cumulus-aws 0.11.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +15 -0
- data/.gitignore +3 -0
- data/.travis.yml +12 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +29 -0
- data/LICENSE +202 -0
- data/README.md +41 -0
- data/autocomplete +137 -0
- data/bin/cumulus +658 -0
- data/cumulus +2 -0
- data/cumulus-aws.gemspec +20 -0
- data/lib/autoscaling/AutoScaling.rb +40 -0
- data/lib/autoscaling/loader/Loader.rb +56 -0
- data/lib/autoscaling/manager/Manager.rb +360 -0
- data/lib/autoscaling/models/AlarmConfig.rb +165 -0
- data/lib/autoscaling/models/AlarmDiff.rb +172 -0
- data/lib/autoscaling/models/AutoScalingDiff.rb +178 -0
- data/lib/autoscaling/models/GroupConfig.rb +330 -0
- data/lib/autoscaling/models/PolicyConfig.rb +135 -0
- data/lib/autoscaling/models/PolicyDiff.rb +73 -0
- data/lib/autoscaling/models/ScheduledActionDiff.rb +53 -0
- data/lib/autoscaling/models/ScheduledConfig.rb +96 -0
- data/lib/aws_extensions/ec2/DhcpOptions.rb +41 -0
- data/lib/aws_extensions/ec2/Instance.rb +29 -0
- data/lib/aws_extensions/ec2/NetworkAcl.rb +25 -0
- data/lib/aws_extensions/ec2/NetworkInterface.rb +14 -0
- data/lib/aws_extensions/ec2/RouteTable.rb +26 -0
- data/lib/aws_extensions/ec2/SecurityGroup.rb +16 -0
- data/lib/aws_extensions/ec2/Subnet.rb +28 -0
- data/lib/aws_extensions/ec2/Volume.rb +24 -0
- data/lib/aws_extensions/ec2/Vpc.rb +14 -0
- data/lib/aws_extensions/ec2/VpcEndpoint.rb +11 -0
- data/lib/aws_extensions/elb/BackendServerDescription.rb +12 -0
- data/lib/aws_extensions/elb/PolicyDescription.rb +14 -0
- data/lib/aws_extensions/kinesis/StreamDescription.rb +12 -0
- data/lib/aws_extensions/route53/AliasTarget.rb +21 -0
- data/lib/aws_extensions/s3/Bucket.rb +33 -0
- data/lib/aws_extensions/s3/BucketAcl.rb +28 -0
- data/lib/aws_extensions/s3/BucketCors.rb +17 -0
- data/lib/aws_extensions/s3/BucketLifecycle.rb +21 -0
- data/lib/aws_extensions/s3/BucketLogging.rb +18 -0
- data/lib/aws_extensions/s3/BucketNotification.rb +23 -0
- data/lib/aws_extensions/s3/BucketPolicy.rb +18 -0
- data/lib/aws_extensions/s3/BucketTagging.rb +15 -0
- data/lib/aws_extensions/s3/BucketVersioning.rb +14 -0
- data/lib/aws_extensions/s3/BucketWebsite.rb +49 -0
- data/lib/aws_extensions/s3/CORSRule.rb +27 -0
- data/lib/aws_extensions/s3/ReplicationConfiguration.rb +22 -0
- data/lib/cloudfront/CloudFront.rb +83 -0
- data/lib/cloudfront/loader/Loader.rb +31 -0
- data/lib/cloudfront/manager/Manager.rb +183 -0
- data/lib/cloudfront/models/CacheBehaviorConfig.rb +237 -0
- data/lib/cloudfront/models/CacheBehaviorDiff.rb +211 -0
- data/lib/cloudfront/models/CustomOriginConfig.rb +51 -0
- data/lib/cloudfront/models/CustomOriginDiff.rb +74 -0
- data/lib/cloudfront/models/DistributionConfig.rb +183 -0
- data/lib/cloudfront/models/DistributionDiff.rb +131 -0
- data/lib/cloudfront/models/InvalidationConfig.rb +37 -0
- data/lib/cloudfront/models/OriginConfig.rb +144 -0
- data/lib/cloudfront/models/OriginDiff.rb +86 -0
- data/lib/cloudfront/models/OriginSslProtocols.rb +28 -0
- data/lib/cloudfront/models/OriginSslProtocolsDiff.rb +39 -0
- data/lib/common/BaseLoader.rb +80 -0
- data/lib/common/manager/Manager.rb +148 -0
- data/lib/common/models/Diff.rb +114 -0
- data/lib/common/models/ListChange.rb +21 -0
- data/lib/common/models/TagsDiff.rb +55 -0
- data/lib/common/models/UTCTimeSource.rb +17 -0
- data/lib/conf/Configuration.rb +365 -0
- data/lib/ec2/EC2.rb +503 -0
- data/lib/ec2/IPProtocolMapping.rb +165 -0
- data/lib/ec2/loaders/EbsLoader.rb +19 -0
- data/lib/ec2/loaders/InstanceLoader.rb +32 -0
- data/lib/ec2/managers/EbsManager.rb +176 -0
- data/lib/ec2/managers/InstanceManager.rb +509 -0
- data/lib/ec2/models/EbsGroupConfig.rb +133 -0
- data/lib/ec2/models/EbsGroupDiff.rb +48 -0
- data/lib/ec2/models/InstanceConfig.rb +202 -0
- data/lib/ec2/models/InstanceDiff.rb +95 -0
- data/lib/elb/ELB.rb +148 -0
- data/lib/elb/loader/Loader.rb +65 -0
- data/lib/elb/manager/Manager.rb +581 -0
- data/lib/elb/models/AccessLogConfig.rb +82 -0
- data/lib/elb/models/AccessLogDiff.rb +47 -0
- data/lib/elb/models/HealthCheckConfig.rb +91 -0
- data/lib/elb/models/HealthCheckDiff.rb +50 -0
- data/lib/elb/models/ListenerConfig.rb +99 -0
- data/lib/elb/models/ListenerDiff.rb +91 -0
- data/lib/elb/models/LoadBalancerConfig.rb +239 -0
- data/lib/elb/models/LoadBalancerDiff.rb +265 -0
- data/lib/iam/IAM.rb +36 -0
- data/lib/iam/loader/Loader.rb +117 -0
- data/lib/iam/manager/IamGroups.rb +98 -0
- data/lib/iam/manager/IamResource.rb +288 -0
- data/lib/iam/manager/IamRoles.rb +112 -0
- data/lib/iam/manager/IamUsers.rb +54 -0
- data/lib/iam/manager/Manager.rb +29 -0
- data/lib/iam/migration/AssumeRoleUnifier.rb +34 -0
- data/lib/iam/migration/PolicyUnifier.rb +90 -0
- data/lib/iam/models/GroupConfig.rb +40 -0
- data/lib/iam/models/IamDiff.rb +132 -0
- data/lib/iam/models/PolicyConfig.rb +67 -0
- data/lib/iam/models/ResourceWithPolicy.rb +208 -0
- data/lib/iam/models/RoleConfig.rb +53 -0
- data/lib/iam/models/StatementConfig.rb +35 -0
- data/lib/iam/models/UserConfig.rb +21 -0
- data/lib/kinesis/Kinesis.rb +94 -0
- data/lib/kinesis/loader/Loader.rb +19 -0
- data/lib/kinesis/manager/Manager.rb +206 -0
- data/lib/kinesis/models/StreamConfig.rb +75 -0
- data/lib/kinesis/models/StreamDiff.rb +58 -0
- data/lib/lambda/Lambda.rb +41 -0
- data/lib/route53/loader/Loader.rb +32 -0
- data/lib/route53/manager/Manager.rb +241 -0
- data/lib/route53/models/AliasTarget.rb +86 -0
- data/lib/route53/models/RecordConfig.rb +178 -0
- data/lib/route53/models/RecordDiff.rb +140 -0
- data/lib/route53/models/Vpc.rb +24 -0
- data/lib/route53/models/ZoneConfig.rb +156 -0
- data/lib/route53/models/ZoneDiff.rb +118 -0
- data/lib/s3/S3.rb +89 -0
- data/lib/s3/loader/Loader.rb +66 -0
- data/lib/s3/manager/Manager.rb +296 -0
- data/lib/s3/models/BucketConfig.rb +321 -0
- data/lib/s3/models/BucketDiff.rb +167 -0
- data/lib/s3/models/GrantConfig.rb +189 -0
- data/lib/s3/models/GrantDiff.rb +50 -0
- data/lib/s3/models/LifecycleConfig.rb +142 -0
- data/lib/s3/models/LifecycleDiff.rb +46 -0
- data/lib/s3/models/LoggingConfig.rb +81 -0
- data/lib/s3/models/NotificationConfig.rb +157 -0
- data/lib/s3/models/NotificationDiff.rb +62 -0
- data/lib/s3/models/ReplicationConfig.rb +133 -0
- data/lib/s3/models/ReplicationDiff.rb +60 -0
- data/lib/s3/models/WebsiteConfig.rb +107 -0
- data/lib/security/SecurityGroups.rb +39 -0
- data/lib/security/loader/Loader.rb +94 -0
- data/lib/security/manager/Manager.rb +246 -0
- data/lib/security/models/RuleConfig.rb +161 -0
- data/lib/security/models/RuleDiff.rb +72 -0
- data/lib/security/models/RuleMigration.rb +127 -0
- data/lib/security/models/SecurityGroupConfig.rb +172 -0
- data/lib/security/models/SecurityGroupDiff.rb +112 -0
- data/lib/sns/SNS.rb +40 -0
- data/lib/sqs/SQS.rb +62 -0
- data/lib/sqs/loader/Loader.rb +34 -0
- data/lib/sqs/manager/Manager.rb +128 -0
- data/lib/sqs/models/DeadLetterConfig.rb +70 -0
- data/lib/sqs/models/DeadLetterDiff.rb +35 -0
- data/lib/sqs/models/QueueConfig.rb +115 -0
- data/lib/sqs/models/QueueDiff.rb +89 -0
- data/lib/util/Colors.rb +111 -0
- data/lib/util/StatusCodes.rb +51 -0
- data/lib/vpc/loader/Loader.rb +73 -0
- data/lib/vpc/manager/Manager.rb +954 -0
- data/lib/vpc/models/AclEntryConfig.rb +150 -0
- data/lib/vpc/models/AclEntryDiff.rb +54 -0
- data/lib/vpc/models/DhcpConfig.rb +100 -0
- data/lib/vpc/models/DhcpDiff.rb +90 -0
- data/lib/vpc/models/EndpointConfig.rb +76 -0
- data/lib/vpc/models/EndpointDiff.rb +69 -0
- data/lib/vpc/models/NetworkAclConfig.rb +87 -0
- data/lib/vpc/models/NetworkAclDiff.rb +116 -0
- data/lib/vpc/models/RouteConfig.rb +82 -0
- data/lib/vpc/models/RouteDiff.rb +50 -0
- data/lib/vpc/models/RouteTableConfig.rb +92 -0
- data/lib/vpc/models/RouteTableDiff.rb +101 -0
- data/lib/vpc/models/SubnetConfig.rb +113 -0
- data/lib/vpc/models/SubnetDiff.rb +78 -0
- data/lib/vpc/models/VpcConfig.rb +173 -0
- data/lib/vpc/models/VpcDiff.rb +315 -0
- data/rakefile.rb +8 -0
- metadata +245 -0
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
require "common/models/Diff"
|
|
2
|
+
require "common/models/TagsDiff"
|
|
3
|
+
require "common/models/ListChange"
|
|
4
|
+
require "vpc/models/RouteDiff"
|
|
5
|
+
require "util/Colors"
|
|
6
|
+
|
|
7
|
+
module Cumulus
|
|
8
|
+
module VPC
|
|
9
|
+
# Public: The types of changes that can be made to a route table
|
|
10
|
+
module RouteTableChange
|
|
11
|
+
include Common::DiffChange
|
|
12
|
+
|
|
13
|
+
ROUTES = Common::DiffChange.next_change_id
|
|
14
|
+
VGWS = Common::DiffChange.next_change_id
|
|
15
|
+
TAGS = Common::DiffChange.next_change_id
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
# Public: Represents a single difference between local configuration and AWS configuration
|
|
19
|
+
class RouteTableDiff < Common::Diff
|
|
20
|
+
include RouteTableChange
|
|
21
|
+
include Common::TagsDiff
|
|
22
|
+
|
|
23
|
+
def self.routes(aws, local)
|
|
24
|
+
aws_cidr_routes = Hash[aws.map { |route| [route.destination_cidr_block, route] }]
|
|
25
|
+
local_cidr_routes = Hash[local.map { |route| [route.dest_cidr, route] }]
|
|
26
|
+
|
|
27
|
+
added = local_cidr_routes.reject { |k, v| aws_cidr_routes.has_key? k }
|
|
28
|
+
removed = aws_cidr_routes.reject { |k, v| local_cidr_routes.has_key? k }
|
|
29
|
+
modified = local_cidr_routes.select { |k, v| aws_cidr_routes.has_key? k }
|
|
30
|
+
|
|
31
|
+
added_diffs = Hash[added.map { |cidr, route| [cidr, RouteDiff.added(route)] }]
|
|
32
|
+
removed_diffs = Hash[removed.map { |cidr, route| [cidr, RouteDiff.unmanaged(route)] }]
|
|
33
|
+
modified_diffs = Hash[modified.map do |cidr, route|
|
|
34
|
+
aws_route = aws_cidr_routes[cidr]
|
|
35
|
+
route_diffs = route.diff(aws_route)
|
|
36
|
+
if !route_diffs.empty?
|
|
37
|
+
[cidr, RouteDiff.modified(aws_route, route, route_diffs)]
|
|
38
|
+
end
|
|
39
|
+
end.reject { |v| v.nil? }]
|
|
40
|
+
|
|
41
|
+
if !added_diffs.empty? or !removed_diffs.empty? or !modified_diffs.empty?
|
|
42
|
+
diff = RouteTableDiff.new(ROUTES, aws, local)
|
|
43
|
+
diff.changes = Common::ListChange.new(added_diffs, removed_diffs, modified_diffs)
|
|
44
|
+
diff
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def self.propagate_vgws(aws, local)
|
|
49
|
+
changes = Common::ListChange.simple_list_diff(aws, local)
|
|
50
|
+
if changes
|
|
51
|
+
diff = RouteTableDiff.new(VGWS, aws, local)
|
|
52
|
+
diff.changes = changes
|
|
53
|
+
diff
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def local_tags
|
|
58
|
+
@local
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def aws_tags
|
|
62
|
+
@aws
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def asset_type
|
|
66
|
+
"Route Table"
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
def aws_name
|
|
70
|
+
@aws.name
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def diff_string
|
|
74
|
+
case @type
|
|
75
|
+
when ROUTES
|
|
76
|
+
[
|
|
77
|
+
"Routes:",
|
|
78
|
+
@changes.removed.map { |s, _| Colors.unmanaged("\t#{s} will be deleted") },
|
|
79
|
+
@changes.added.map { |s, _| Colors.added("\t#{s} will be created") },
|
|
80
|
+
@changes.modified.map do |cidr, diff|
|
|
81
|
+
[
|
|
82
|
+
"\t#{cidr}:",
|
|
83
|
+
diff.changes.map do |diff|
|
|
84
|
+
diff.to_s.lines.map { |l| "\t\t#{l}".chomp("\n") }
|
|
85
|
+
end
|
|
86
|
+
]
|
|
87
|
+
end
|
|
88
|
+
].flatten.join("\n")
|
|
89
|
+
when VGWS
|
|
90
|
+
[
|
|
91
|
+
"Propagate VGWs:",
|
|
92
|
+
@changes.removed.map { |s, _| Colors.unmanaged("\t#{s}") },
|
|
93
|
+
@changes.added.map { |s, _| Colors.added("\t#{s}") },
|
|
94
|
+
].flatten.join("\n")
|
|
95
|
+
when TAGS
|
|
96
|
+
tags_diff_string
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
require "conf/Configuration"
|
|
2
|
+
require "vpc/loader/Loader"
|
|
3
|
+
require "vpc/models/SubnetDiff"
|
|
4
|
+
require "ec2/EC2"
|
|
5
|
+
|
|
6
|
+
require "json"
|
|
7
|
+
|
|
8
|
+
module Cumulus
|
|
9
|
+
module VPC
|
|
10
|
+
|
|
11
|
+
# Public: An object representing configuration for a Subnet
|
|
12
|
+
class SubnetConfig
|
|
13
|
+
attr_reader :name
|
|
14
|
+
attr_reader :cidr_block
|
|
15
|
+
attr_reader :map_public_ip
|
|
16
|
+
attr_accessor :route_table
|
|
17
|
+
attr_accessor :network_acl
|
|
18
|
+
attr_reader :availability_zone
|
|
19
|
+
attr_reader :tags
|
|
20
|
+
|
|
21
|
+
# Public: Constructor
|
|
22
|
+
#
|
|
23
|
+
# json - a hash containing the JSON configuration for the subnet
|
|
24
|
+
def initialize(name, json = nil)
|
|
25
|
+
@name = name
|
|
26
|
+
if !json.nil?
|
|
27
|
+
@cidr_block = json["cidr-block"]
|
|
28
|
+
@map_public_ip = json["map-public-ip"] || false
|
|
29
|
+
@route_table = json["route-table"]
|
|
30
|
+
@network_acl = json["network-acl"]
|
|
31
|
+
@availability_zone = json["availability-zone"]
|
|
32
|
+
@tags = json["tags"] || {}
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
def to_hash
|
|
37
|
+
{
|
|
38
|
+
"cidr-block" => @cidr_block,
|
|
39
|
+
"map-public-ip" => @map_public_ip,
|
|
40
|
+
"route-table" => @route_table,
|
|
41
|
+
"network-acl" => @network_acl,
|
|
42
|
+
"availability-zone" => @availability_zone,
|
|
43
|
+
"tags" => @tags,
|
|
44
|
+
}
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
# Public: Populate a config object with AWS configuration
|
|
48
|
+
#
|
|
49
|
+
# aws - the AWS configuration for the subnet
|
|
50
|
+
# route_table_map - an optional mapping of route table ids to names
|
|
51
|
+
# network_acl_map - an optional mapping of network acl ids to names
|
|
52
|
+
def populate!(aws, route_table_map = {}, network_acl_map = {})
|
|
53
|
+
@cidr_block = aws.cidr_block
|
|
54
|
+
@map_public_ip = aws.map_public_ip_on_launch
|
|
55
|
+
|
|
56
|
+
subnet_rt = EC2::subnet_route_tables[aws.subnet_id]
|
|
57
|
+
@route_table = if subnet_rt then route_table_map[subnet_rt.route_table_id] || subnet_rt.route_table_id end
|
|
58
|
+
|
|
59
|
+
subnet_acl = EC2::subnet_network_acls[aws.subnet_id]
|
|
60
|
+
@network_acl = network_acl_map[subnet_acl.network_acl_id] || subnet_acl.network_acl_id
|
|
61
|
+
|
|
62
|
+
@availability_zone = aws.availability_zone
|
|
63
|
+
@tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
|
64
|
+
|
|
65
|
+
self
|
|
66
|
+
end
|
|
67
|
+
|
|
68
|
+
# Public: Produce an array of differences between this local configuration and the
|
|
69
|
+
# configuration in AWS
|
|
70
|
+
#
|
|
71
|
+
# aws - the AWS resource
|
|
72
|
+
#
|
|
73
|
+
# Returns an array of the SubnetDiffs that were found
|
|
74
|
+
def diff(aws)
|
|
75
|
+
diffs = []
|
|
76
|
+
|
|
77
|
+
if @cidr_block != aws.cidr_block
|
|
78
|
+
diffs << SubnetDiff.new(SubnetChange::CIDR, aws.cidr_block, @cidr_block)
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
if @map_public_ip != aws.map_public_ip_on_launch
|
|
82
|
+
diffs << SubnetDiff.new(SubnetChange::PUBLIC, aws.map_public_ip_on_launch, @map_public_ip)
|
|
83
|
+
end
|
|
84
|
+
|
|
85
|
+
# For route table try to get the AWS name or default to id
|
|
86
|
+
aws_subnet_rt = EC2::subnet_route_tables[aws.subnet_id]
|
|
87
|
+
aws_rt_name = if aws_subnet_rt then aws_subnet_rt.name || aws_subnet_rt.route_table_id end
|
|
88
|
+
if @route_table != aws_rt_name
|
|
89
|
+
diffs << SubnetDiff.new(SubnetChange::ROUTE_TABLE, aws_rt_name, @route_table)
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
# For network acl try to get the AWS name or default to its id
|
|
93
|
+
aws_subnet_net_acl = EC2::subnet_network_acls[aws.subnet_id]
|
|
94
|
+
aws_net_acl_name = aws_subnet_net_acl.name || aws_subnet_net_acl.network_acl_id
|
|
95
|
+
if @network_acl != aws_net_acl_name
|
|
96
|
+
diffs << SubnetDiff.new(SubnetChange::NETWORK_ACL, aws_net_acl_name, @network_acl)
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
if @availability_zone != aws.availability_zone
|
|
100
|
+
diffs << SubnetDiff.new(SubnetChange::AZ, aws.availability_zone, @availability_zone)
|
|
101
|
+
end
|
|
102
|
+
|
|
103
|
+
aws_tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
|
104
|
+
if @tags != aws_tags
|
|
105
|
+
diffs << SubnetDiff.new(SubnetChange::TAGS, aws_tags, @tags)
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
diffs
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
end
|
|
112
|
+
end
|
|
113
|
+
end
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
require "common/models/Diff"
|
|
2
|
+
require "common/models/TagsDiff"
|
|
3
|
+
require "util/Colors"
|
|
4
|
+
|
|
5
|
+
module Cumulus
|
|
6
|
+
module VPC
|
|
7
|
+
# Public: The types of changes that can be made to a subnet
|
|
8
|
+
module SubnetChange
|
|
9
|
+
include Common::DiffChange
|
|
10
|
+
|
|
11
|
+
CIDR = Common::DiffChange.next_change_id
|
|
12
|
+
PUBLIC = Common::DiffChange.next_change_id
|
|
13
|
+
ROUTE_TABLE = Common::DiffChange.next_change_id
|
|
14
|
+
NETWORK_ACL = Common::DiffChange.next_change_id
|
|
15
|
+
AZ = Common::DiffChange.next_change_id
|
|
16
|
+
TAGS = Common::DiffChange.next_change_id
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
# Public: Represents a single difference between local configuration and AWS configuration
|
|
20
|
+
class SubnetDiff < Common::Diff
|
|
21
|
+
include SubnetChange
|
|
22
|
+
include Common::TagsDiff
|
|
23
|
+
|
|
24
|
+
def local_tags
|
|
25
|
+
@local
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
def aws_tags
|
|
29
|
+
@aws
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def asset_type
|
|
33
|
+
"Subnet"
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
def aws_name
|
|
37
|
+
@aws.name
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def diff_string
|
|
41
|
+
case @type
|
|
42
|
+
when CIDR
|
|
43
|
+
[
|
|
44
|
+
"CIDR Block:",
|
|
45
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
|
46
|
+
Colors.local_changes("\tLocal - #{local}"),
|
|
47
|
+
].join("\n")
|
|
48
|
+
when PUBLIC
|
|
49
|
+
[
|
|
50
|
+
"Map Public Ip:",
|
|
51
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
|
52
|
+
Colors.local_changes("\tLocal - #{local}"),
|
|
53
|
+
].join("\n")
|
|
54
|
+
when ROUTE_TABLE
|
|
55
|
+
[
|
|
56
|
+
"Route Table:",
|
|
57
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
|
58
|
+
Colors.local_changes("\tLocal - #{local}"),
|
|
59
|
+
].join("\n")
|
|
60
|
+
when NETWORK_ACL
|
|
61
|
+
[
|
|
62
|
+
"Network ACL:",
|
|
63
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
|
64
|
+
Colors.local_changes("\tLocal - #{local}"),
|
|
65
|
+
].join("\n")
|
|
66
|
+
when AZ
|
|
67
|
+
[
|
|
68
|
+
"Availability Zone:",
|
|
69
|
+
Colors.aws_changes("\tAWS - #{aws}"),
|
|
70
|
+
Colors.local_changes("\tLocal - #{local}"),
|
|
71
|
+
].join("\n")
|
|
72
|
+
when TAGS
|
|
73
|
+
tags_diff_string
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
end
|
|
@@ -0,0 +1,173 @@
|
|
|
1
|
+
require "conf/Configuration"
|
|
2
|
+
require "vpc/loader/Loader"
|
|
3
|
+
require "vpc/models/DhcpConfig"
|
|
4
|
+
require "vpc/models/RouteTableConfig"
|
|
5
|
+
require "vpc/models/EndpointConfig"
|
|
6
|
+
require "vpc/models/NetworkAclConfig"
|
|
7
|
+
require "vpc/models/VpcDiff"
|
|
8
|
+
require "ec2/EC2"
|
|
9
|
+
|
|
10
|
+
require "json"
|
|
11
|
+
|
|
12
|
+
module Cumulus
|
|
13
|
+
module VPC
|
|
14
|
+
|
|
15
|
+
# Public: An object representing configuration for a VPC
|
|
16
|
+
class VpcConfig
|
|
17
|
+
attr_reader :name
|
|
18
|
+
attr_reader :cidr_block
|
|
19
|
+
attr_reader :tenancy
|
|
20
|
+
attr_reader :subnets
|
|
21
|
+
attr_reader :dhcp
|
|
22
|
+
attr_reader :route_tables
|
|
23
|
+
attr_reader :endpoints
|
|
24
|
+
attr_reader :address_associations
|
|
25
|
+
attr_reader :network_acls
|
|
26
|
+
attr_reader :tags
|
|
27
|
+
|
|
28
|
+
# Public: Constructor
|
|
29
|
+
#
|
|
30
|
+
# json - a hash containing the JSON configuration for the VPC
|
|
31
|
+
def initialize(name, json = nil)
|
|
32
|
+
@name = name
|
|
33
|
+
if !json.nil?
|
|
34
|
+
@cidr_block = json["cidr-block"]
|
|
35
|
+
@tenancy = json["tenancy"]
|
|
36
|
+
@dhcp = if json["dhcp"] then DhcpConfig.new(json["dhcp"]) end
|
|
37
|
+
@route_tables = json["route-tables"] || []
|
|
38
|
+
@endpoints = (json["endpoints"] || []).map { |endpoint| EndpointConfig.new(endpoint) }
|
|
39
|
+
@address_associations = json["address-associations"] || {}
|
|
40
|
+
@network_acls = json["network-acls"] || []
|
|
41
|
+
@subnets = json["subnets"] || []
|
|
42
|
+
@tags = json["tags"] || {}
|
|
43
|
+
end
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def to_hash
|
|
47
|
+
{
|
|
48
|
+
"cidr-block" => @cidr_block,
|
|
49
|
+
"tenancy" => @tenancy,
|
|
50
|
+
"dhcp" => if @dhcp then @dhcp.to_hash end,
|
|
51
|
+
"route-tables" => @route_tables,
|
|
52
|
+
"endpoints" => @endpoints.map(&:to_hash),
|
|
53
|
+
"address-associations" => @address_associations,
|
|
54
|
+
"network-acls" => @network_acls,
|
|
55
|
+
"subnets" => @subnets,
|
|
56
|
+
"tags" => @tags,
|
|
57
|
+
}
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
# Public: Populate a config object with AWS configuration
|
|
61
|
+
#
|
|
62
|
+
# aws - the AWS configuration for the subnet
|
|
63
|
+
# route_table_map - an optional mapping of route table ids to names
|
|
64
|
+
# subnet_map - an optional mapping of subnet ids to names
|
|
65
|
+
# network_acl_map - an optional mapping of network acl ids to names
|
|
66
|
+
def populate!(aws, route_table_map = {}, subnet_map = {}, network_acl_map = {})
|
|
67
|
+
@cidr_block = aws.cidr_block
|
|
68
|
+
@tenancy = aws.instance_tenancy
|
|
69
|
+
|
|
70
|
+
if aws.dhcp_options_id != "default"
|
|
71
|
+
aws_dhcp = EC2::id_dhcp_options[aws.dhcp_options_id]
|
|
72
|
+
@dhcp = DhcpConfig.new().populate!(aws_dhcp)
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
aws_rts = EC2::vpc_route_tables[aws.vpc_id]
|
|
76
|
+
rt_names = aws_rts.map { |rt| route_table_map[rt.route_table_id] || rt.route_table_id }
|
|
77
|
+
@route_tables = rt_names.sort
|
|
78
|
+
|
|
79
|
+
aws_endpoints = EC2::vpc_endpoints[aws.vpc_id]
|
|
80
|
+
@endpoints = aws_endpoints.map { |endpoint| EndpointConfig.new().populate!(endpoint, route_table_map) }
|
|
81
|
+
|
|
82
|
+
aws_addresses = EC2::vpc_addresses[aws.vpc_id]
|
|
83
|
+
@address_associations = Hash[aws_addresses.map do |addr|
|
|
84
|
+
network_interface = EC2::id_network_interfaces[addr.network_interface_id]
|
|
85
|
+
[addr.public_ip, network_interface.name || addr.network_interface_id]
|
|
86
|
+
end]
|
|
87
|
+
|
|
88
|
+
aws_network_acls = EC2::vpc_network_acls[aws.vpc_id]
|
|
89
|
+
cumulus_network_acls = aws_network_acls.map { |acl| network_acl_map[acl.network_acl_id] || acl.network_acl_id }
|
|
90
|
+
@network_acls = cumulus_network_acls.sort
|
|
91
|
+
|
|
92
|
+
aws_subnets = EC2::vpc_subnets[aws.vpc_id]
|
|
93
|
+
subnet_names = aws_subnets.map { |subnet| subnet_map[subnet.subnet_id] || subnet.subnet_id }
|
|
94
|
+
@subnets = subnet_names.sort
|
|
95
|
+
|
|
96
|
+
@tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
|
97
|
+
|
|
98
|
+
self
|
|
99
|
+
end
|
|
100
|
+
|
|
101
|
+
# Public: Produce an array of differences between this local configuration and the
|
|
102
|
+
# configuration in AWS
|
|
103
|
+
#
|
|
104
|
+
# aws - the AWS resource
|
|
105
|
+
#
|
|
106
|
+
# Returns an array of the VpcDiffs that were found
|
|
107
|
+
def diff(aws)
|
|
108
|
+
diffs = []
|
|
109
|
+
|
|
110
|
+
if @cidr_block != aws.cidr_block
|
|
111
|
+
diffs << VpcDiff.new(VpcChange::CIDR, aws.cidr_block, @cidr_block)
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
if @tenancy != aws.instance_tenancy
|
|
115
|
+
diffs << VpcDiff.new(VpcChange::TENANCY, aws.instance_tenancy, @tenancy)
|
|
116
|
+
end
|
|
117
|
+
|
|
118
|
+
# Get the actual DHCP Options from AWS from the id
|
|
119
|
+
aws_dhcp_options = EC2::id_dhcp_options[aws.dhcp_options_id]
|
|
120
|
+
dhcp_diff = VpcDiff.dhcp(aws_dhcp_options, @dhcp)
|
|
121
|
+
if dhcp_diff
|
|
122
|
+
diffs << dhcp_diff
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
# Load the actual route table configs to diff them
|
|
126
|
+
local_route_tables = @route_tables.map { |rt_name| Loader.route_table(rt_name) }
|
|
127
|
+
aws_route_tables = EC2::vpc_route_tables[aws.vpc_id]
|
|
128
|
+
route_table_diff = VpcDiff.route_tables(aws_route_tables, local_route_tables)
|
|
129
|
+
if route_table_diff
|
|
130
|
+
diffs << route_table_diff
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
# Load the vpc endpoints
|
|
134
|
+
aws_endpoints = EC2::vpc_endpoints[aws.vpc_id]
|
|
135
|
+
endpoints_diff = VpcDiff.endpoints(aws_endpoints, @endpoints)
|
|
136
|
+
if endpoints_diff
|
|
137
|
+
diffs << endpoints_diff
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
aws_associations = EC2::vpc_addresses[aws.vpc_id]
|
|
141
|
+
association_diff = VpcDiff.address_associations(aws_associations, @address_associations)
|
|
142
|
+
if association_diff
|
|
143
|
+
diffs << association_diff
|
|
144
|
+
end
|
|
145
|
+
|
|
146
|
+
# Inbound and outbound network acls
|
|
147
|
+
local_network_acls = @network_acls.map { |acl_name| Loader.network_acl(acl_name) }
|
|
148
|
+
aws_network_acls = EC2::vpc_network_acls[aws.vpc_id]
|
|
149
|
+
network_acl_diff = VpcDiff.network_acls(aws_network_acls, local_network_acls)
|
|
150
|
+
if network_acl_diff
|
|
151
|
+
diffs << network_acl_diff
|
|
152
|
+
end
|
|
153
|
+
|
|
154
|
+
# Load the local subnets from config, and the aws version of their subnets
|
|
155
|
+
local_subnets = @subnets.map { |subnet_name| Loader.subnet(subnet_name) }
|
|
156
|
+
aws_subnets = EC2::vpc_subnets[aws.vpc_id]
|
|
157
|
+
subnets_diff = VpcDiff.subnets(aws_subnets, local_subnets)
|
|
158
|
+
if subnets_diff
|
|
159
|
+
diffs << subnets_diff
|
|
160
|
+
end
|
|
161
|
+
|
|
162
|
+
# Tags
|
|
163
|
+
aws_tags = Hash[aws.tags.map { |tag| [tag.key, tag.value] }]
|
|
164
|
+
if @tags != aws_tags
|
|
165
|
+
diffs << VpcDiff.new(VpcChange::TAGS, aws_tags, @tags)
|
|
166
|
+
end
|
|
167
|
+
|
|
168
|
+
diffs
|
|
169
|
+
end
|
|
170
|
+
|
|
171
|
+
end
|
|
172
|
+
end
|
|
173
|
+
end
|