-
Notifications
You must be signed in to change notification settings - Fork 5.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #54982 from mchugh19/port-50215
master-port 50215 and 51943
- Loading branch information
Showing
4 changed files
with
132 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,121 @@ | ||
# -*- coding: utf-8 -*- | ||
''' | ||
Connection module for Amazon SSM | ||
:configuration: This module uses IAM roles assigned to the instance through | ||
Instance Profiles. Dynamic credentials are then automatically obtained | ||
from AWS API and no further configuration is necessary. More Information | ||
available at: | ||
.. code-block:: text | ||
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html | ||
:depends: boto3 | ||
''' | ||
# Import Python libs | ||
from __future__ import absolute_import, print_function, unicode_literals | ||
import logging | ||
|
||
# Import Salt libs | ||
import salt.utils.versions | ||
import salt.utils.json as json | ||
|
||
log = logging.getLogger(__name__) | ||
|
||
|
||
def __virtual__(): | ||
''' | ||
Only load if boto libraries exist. | ||
''' | ||
has_boto_reqs = salt.utils.versions.check_boto_reqs() | ||
if has_boto_reqs is True: | ||
__utils__['boto3.assign_funcs'](__name__, 'ssm') | ||
return has_boto_reqs | ||
|
||
|
||
def get_parameter(name, withdecryption=False, resp_json=False, region=None, key=None, keyid=None, profile=None): | ||
''' | ||
Retrives a parameter from SSM Parameter Store | ||
.. versionadded:: Neon | ||
.. code-block:: text | ||
salt-call boto_ssm.get_parameter test-param withdescription=True | ||
''' | ||
conn = __utils__['boto3.get_connection']('ssm', region=region, key=key, keyid=keyid, profile=profile) | ||
try: | ||
resp = conn.get_parameter(Name=name, WithDecryption=withdecryption) | ||
except conn.exceptions.ParameterNotFound: | ||
log.warning("get_parameter: Unable to locate name: %s", name) | ||
return False | ||
|
||
if resp_json: | ||
return json.loads(resp['Parameter']['Value']) | ||
else: | ||
return resp['Parameter']['Value'] | ||
|
||
|
||
def put_parameter(Name, | ||
Value, | ||
Description=None, | ||
Type='String', | ||
KeyId=None, | ||
Overwrite=False, | ||
AllowedPattern=None, | ||
region=None, | ||
key=None, | ||
keyid=None, | ||
profile=None): | ||
''' | ||
Sets a parameter in the SSM parameter store | ||
.. versionadded:: Neon | ||
.. code-block:: text | ||
salt-call boto_ssm.put_parameter test-param test_value Type=SecureString KeyId=alias/aws/ssm Description='test encrypted key' | ||
''' | ||
conn = __utils__['boto3.get_connection']('ssm', region=region, key=key, keyid=keyid, profile=profile) | ||
if Type not in ('String', 'StringList', 'SecureString'): | ||
raise AssertionError('Type needs to be String|StringList|SecureString') | ||
if Type == 'SecureString' and not KeyId: | ||
raise AssertionError('Require KeyId with SecureString') | ||
|
||
boto_args = {} | ||
if Description: | ||
boto_args['Description'] = Description | ||
if KeyId: | ||
boto_args['KeyId'] = KeyId | ||
if AllowedPattern: | ||
boto_args['AllowedPattern'] = AllowedPattern | ||
|
||
try: | ||
resp = conn.put_parameter(Name=Name, Value=Value, Type=Type, Overwrite=Overwrite, **boto_args) | ||
except conn.exceptions.ParameterAlreadyExists: | ||
log.warning("The parameter already exists." | ||
" To overwrite this value, set the Overwrite option in the request to True") | ||
return False | ||
return resp['Version'] | ||
|
||
|
||
def delete_parameter(Name, region=None, key=None, keyid=None, profile=None): | ||
''' | ||
Removes a parameter from the SSM parameter store | ||
.. versionadded:: Neon | ||
.. code-block:: text | ||
salt-call boto_ssm.delete_parameter test-param | ||
''' | ||
conn = __utils__['boto3.get_connection']('ssm', region=region, key=key, keyid=keyid, profile=profile) | ||
try: | ||
resp = conn.delete_parameter(Name=Name) | ||
except conn.exceptions.ParameterNotFound: | ||
log.warning("delete_parameter: Unable to locate name: %s", Name) | ||
return False | ||
if resp['ResponseMetadata']['HTTPStatusCode'] == 200: | ||
return True | ||
else: | ||
return False |