)
     super

data/lib/chef/resource/aws_security_group.rb

@@ -0,0 +1,26 @@
+require 'chef/resource/aws_resource'
+require 'chef/provisioning/aws_driver'
+
+class Chef::Resource::AwsSecurityGroup < Chef::Resource::AwsResource
+  self.resource_name = 'aws_security_group'
+  self.databag_name = 'aws_security_groups'
+
+  actions :create, :delete, :nothing
+  default_action :create
+
+  attribute :name, :kind_of => String, :name_attribute => true
+  attribute :vpc_id, :kind_of => String
+  attribute :vpc_name, :kind_of => String
+  attribute :inbound_rules
+  attribute :outbound_rules
+  stored_attribute :security_group_id
+  stored_attribute :description
+
+  def initialize(*args)
+    super
+  end
+
+  def after_created
+    super
+  end
+end

data/lib/chef/resource/aws_sqs_queue.rb

@@ -7,9 +7,6 @@ class Chef::Resource::AwsSqsQueue < Chef::Resource::AwsResource
   actions :create, :delete, :nothing
   default_action :create
 
-  attribute :name, String, :name_attribute => true
-  attribute :queue_name, String
-  stored_attribute :created_at, DateTime
   attribute :name, :kind_of => String, :name_attribute => true
   attribute :queue_name, :kind_of => String
   stored_attribute :created_at

data/lib/chef/resource/aws_vpc.rb

@@ -0,0 +1,23 @@
+require 'chef/resource/aws_resource'
+require 'chef/provisioning/aws_driver'
+
+class Chef::Resource::AwsVpc < Chef::Resource::AwsResource
+  self.resource_name = 'aws_vpc'
+  self.databag_name = 'aws_vpc'
+
+  actions :create, :delete, :nothing
+  default_action :create
+
+  attribute :name, :kind_of => String, :name_attribute => true
+  attribute :cidr_block, :kind_of => String
+
+  stored_attribute :vpc_id
+
+  def initialize(*args)
+    super
+  end
+
+  def after_created
+    super
+  end
+end

metadata

@@ -1,83 +1,83 @@
 --- !ruby/object:Gem::Specification
 name: chef-provisioning-aws
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - John Ewart
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-11-05 00:00:00.000000000 Z
+date: 2014-11-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: chef-provisioning
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
         version: '0.9'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ~>
       - !ruby/object:Gem::Version
         version: '0.9'
 - !ruby/object:Gem::Dependency
   name: aws-sdk-v1
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 description: Provisioner for creating aws containers in Chef Provisioning.
@@ -97,8 +97,10 @@ files:
 - lib/chef/provider/aws_launch_config.rb
 - lib/chef/provider/aws_provider.rb
 - lib/chef/provider/aws_s3_bucket.rb
+- lib/chef/provider/aws_security_group.rb
 - lib/chef/provider/aws_sns_topic.rb
 - lib/chef/provider/aws_sqs_queue.rb
+- lib/chef/provider/aws_vpc.rb
 - lib/chef/provisioning/aws_driver.rb
 - lib/chef/provisioning/aws_driver/aws_profile.rb
 - lib/chef/provisioning/aws_driver/credentials.rb
@@ -106,14 +108,18 @@ files:
 - lib/chef/provisioning/aws_driver/resources.rb
 - lib/chef/provisioning/aws_driver/version.rb
 - lib/chef/provisioning/driver_init/aws.rb
+- lib/chef/resource/.DS_Store
 - lib/chef/resource/aws_auto_scaling_group.rb
+- lib/chef/resource/aws_ebs_mount.rb
 - lib/chef/resource/aws_ebs_volume.rb
 - lib/chef/resource/aws_key_pair.rb
 - lib/chef/resource/aws_launch_config.rb
 - lib/chef/resource/aws_resource.rb
 - lib/chef/resource/aws_s3_bucket.rb
+- lib/chef/resource/aws_security_group.rb
 - lib/chef/resource/aws_sns_topic.rb
 - lib/chef/resource/aws_sqs_queue.rb
+- lib/chef/resource/aws_vpc.rb
 homepage: https://github.com/opscode/chef-provisioning-aws
 licenses: []
 metadata: {}
@@ -123,12 +129,12 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
@@ -138,4 +144,3 @@ signing_key:
 specification_version: 4
 summary: Provisioner for creating aws containers in Chef Provisioning.
 test_files: []
-has_rdoc: