RubyGems - cloud-mu - Versions diffs - 3.4.0 → 3.5.0 - Mend

cloud-mu 3.4.0 → 3.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (104) hide show

checksums.yaml +4 -4
data/ansible/roles/mu-nat/tasks/main.yml +3 -0
data/bin/mu-aws-setup +41 -7
data/bin/mu-azure-setup +34 -0
data/bin/mu-configure +214 -119
data/bin/mu-gcp-setup +37 -2
data/bin/mu-node-manage +3 -0
data/bin/mu-refresh-ssl +67 -0
data/bin/mu-run-tests +14 -4
data/bin/mu-self-update +30 -10
data/bin/mu-upload-chef-artifacts +30 -26
data/cloud-mu.gemspec +8 -6
data/cookbooks/mu-master/attributes/default.rb +5 -1
data/cookbooks/mu-master/metadata.rb +2 -2
data/cookbooks/mu-master/recipes/default.rb +81 -26
data/cookbooks/mu-master/recipes/init.rb +197 -62
data/cookbooks/mu-master/recipes/update_nagios_only.rb +1 -1
data/cookbooks/mu-master/recipes/vault.rb +78 -77
data/cookbooks/mu-master/templates/default/mods/rewrite.conf.erb +1 -0
data/cookbooks/mu-master/templates/default/nagios.conf.erb +103 -0
data/cookbooks/mu-master/templates/default/web_app.conf.erb +14 -30
data/cookbooks/mu-tools/attributes/default.rb +5 -0
data/cookbooks/mu-tools/files/centos-6/CentOS-Base.repo +47 -0
data/cookbooks/mu-tools/libraries/helper.rb +12 -2
data/cookbooks/mu-tools/libraries/monkey.rb +1 -1
data/cookbooks/mu-tools/recipes/apply_security.rb +6 -0
data/cookbooks/mu-tools/recipes/aws_api.rb +6 -4
data/cookbooks/mu-tools/recipes/base_repositories.rb +1 -1
data/cookbooks/mu-tools/recipes/gcloud.rb +2 -9
data/cookbooks/mu-tools/recipes/google_api.rb +5 -2
data/cookbooks/mu-tools/resources/disk.rb +108 -58
data/extras/Gemfile.lock.bootstrap +394 -0
data/extras/bucketstubs/error.html +0 -0
data/extras/bucketstubs/index.html +0 -0
data/extras/clean-stock-amis +9 -9
data/extras/git_rpm/build.sh +20 -0
data/extras/git_rpm/mugit.spec +53 -0
data/extras/image-generators/VMWare/centos8.yaml +15 -0
data/extras/openssl_rpm/build.sh +19 -0
data/extras/openssl_rpm/mussl.spec +46 -0
data/extras/python_rpm/muthon.spec +14 -4
data/extras/ruby_rpm/muby.spec +9 -5
data/extras/sqlite_rpm/build.sh +19 -0
data/extras/sqlite_rpm/muqlite.spec +47 -0
data/install/installer +7 -5
data/modules/mu.rb +12 -5
data/modules/mu/cloud/machine_images.rb +1 -1
data/modules/mu/cloud/providers.rb +6 -1
data/modules/mu/cloud/resource_base.rb +1 -1
data/modules/mu/cloud/ssh_sessions.rb +4 -0
data/modules/mu/config.rb +28 -12
data/modules/mu/config/database.rb +2 -2
data/modules/mu/config/firewall_rule.rb +1 -1
data/modules/mu/config/ref.rb +2 -2
data/modules/mu/config/schema_helpers.rb +12 -3
data/modules/mu/config/server.rb +10 -4
data/modules/mu/config/server_pool.rb +2 -2
data/modules/mu/config/vpc.rb +10 -10
data/modules/mu/defaults/AWS.yaml +32 -32
data/modules/mu/deploy.rb +23 -10
data/modules/mu/groomers/chef.rb +2 -2
data/modules/mu/master.rb +49 -3
data/modules/mu/mommacat.rb +8 -5
data/modules/mu/mommacat/naming.rb +2 -2
data/modules/mu/mommacat/storage.rb +22 -27
data/modules/mu/providers/aws.rb +142 -48
data/modules/mu/providers/aws/alarm.rb +3 -3
data/modules/mu/providers/aws/bucket.rb +19 -19
data/modules/mu/providers/aws/cache_cluster.rb +22 -22
data/modules/mu/providers/aws/cdn.rb +2 -2
data/modules/mu/providers/aws/collection.rb +14 -14
data/modules/mu/providers/aws/container_cluster.rb +27 -27
data/modules/mu/providers/aws/database.rb +40 -39
data/modules/mu/providers/aws/dnszone.rb +5 -5
data/modules/mu/providers/aws/endpoint.rb +35 -35
data/modules/mu/providers/aws/firewall_rule.rb +26 -23
data/modules/mu/providers/aws/function.rb +28 -28
data/modules/mu/providers/aws/group.rb +7 -7
data/modules/mu/providers/aws/habitat.rb +2 -2
data/modules/mu/providers/aws/job.rb +6 -6
data/modules/mu/providers/aws/loadbalancer.rb +34 -34
data/modules/mu/providers/aws/log.rb +14 -14
data/modules/mu/providers/aws/msg_queue.rb +10 -10
data/modules/mu/providers/aws/nosqldb.rb +8 -8
data/modules/mu/providers/aws/notifier.rb +7 -7
data/modules/mu/providers/aws/role.rb +17 -15
data/modules/mu/providers/aws/search_domain.rb +10 -10
data/modules/mu/providers/aws/server.rb +176 -95
data/modules/mu/providers/aws/server_pool.rb +65 -105
data/modules/mu/providers/aws/storage_pool.rb +17 -9
data/modules/mu/providers/aws/user.rb +1 -1
data/modules/mu/providers/aws/vpc.rb +103 -51
data/modules/mu/providers/aws/vpc_subnet.rb +43 -39
data/modules/mu/providers/azure.rb +78 -12
data/modules/mu/providers/azure/server.rb +18 -3
data/modules/mu/providers/cloudformation/server.rb +1 -1
data/modules/mu/providers/google.rb +19 -4
data/modules/mu/providers/google/folder.rb +6 -2
data/modules/mu/providers/google/function.rb +65 -30
data/modules/mu/providers/google/role.rb +1 -1
data/modules/mu/providers/google/vpc.rb +27 -2
data/modules/tests/aws-servers-with-handrolled-iam.yaml +37 -0
data/modules/tests/k8s.yaml +1 -1
metadata +24 -8

data/modules/mu/providers/aws/function.rb CHANGED Viewed

@@ -38,10 +38,10 @@ module MU
         end
         # Tag this Lambda function
-        def assign_tag(resource_arn, tag_list, region=@config['region'])
+        def assign_tag(resource_arn, tag_list, region=@region)
           begin
             tag_list.each do |each_pair|
-              MU::Cloud::AWS.lambda(region: region, credentials: @config['credentials']).tag_resource({
+              MU::Cloud::AWS.lambda(region: region, credentials: @credentials).tag_resource({
                 resource: resource_arn,
                 tags: each_pair
               })
@@ -58,14 +58,14 @@ module MU
           lambda_properties = get_properties
           MU.retrier([Aws::Lambda::Errors::InvalidParameterValueException], max: 5, wait: 10) {
-            resp = MU::Cloud::AWS.lambda(region: @config['region'], credentials: @credentials).create_function(lambda_properties)
+            resp = MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).create_function(lambda_properties)
             @cloud_id = resp.function_name
           }
           # the console does this and docs expect it to be there, so mimic the
           # behavior
           begin
-            MU::Cloud::AWS.cloudwatchlogs(region: @config["region"], credentials: @credentials).create_log_group(
+            MU::Cloud::AWS.cloudwatchlogs(region: @region, credentials: @credentials).create_log_group(
               log_group_name: "/aws/lambda/#{@cloud_id}",
               tags: @tags
             )
@@ -86,14 +86,14 @@ module MU
           }
           if !changes.empty?
             MU.log "Updating Lambda #{@mu_name}", MU::NOTICE, details: changes
-            MU::Cloud::AWS.lambda(region: @config['region'], credentials: @config['credentials']).update_function_configuration(new_props)
+            MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).update_function_configuration(new_props)
           end
           if @code_sha256 and @code_sha256 != cloud_desc.code_sha_256.chomp
             MU.log "Updating code in Lambda #{@mu_name}", MU::NOTICE, details: { "old" => @code_sha256, "new" => cloud_desc.code_sha_256 }
             code_block[:publish] = true
             code_block[:function_name] = @cloud_id
-            MU::Cloud::AWS.lambda(region: @config['region'], credentials: @config['credentials']).update_function_code(code_block)
+            MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).update_function_code(code_block)
           end
 #          tag_function = assign_tag(lambda_func.function_arn, @config['tags'])
@@ -120,7 +120,7 @@ module MU
               MU.log "Adding #{tr['service']} #{tr['name']} trigger to Lambda function #{@cloud_id}", details: trigger_properties
               begin
-                MU::Cloud::AWS.lambda(region: @config['region'], credentials: @config['credentials']).add_permission(trigger_properties)
+                MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).add_permission(trigger_properties)
               rescue Aws::Lambda::Errors::ResourceConflictException
                 # just means the permission is already there
               end
@@ -138,7 +138,7 @@ module MU
             if @config['invoke_on_completion']['payload']
               invoke_params[:payload] = JSON.generate(@config['invoke_on_completion']['payload'])
             end
-            resp = MU::Cloud::AWS.lambda(region: @config['region'], credentials: @config['credentials']).invoke(invoke_params)
+            resp = MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).invoke(invoke_params)
             if resp.status_code == 200
               MU.log "Invoked #{@cloud_id}", MU::NOTICE, details: Base64.decode64(resp.log_result)
             else
@@ -161,13 +161,13 @@ module MU
           begin
             # XXX There doesn't seem to be an API call to list or view existing
             # permissions, wtaf. This means we can't intelligently guard this.
-            MU::Cloud::AWS.lambda(region: @config['region'], credentials: @config['credentials']).add_permission(trigger)
+            MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).add_permission(trigger)
           rescue Aws::Lambda::Errors::ValidationException => e
             MU.log e.message+" (calling_arn: #{calling_arn}, calling_service: #{calling_service}, calling_name: #{calling_name})", MU::ERR, details: trigger
             raise e
           rescue Aws::Lambda::Errors::ResourceConflictException => e
             if e.message.match(/already exists/)
-              MU::Cloud::AWS.lambda(region: @config['region'], credentials: @config['credentials']).remove_permission(
+              MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).remove_permission(
                 function_name: @mu_name,
                 statement_id: "#{calling_service}-#{calling_name}"
               )
@@ -187,16 +187,16 @@ module MU
             case svc.downcase
             when 'sns'
               sib_sns = @deploy.findLitterMate(name: name, type: "notifiers")
-              arn = sib_sns ? sib_sns.arn : "arn:aws:sns:#{@config['region']}:#{MU::Cloud::AWS.credToAcct(@config['credentials'])}:#{name}"
+              arn = sib_sns ? sib_sns.arn : "arn:aws:sns:#{@region}:#{MU::Cloud::AWS.credToAcct(@credentials)}:#{name}"
             when 'alarm','events', 'event', 'cloudwatch_event'
               sib_event = @deploy.findLitterMate(name: name, type: "job")
-              arn = sib_event ? sib_event.arn : "arn:aws:events:#{@config['region']}:#{MU::Cloud::AWS.credToAcct(@config['credentials'])}:rule/#{name}"
+              arn = sib_event ? sib_event.arn : "arn:aws:events:#{@region}:#{MU::Cloud::AWS.credToAcct(@credentials)}:rule/#{name}"
             when 'dynamodb'
               sib_dynamo = @deploy.findLitterMate(name: name, type: "nosqldb")
-              arn = sib_dynamo ? sib_dynamo.arn : "arn:aws:dynamodb:#{@config['region']}:#{MU::Cloud::AWS.credToAcct(@config['credentials'])}:table/#{name}"
+              arn = sib_dynamo ? sib_dynamo.arn : "arn:aws:dynamodb:#{@region}:#{MU::Cloud::AWS.credToAcct(@credentials)}:table/#{name}"
             when 'apigateway'
               sib_apig = @deploy.findLitterMate(name: name, type: "endpoints")
-              arn = sib_apig ? sib_apig.arn : "arn:aws:apigateway:#{@config['region']}:#{MU::Cloud::AWS.credToAcct(@config['credentials'])}:#{name}"
+              arn = sib_apig ? sib_apig.arn : "arn:aws:apigateway:#{@region}:#{MU::Cloud::AWS.credToAcct(@credentials)}:#{name}"
             when 's3'
               arn = ''
             end
@@ -208,18 +208,18 @@ module MU
         end
         # XXX placeholder, really; this is going end up being done from Endpoint, Log and Notification resources, I think
-        def adjust_trigger(trig_type, trig_arn, func_arn, func_id=nil, protocol='lambda',region=@config['region'])
+        def adjust_trigger(trig_type, trig_arn, func_arn, func_id=nil, protocol='lambda',region=@region)
           case trig_type
           when 'sns'
-            MU::Cloud.resourceClass("AWS", "Notifier").subscribe(trig_arn, arn, "lambda", region: @config['region'], credentials: @credentials)
+            MU::Cloud.resourceClass("AWS", "Notifier").subscribe(trig_arn, arn, "lambda", region: @region, credentials: @credentials)
           when 'dynamodb'
-            stream = MU::Cloud::AWS.dynamostream(region: @config['region'], credentials: @config['credentials']).list_streams(table_name: trig_arn.sub(/.*?:table\//, '')).streams.first
+            stream = MU::Cloud::AWS.dynamostream(region: @region, credentials: @credentials).list_streams(table_name: trig_arn.sub(/.*?:table\//, '')).streams.first
 # XXX  guard this
             MU.log "Adding DynamoDB Stream from #{stream.stream_arn} as trigger for #{@cloud_id}"
             begin
-            MU::Cloud::AWS.lambda(region: @config['region'], credentials: @config['credentials']).create_event_source_mapping(
+            MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).create_event_source_mapping(
               event_source_arn: stream.stream_arn,
               function_name: @cloud_id,
               starting_position: "TRIM_HORIZON" # ...whatever that is
@@ -227,10 +227,10 @@ module MU
             rescue ::Aws::Lambda::Errors::ResourceConflictException
             end
-#            MU::Cloud.resourceClass("AWS", "NoSQLDB").subscribe(trig_arn, arn, "lambda", region: @config['region'], credentials: @credentials)
+#            MU::Cloud.resourceClass("AWS", "NoSQLDB").subscribe(trig_arn, arn, "lambda", region: @region, credentials: @credentials)
           when 'event','cloudwatch_event', 'events'
            # XXX don't do this, use MU::Cloud::AWS::Log
-            MU::Cloud::AWS.cloudwatch_events(region: region, credentials: @config['credentials']).put_targets({
+            MU::Cloud::AWS.cloudwatch_events(region: region, credentials: @credentials).put_targets({
               rule: @config['trigger']['name'],
               targets: [
                 {
@@ -317,9 +317,9 @@ module MU
         def toKitten(**_args)
           bok = {
             "cloud" => "AWS",
-            "credentials" => @config['credentials'],
+            "credentials" => @credentials,
             "cloud_id" => @cloud_id,
-            "region" => @config['region']
+            "region" => @region
           }
           if !cloud_desc
@@ -333,20 +333,20 @@ module MU
           bok['runtime'] = cloud_desc.runtime
           bok['timeout'] = cloud_desc.timeout
-          function = MU::Cloud::AWS.lambda(region: @config['region'], credentials: @credentials).get_function(function_name: bok['name'])
-#          event_srcs = MU::Cloud::AWS.lambda(region: @config['region'], credentials: @credentials).list_event_source_mappings(function_name: @cloud_id)
+          function = MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).get_function(function_name: bok['name'])
+#          event_srcs = MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).list_event_source_mappings(function_name: @cloud_id)
 #          if event_srcs and !event_srcs.event_source_mappings.empty?
 #            MU.log "dem mappings tho #{@cloud_id}", MU::WARN, details: event_srcs
 #          end
 #          begin
-#            invoke_cfg = MU::Cloud::AWS.lambda(region: @config['region'], credentials: @credentials).get_function_event_invoke_config(function_name: @cloud_id)
+#            invoke_cfg = MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).get_function_event_invoke_config(function_name: @cloud_id)
 #            MU.log "invoke config #{@cloud_id}", MU::WARN, details: invoke_cfg
 #          rescue ::Aws::Lambda::Errors::ResourceNotFoundException
 #          end
 #          MU.log @cloud_id, MU::WARN, details: cloud_desc if @cloud_id == "Espier-Scheduled-Scanner"
-#          MU.log "configuration #{@cloud_id}", MU::WARN, details: MU::Cloud::AWS.lambda(region: @config['region'], credentials: @credentials).get_function_configuration(function_name: @cloud_id) if @cloud_id == "Espier-Scheduled-Scanner"
+#          MU.log "configuration #{@cloud_id}", MU::WARN, details: MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).get_function_configuration(function_name: @cloud_id) if @cloud_id == "Espier-Scheduled-Scanner"
           if function.code.repository_type == "S3"
@@ -415,7 +415,7 @@ module MU
           end
           begin
-            pol = MU::Cloud::AWS.lambda(region: @config['region'], credentials: @credentials).get_policy(function_name: @cloud_id).policy
+            pol = MU::Cloud::AWS.lambda(region: @region, credentials: @credentials).get_policy(function_name: @cloud_id).policy
 MU.log @cloud_id, MU::WARN, details: JSON.parse(pol) if @cloud_id == "ESPIER-DEV-2020080900-LN-ON-DEMAND-SCANNER"
             if pol
               bok['triggers'] ||= []
@@ -542,7 +542,7 @@ MU.log @cloud_id, MU::WARN, details: JSON.parse(pol) if @cloud_id == "ESPIER-DEV
               end
               if mu_type
-                MU::Config.addDependency(function, t['name'], mu_type, no_create_wait: true)
+                MU::Config.addDependency(function, t['name'], mu_type, my_phase: "groom")
               end
             }
           end

data/modules/mu/providers/aws/group.rb CHANGED Viewed

@@ -32,7 +32,7 @@ module MU
         # Called automatically by {MU::Deploy#createResources}
         def create
           begin
-            MU::Cloud::AWS.iam(credentials: @config['credentials']).get_group(
+            MU::Cloud::AWS.iam(credentials: @credentials).get_group(
               group_name: @mu_name,
               path: @config['path']
             )
@@ -42,7 +42,7 @@ module MU
           rescue Aws::IAM::Errors::NoSuchEntity
             @config['path'] ||= "/"+@deploy.deploy_id+"/"
             MU.log "Creating IAM group #{@config['path']}#{@mu_name}"
-            MU::Cloud::AWS.iam(credentials: @config['credentials']).create_group(
+            MU::Cloud::AWS.iam(credentials: @credentials).create_group(
               group_name: @mu_name,
               path: @config['path']
             )
@@ -64,7 +64,7 @@ module MU
               if found.size == 1
                 userdesc = found.values.first
                 MU.log "Adding IAM user #{userdesc.path}#{userdesc.user_name} to group #{@mu_name}", MU::NOTICE
-                MU::Cloud::AWS.iam(credentials: @config['credentials']).add_user_to_group(
+                MU::Cloud::AWS.iam(credentials: @credentials).add_user_to_group(
                   user_name: userid,
                   group_name: @mu_name
                 )
@@ -77,7 +77,7 @@ module MU
               extras = cloud_desc.users.map { |u| u.user_name } - @config['members']
               extras.each { |user_name|
                 MU.log "Purging user #{user_name} from IAM group #{@cloud_id}", MU::NOTICE
-                MU::Cloud::AWS.iam(credentials: @config['credentials']).remove_user_from_group(
+                MU::Cloud::AWS.iam(credentials: @credentials).remove_user_from_group(
                   user_name: user_name,
                   group_name: @cloud_id
                 )
@@ -156,7 +156,7 @@ module MU
         def cloud_desc(use_cache: true)
           return @cloud_desc_cache if @cloud_desc_cache and use_cache
           return nil if !@mu_name
-          @cloud_desc_cache = MU::Cloud::AWS.iam(credentials: @config['credentials']).get_group(
+          @cloud_desc_cache = MU::Cloud::AWS.iam(credentials: @credentials).get_group(
             group_name: @mu_name
           )
           @cloud_desc_cache
@@ -267,7 +267,7 @@ module MU
         def toKitten(**_args)
           bok = {
             "cloud" => "AWS",
-            "credentials" => @config['credentials'],
+            "credentials" => @credentials,
             "cloud_id" => @cloud_id
           }
@@ -292,7 +292,7 @@ module MU
           if resp and resp.policy_names and resp.policy_names.size > 0
             resp.policy_names.each { |pol_name|
               pol = MU::Cloud::AWS.iam(credentials: @credentials).get_group_policy(group_name: @cloud_id, policy_name: pol_name)
-              doc = JSON.parse(URI.decode(pol.policy_document))
+              doc = JSON.parse(CGI.unescape(pol.policy_document))
               bok["inline_policies"] = MU::Cloud.resourceClass("AWS", "Role").doc2MuPolicies(pol.policy_name, doc, bok["inline_policies"])
             }
           end

data/modules/mu/providers/aws/habitat.rb CHANGED Viewed

@@ -34,7 +34,7 @@ module MU
           end
           MU.log "Creating AWS account #{@mu_name} with contact email #{@config['email']}"
-          resp = MU::Cloud::AWS.orgs(credentials: @config['credentials']).create_account(
+          resp = MU::Cloud::AWS.orgs(credentials: @credentials).create_account(
             account_name: @mu_name,
             email: @config['email']
           )
@@ -42,7 +42,7 @@ module MU
           createid = resp.create_account_status.id
           begin
-            resp = MU::Cloud::AWS.orgs(credentials: @config['credentials']).describe_create_account_status(
+            resp = MU::Cloud::AWS.orgs(credentials: @credentials).describe_create_account_status(
               create_account_request_id: createid
             )
             if !["SUCCEEDED", "IN_PROGRESS"].include?(resp.create_account_status.state)

data/modules/mu/providers/aws/job.rb CHANGED Viewed

@@ -33,7 +33,7 @@ module MU
           MU.log "Creating CloudWatch Event #{@mu_name}", MU::NOTICE, details: params
-          MU::Cloud::AWS.cloudwatchevents(region: @config['region'], credentials: @credentials).put_rule(params)
+          MU::Cloud::AWS.cloudwatchevents(region: @region, credentials: @credentials).put_rule(params)
         end
         # Called automatically by {MU::Deploy#createResources}
@@ -50,7 +50,7 @@ module MU
           if params.size > 0
             MU.log "Updating CloudWatch Event #{@cloud_id}", MU::NOTICE, details: params
-            MU::Cloud::AWS.cloudwatchevents(region: @config['region'], credentials: @credentials).put_rule(new_props)
+            MU::Cloud::AWS.cloudwatchevents(region: @region, credentials: @credentials).put_rule(new_props)
           end
           if @config['targets']
@@ -89,7 +89,7 @@ module MU
                 target_params << this_target
               }
             }
-            MU::Cloud::AWS.cloudwatchevents(region: @config['region'], credentials: @credentials).put_targets(
+            MU::Cloud::AWS.cloudwatchevents(region: @region, credentials: @credentials).put_targets(
               rule: @cloud_id,
               event_bus_name: cloud_desc.event_bus_name,
               targets: target_params
@@ -176,9 +176,9 @@ module MU
         def toKitten(**_args)
           bok = {
             "cloud" => "AWS",
-            "credentials" => @config['credentials'],
+            "credentials" => @credentials,
             "cloud_id" => @cloud_id,
-            "region" => @config['region']
+            "region" => @region
           }
           if !cloud_desc
@@ -217,7 +217,7 @@ module MU
             )
           end
-          targets = MU::Cloud::AWS.cloudwatchevents(region: @config['region'], credentials: @credentials).list_targets_by_rule(
+          targets = MU::Cloud::AWS.cloudwatchevents(region: @region, credentials: @credentials).list_targets_by_rule(
             rule: @cloud_id,
             event_bus_name: cloud_desc.event_bus_name
           ).targets

data/modules/mu/providers/aws/loadbalancer.rb CHANGED Viewed

@@ -41,8 +41,8 @@ module MU
         # Called automatically by {MU::Deploy#createResources}
         def create
           if @config["zones"] == nil
-            @config["zones"] = MU::Cloud::AWS.listAZs(region: @config['region'])
-            MU.log "Using zones from #{@config['region']}", MU::DEBUG, details: @config['zones']
+            @config["zones"] = MU::Cloud::AWS.listAZs(region: @region)
+            MU.log "Using zones from #{@region}", MU::DEBUG, details: @config['zones']
           end
           lb_options = {
@@ -122,15 +122,15 @@ module MU
           begin
             if @config['classic']
               MU.log "Creating Elastic Load Balancer #{@mu_name}", details: lb_options
-              lb = MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).create_load_balancer(lb_options)
+              lb = MU::Cloud::AWS.elb(region: @region, credentials: @credentials).create_load_balancer(lb_options)
             else
               MU.log "Creating Application Load Balancer #{@mu_name}", details: lb_options
-              lb = MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).create_load_balancer(lb_options).load_balancers.first
+              lb = MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).create_load_balancer(lb_options).load_balancers.first
               begin
                 if lb.state.code != "active"
                   MU.log "Waiting for ALB #{@mu_name} to enter 'active' state", MU::NOTICE
                   sleep 20
-                  lb = MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).describe_load_balancers(
+                  lb = MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).describe_load_balancers(
                     names: [@mu_name]
                   ).load_balancers.first
                 end
@@ -170,7 +170,7 @@ module MU
           if zones_to_try.size < @config["zones"].size
             zones_to_try.each { |zone|
               begin
-                MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).enable_availability_zones_for_load_balancer(
+                MU::Cloud::AWS.elb(region: @region, credentials: @credentials).enable_availability_zones_for_load_balancer(
                   load_balancer_name: @mu_name,
                   availability_zones: [zone]
                 )
@@ -183,7 +183,7 @@ module MU
           @targetgroups = {}
           if !@config['healthcheck'].nil? and @config['classic']
             MU.log "Configuring custom health check for ELB #{@mu_name}", details: @config['healthcheck']
-            MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).configure_health_check(
+            MU::Cloud::AWS.elb(region: @region, credentials: @credentials).configure_health_check(
                 load_balancer_name: @mu_name,
                 health_check: {
                     target: @config['healthcheck']['target'],
@@ -229,9 +229,9 @@ module MU
                   end
                 end
-                tg_resp = MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).create_target_group(tg_descriptor)
+                tg_resp = MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).create_target_group(tg_descriptor)
                 @targetgroups[tg['name']] = tg_resp.target_groups.first
-                MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).add_tags(
+                MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).add_tags(
                   resource_arns: [tg_resp.target_groups.first.target_group_arn],
                   tags: lb_options[:tags]
                 )
@@ -285,7 +285,7 @@ module MU
                   "ELBSecurityPolicy-TLS-1-2-2017-01"
                 end
               end
-              listen_resp = MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).create_listener(listen_descriptor).listeners.first
+              listen_resp = MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).create_listener(listen_descriptor).listeners.first
               if !l['rules'].nil?
                 l['rules'].each { |rule|
                   rule_descriptor = {
@@ -307,14 +307,14 @@ module MU
                       }
                     end
                   }
-                  MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).create_rule(rule_descriptor)
+                  MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).create_rule(rule_descriptor)
                 }
               end
             }
           else
             @config["listeners"].each { |l|
               if l['ssl_certificate_id']
-                MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).set_load_balancer_policies_of_listener(
+                MU::Cloud::AWS.elb(region: @region, credentials: @credentials).set_load_balancer_policies_of_listener(
                   load_balancer_name: @cloud_id,
                   load_balancer_port: l['lb_port'],
                   policy_names: [
@@ -347,7 +347,7 @@ module MU
           if @config['cross_zone_unstickiness']
             MU.log "Enabling cross-zone un-stickiness on #{lb.dns_name}"
             if @config['classic']
-              MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).modify_load_balancer_attributes(
+              MU::Cloud::AWS.elb(region: @region, credentials: @credentials).modify_load_balancer_attributes(
                 load_balancer_name: @mu_name,
                 load_balancer_attributes: {
                   cross_zone_load_balancing: {
@@ -357,7 +357,7 @@ module MU
               )
             else
               @targetgroups.values.each { |tg|
-                MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).modify_target_group_attributes(
+                MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).modify_target_group_attributes(
                   target_group_arn: tg.target_group_arn,
                   attributes: [
                     {
@@ -373,7 +373,7 @@ module MU
           if !@config['idle_timeout'].nil?
             MU.log "Setting idle timeout to #{@config['idle_timeout']} #{lb.dns_name}"
             if @config['classic']
-              MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).modify_load_balancer_attributes(
+              MU::Cloud::AWS.elb(region: @region, credentials: @credentials).modify_load_balancer_attributes(
                 load_balancer_name: @mu_name,
                 load_balancer_attributes: {
                   connection_settings: {
@@ -382,7 +382,7 @@ module MU
                 }
               )
             else
-              MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).modify_load_balancer_attributes(
+              MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).modify_load_balancer_attributes(
                 load_balancer_arn: lb.load_balancer_arn,
                 attributes: [
                   {
@@ -398,7 +398,7 @@ module MU
             if @config['classic']
               if @config['connection_draining_timeout'] >= 0
                 MU.log "Setting connection draining timeout to #{@config['connection_draining_timeout']} on #{lb.dns_name}"
-                MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).modify_load_balancer_attributes(
+                MU::Cloud::AWS.elb(region: @region, credentials: @credentials).modify_load_balancer_attributes(
                     load_balancer_name: @mu_name,
                     load_balancer_attributes: {
                         connection_draining: {
@@ -409,7 +409,7 @@ module MU
                 )
               else
                 MU.log "Disabling connection draining on #{lb.dns_name}"
-                MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).modify_load_balancer_attributes(
+                MU::Cloud::AWS.elb(region: @region, credentials: @credentials).modify_load_balancer_attributes(
                     load_balancer_name: @mu_name,
                     load_balancer_attributes: {
                         connection_draining: {
@@ -427,7 +427,7 @@ module MU
                 MU.log "Disabling connection draining on #{lb.dns_name}"
               end
               @targetgroups.values.each { |tg|
-                MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).modify_target_group_attributes(
+                MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).modify_target_group_attributes(
                   target_group_arn: tg.target_group_arn,
                   attributes: [
                     {
@@ -443,7 +443,7 @@ module MU
           if !@config['access_log'].nil?
             MU.log "Setting access log params for #{lb.dns_name}", details: @config['access_log']
             if @config['classic']
-              MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).modify_load_balancer_attributes(
+              MU::Cloud::AWS.elb(region: @region, credentials: @credentials).modify_load_balancer_attributes(
                 load_balancer_name: @mu_name,
                 load_balancer_attributes: {
                   access_log: {
@@ -455,7 +455,7 @@ module MU
                 }
               )
             else
-              MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).modify_load_balancer_attributes(
+              MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).modify_load_balancer_attributes(
                 load_balancer_arn: lb.load_balancer_arn,
                 attributes: [
                   {
@@ -485,7 +485,7 @@ module MU
               if !@config['lb_cookie_stickiness_policy']['timeout'].nil?
                 cookie_policy[:cookie_expiration_period] = @config['lb_cookie_stickiness_policy']['timeout']
               end
-              MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).create_lb_cookie_stickiness_policy(cookie_policy)
+              MU::Cloud::AWS.elb(region: @region, credentials: @credentials).create_lb_cookie_stickiness_policy(cookie_policy)
               lb_policy_names = Array.new
               lb_policy_names << @config['lb_cookie_stickiness_policy']['name']
               listener_policy = {
@@ -495,12 +495,12 @@ module MU
               lb_options[:listeners].each do |listener|
                 if listener[:protocol].upcase == 'HTTP' or listener[:protocol].upcase == 'HTTPS'
                   listener_policy[:load_balancer_port] = listener[:load_balancer_port]
-                  MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).set_load_balancer_policies_of_listener(listener_policy)
+                  MU::Cloud::AWS.elb(region: @region, credentials: @credentials).set_load_balancer_policies_of_listener(listener_policy)
                 end
               end
             else
               @targetgroups.values.each { |tg|
-                MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).modify_target_group_attributes(
+                MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).modify_target_group_attributes(
                   target_group_arn: tg.target_group_arn,
                   attributes: [
                     {
@@ -529,7 +529,7 @@ module MU
                 policy_name: @config['app_cookie_stickiness_policy']['name'],
                 cookie_name: @config['app_cookie_stickiness_policy']['cookie']
               }
-              MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).create_app_cookie_stickiness_policy(cookie_policy)
+              MU::Cloud::AWS.elb(region: @region, credentials: @credentials).create_app_cookie_stickiness_policy(cookie_policy)
               lb_policy_names = Array.new
               lb_policy_names << @config['app_cookie_stickiness_policy']['name']
               listener_policy = {
@@ -539,7 +539,7 @@ module MU
               lb_options[:listeners].each do |listener|
                 if listener[:protocol].upcase == 'HTTP' or listener[:protocol].upcase == 'HTTPS'
                   listener_policy[:load_balancer_port] = listener[:load_balancer_port]
-                  MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).set_load_balancer_policies_of_listener(listener_policy)
+                  MU::Cloud::AWS.elb(region: @region, credentials: @credentials).set_load_balancer_policies_of_listener(listener_policy)
                 end
               end
             else
@@ -573,7 +573,7 @@ module MU
         # @return [String]
         def arn
           if @config['classic']
-            "arn:"+(MU::Cloud::AWS.isGovCloud?(@config["region"]) ? "aws-us-gov" : "aws")+":elasticloadbalancing:"+@config['region']+":"+MU::Cloud::AWS.credToAcct(@config['credentials'])+":loadbalancer/"+@cloud_id
+            "arn:"+(MU::Cloud::AWS.isGovCloud?(@region) ? "aws-us-gov" : "aws")+":elasticloadbalancing:"+@region+":"+MU::Cloud::AWS.credToAcct(@credentials)+":loadbalancer/"+@cloud_id
           else
             cloud_desc.load_balancer_arn
           end
@@ -585,12 +585,12 @@ module MU
           return @cloud_desc_cache if @cloud_desc_cache and use_cache
           return nil if !@cloud_id
           if @config['classic']
-            @cloud_desc_cache = MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).describe_load_balancers(
+            @cloud_desc_cache = MU::Cloud::AWS.elb(region: @region, credentials: @credentials).describe_load_balancers(
               load_balancer_names: [@cloud_id]
             ).load_balancer_descriptions.first
             return @cloud_desc_cache
           else
-            @cloud_desc_cache = MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).describe_load_balancers(
+            @cloud_desc_cache = MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).describe_load_balancers(
               names: [@cloud_id]
             ).load_balancers.first
             if @targetgroups.nil?
@@ -600,11 +600,11 @@ module MU
                  @deploy.deployment['loadbalancers'][@config['name']] and
                  @deploy.deployment['loadbalancers'][@config['name']]["targetgroups"]
                 @deploy.deployment['loadbalancers'][@config['name']]["targetgroups"].each_pair { |tg_name, tg_arn|
-                  @targetgroups[tg_name] = MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).describe_target_groups(target_group_arns: [tg_arn]).target_groups.first
+                  @targetgroups[tg_name] = MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).describe_target_groups(target_group_arns: [tg_arn]).target_groups.first
                 }
               else
                 pp @config['targetgroups']
-                MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).describe_target_groups(load_balancer_arn: @cloud_desc_cache.load_balancer_arn).target_groups.each { |tg|
+                MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).describe_target_groups(load_balancer_arn: @cloud_desc_cache.load_balancer_arn).target_groups.each { |tg|
                   tg_name = tg.target_group_name
                   if @config['targetgroups']
                     @config['targetgroups'].each { |tg_cfg|
@@ -618,7 +618,7 @@ module MU
                 }
 #                @config['targetgroups'].each { |tg|
 #                  tg_name = @deploy.getResourceName(tg["name"], max_length: 32, disallowed_chars: /[^A-Za-z0-9-]/)
-#                  @targetgroups[tg_name] = MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).describe_target_groups(target_group_arns: [tg_arn]).target_groups.first
+#                  @targetgroups[tg_name] = MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).describe_target_groups(target_group_arns: [tg_arn]).target_groups.first
 #                }
               end
             end
@@ -649,7 +649,7 @@ module MU
         def registerNode(instance_id, targetgroups: nil)
           if @config['classic'] or !@config.has_key?("classic")
             MU.log "Registering #{instance_id} to ELB #{@cloud_id}"
-            MU::Cloud::AWS.elb(region: @config['region'], credentials: @config['credentials']).register_instances_with_load_balancer(
+            MU::Cloud::AWS.elb(region: @region, credentials: @credentials).register_instances_with_load_balancer(
               load_balancer_name: @cloud_id,
               instances: [
                 {instance_id: instance_id}
@@ -665,7 +665,7 @@ module MU
             end
             targetgroups.each { |tg|
               MU.log "Registering #{instance_id} to Target Group #{tg}"
-              MU::Cloud::AWS.elb2(region: @config['region'], credentials: @config['credentials']).register_targets(
+              MU::Cloud::AWS.elb2(region: @region, credentials: @credentials).register_targets(
                 target_group_arn: @targetgroups[tg].target_group_arn,
                 targets: [
                   {id: instance_id}