/** * Creates a snapshot and return the snapshot id. */ public static String createSnapshot(VerificationHost host, AmazonEC2Client client, String volumeId) { CreateSnapshotRequest req = new CreateSnapshotRequest() .withVolumeId(volumeId); CreateSnapshotResult res = client.createSnapshot(req); String snapshotId = res.getSnapshot().getSnapshotId(); Filter filter = new Filter().withName(SNAPSHOT_ID_ATTRIBUTE).withValues(snapshotId); DescribeSnapshotsRequest snapshotsRequest = new DescribeSnapshotsRequest() .withSnapshotIds(snapshotId) .withFilters(filter); host.waitFor("Timeout waiting for creating snapshot", () -> { DescribeSnapshotsResult snapshotsResult = client.describeSnapshots(snapshotsRequest); String state = snapshotsResult.getSnapshots().get(0).getState(); if (state.equalsIgnoreCase(SNAPSHOT_STATUS_COMPLETE)) { return true; } return false; }); return snapshotId; }
/** * This implementation uses DescribeSpotPriceHistory API which returns the latest spot price history for the specified AZ and instance types. This method * then filters the returned list to only contain the latest spot price for each instance type. */ @Override public List<SpotPrice> getLatestSpotPrices(String availabilityZone, Collection<String> instanceTypes, Collection<String> productDescriptions, AwsParamsDto awsParamsDto) { AmazonEC2Client ec2Client = getEc2Client(awsParamsDto); DescribeSpotPriceHistoryRequest describeSpotPriceHistoryRequest = new DescribeSpotPriceHistoryRequest(); describeSpotPriceHistoryRequest.setAvailabilityZone(availabilityZone); describeSpotPriceHistoryRequest.setInstanceTypes(instanceTypes); describeSpotPriceHistoryRequest.setProductDescriptions(productDescriptions); DescribeSpotPriceHistoryResult describeSpotPriceHistoryResult = ec2Operations.describeSpotPriceHistory(ec2Client, describeSpotPriceHistoryRequest); List<SpotPrice> spotPrices = new ArrayList<>(); Set<String> instanceTypesFound = new HashSet<>(); for (SpotPrice spotPriceHistoryEntry : describeSpotPriceHistoryResult.getSpotPriceHistory()) { if (instanceTypesFound.add(spotPriceHistoryEntry.getInstanceType())) { spotPrices.add(spotPriceHistoryEntry); } } return spotPrices; }
@Override public Map<AvailabilityZone, List<Instance>> getInstancesMapForZone( AvailabilityZone zone, AmazonEC2Client client) throws Exception { OperationStats op = new OperationStats("ec2InstanceStore", "getInstancesMapForZone"); try { Map<AvailabilityZone, List<Instance>> ret = new HashMap<>(); ret.put(zone, getInstancesForZone(zone, client)); op.succeed(); return ret; } catch (Exception e) { op.failed(); logger.error(ExceptionUtils.getRootCauseMessage(e)); throw e; } }
@Override public Map<AvailabilityZone, List<ReservedInstances>> getReservedInstancesForZone( AvailabilityZone zone, AmazonEC2Client client) throws Exception { OperationStats op = new OperationStats("ec2InstanceStore", "getReservedInstancesForZone"); try { Map<AvailabilityZone, List<ReservedInstances>> ret = new HashMap<>(); DescribeReservedInstancesRequest request = new DescribeReservedInstancesRequest() .withFilters(new Filter("availability-zone", Arrays.asList(zone.getZoneName()))) .withSdkClientExecutionTimeout( 600 * 1000) //10 minutes time out for total execution including retries .withSdkRequestTimeout(300 * 1000); //5 minutes time out for a single request DescribeReservedInstancesResult result = client.describeReservedInstances(request); ret.put(zone, result.getReservedInstances()); op.succeed(); return ret; } catch (Exception e) { op.failed(); logger.error(ExceptionUtils.getRootCauseMessage(e)); throw e; } }
/** * Creates a volume and return the volume id. */ public static String createVolume(VerificationHost host, AmazonEC2Client client) { CreateVolumeRequest req = new CreateVolumeRequest() .withAvailabilityZone(zoneId + avalabilityZoneIdentifier) .withSize(1); CreateVolumeResult res = client.createVolume(req); String volumeId = res.getVolume().getVolumeId(); Filter filter = new Filter().withName(VOLUME_ID_ATTRIBUTE).withValues(volumeId); DescribeVolumesRequest volumesRequest = new DescribeVolumesRequest() .withVolumeIds(volumeId) .withFilters(filter); host.waitFor("Timeout waiting for creating volume", () -> { DescribeVolumesResult volumesResult = client.describeVolumes(volumesRequest); String state = volumesResult.getVolumes().get(0).getState(); if (state.equalsIgnoreCase(VOLUME_STATUS_AVAILABLE)) { return true; } return false; }); return volumeId; }
/** * Attach a provided AWS NIC to a given AWS VM with deviceIndex = number of NICs + 1 * returns the attachment ID of the newly created and attached NIC. This is necessary for * removing it later for the goals of the test. The NIC is as well configured to be deleted on * instance termination for sanity purposes. */ public static String addNICDirectlyWithEC2Client(ComputeState vm, AmazonEC2Client client, VerificationHost host, String newNicId) { // attach the new AWS NIC to the AWS VM AttachNetworkInterfaceRequest attachNewNic = new AttachNetworkInterfaceRequest() .withInstanceId(vm.id) .withDeviceIndex(vm.networkInterfaceLinks.size()) .withNetworkInterfaceId(newNicId); AttachNetworkInterfaceResult attachmetnResult = client.attachNetworkInterface(attachNewNic); String attachmentId = attachmetnResult.getAttachmentId(); // ensure the new NIC is deleted when the VM is terminated NetworkInterfaceAttachmentChanges attachTerm = new NetworkInterfaceAttachmentChanges() .withAttachmentId(attachmentId) .withDeleteOnTermination(true); ModifyNetworkInterfaceAttributeRequest setDeleteOnTerm = new ModifyNetworkInterfaceAttributeRequest() .withAttachment(attachTerm) .withNetworkInterfaceId(newNicId); client.modifyNetworkInterfaceAttribute(setDeleteOnTerm); host.log("Created new NIC with id: %s to vm id: %s with attachment id: %s", newNicId, vm.id, attachmentId); return attachmentId; }
public static String provisionAWSVMWithEC2Client(VerificationHost host, AmazonEC2Client client, String ami, String subnetId, String securityGroupId) { RunInstancesRequest runInstancesRequest = new RunInstancesRequest() .withSubnetId(subnetId) .withImageId(ami) .withInstanceType(instanceType) .withMinCount(1).withMaxCount(1) .withSecurityGroupIds(securityGroupId); // handler invoked once the EC2 runInstancesAsync commands completes RunInstancesResult result = null; try { result = client.runInstances(runInstancesRequest); } catch (Exception e) { host.log(Level.SEVERE, "Error encountered in provisioning machine on AWS", Utils.toString(e)); } assertNotNull(result); assertNotNull(result.getReservation()); assertNotNull(result.getReservation().getInstances()); assertEquals(1, result.getReservation().getInstances().size()); return result.getReservation().getInstances().get(0).getInstanceId(); }
public static String provisionAWSEBSVMWithEC2Client(VerificationHost host, AmazonEC2Client client, String ami, String subnetId, String securityGroupId, BlockDeviceMapping blockDeviceMapping) { RunInstancesRequest runInstancesRequest = new RunInstancesRequest() .withSubnetId(subnetId) .withImageId(ami) .withInstanceType(instanceType) .withMinCount(1).withMaxCount(1) .withSecurityGroupIds(securityGroupId) .withBlockDeviceMappings(blockDeviceMapping); // handler invoked once the EC2 runInstancesAsync commands completes RunInstancesResult result = null; try { result = client.runInstances(runInstancesRequest); } catch (Exception e) { host.log(Level.SEVERE, "Error encountered in provisioning machine on AWS", Utils.toString(e)); } assertNotNull(result); assertNotNull(result.getReservation()); assertNotNull(result.getReservation().getInstances()); assertEquals(1, result.getReservation().getInstances().size()); return result.getReservation().getInstances().get(0).getInstanceId(); }
private void startInstances(AmazonEC2Client ec2Client, Exchange exchange) { Collection instanceIds; StartInstancesRequest request = new StartInstancesRequest(); if (ObjectHelper.isNotEmpty(exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS))) { instanceIds = exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS, Collection.class); request.withInstanceIds(instanceIds); } else { throw new IllegalArgumentException("Instances Ids must be specified"); } StartInstancesResult result; try { result = ec2Client.startInstances(request); } catch (AmazonServiceException ase) { LOG.trace("Start Instances command returned the error code {}", ase.getErrorCode()); throw ase; } LOG.trace("Starting instances with Ids [{}] ", Arrays.toString(instanceIds.toArray())); Message message = getMessageForResponse(exchange); message.setBody(result); }
private void stopInstances(AmazonEC2Client ec2Client, Exchange exchange) { Collection instanceIds; StopInstancesRequest request = new StopInstancesRequest(); if (ObjectHelper.isNotEmpty(exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS))) { instanceIds = exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS, Collection.class); request.withInstanceIds(instanceIds); } else { throw new IllegalArgumentException("Instances Ids must be specified"); } StopInstancesResult result; try { result = ec2Client.stopInstances(request); } catch (AmazonServiceException ase) { LOG.trace("Stop Instances command returned the error code {}", ase.getErrorCode()); throw ase; } LOG.trace("Stopping instances with Ids [{}] ", Arrays.toString(instanceIds.toArray())); Message message = getMessageForResponse(exchange); message.setBody(result); }
private void terminateInstances(AmazonEC2Client ec2Client, Exchange exchange) { Collection instanceIds; TerminateInstancesRequest request = new TerminateInstancesRequest(); if (ObjectHelper.isNotEmpty(exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS))) { instanceIds = exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS, Collection.class); request.withInstanceIds(instanceIds); } else { throw new IllegalArgumentException("Instances Ids must be specified"); } TerminateInstancesResult result; try { result = ec2Client.terminateInstances(request); } catch (AmazonServiceException ase) { LOG.trace("Terminate Instances command returned the error code {}", ase.getErrorCode()); throw ase; } LOG.trace("Terminating instances with Ids [{}] ", Arrays.toString(instanceIds.toArray())); Message message = getMessageForResponse(exchange); message.setBody(result); }
private void describeInstances(AmazonEC2Client ec2Client, Exchange exchange) { Collection instanceIds; DescribeInstancesRequest request = new DescribeInstancesRequest(); if (ObjectHelper.isNotEmpty(exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS))) { instanceIds = exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS, Collection.class); request.withInstanceIds(instanceIds); } DescribeInstancesResult result; try { result = ec2Client.describeInstances(request); } catch (AmazonServiceException ase) { LOG.trace("Describe Instances command returned the error code {}", ase.getErrorCode()); throw ase; } Message message = getMessageForResponse(exchange); message.setBody(result); }
private void describeInstancesStatus(AmazonEC2Client ec2Client, Exchange exchange) { Collection instanceIds; DescribeInstanceStatusRequest request = new DescribeInstanceStatusRequest(); if (ObjectHelper.isNotEmpty(exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS))) { instanceIds = exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS, Collection.class); request.withInstanceIds(instanceIds); } DescribeInstanceStatusResult result; try { result = ec2Client.describeInstanceStatus(request); } catch (AmazonServiceException ase) { LOG.trace("Describe Instances Status command returned the error code {}", ase.getErrorCode()); throw ase; } Message message = getMessageForResponse(exchange); message.setBody(result); }
private void rebootInstances(AmazonEC2Client ec2Client, Exchange exchange) { Collection instanceIds; RebootInstancesRequest request = new RebootInstancesRequest(); if (ObjectHelper.isNotEmpty(exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS))) { instanceIds = exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS, Collection.class); request.withInstanceIds(instanceIds); } else { throw new IllegalArgumentException("Instances Ids must be specified"); } try { LOG.trace("Rebooting instances with Ids [{}] ", Arrays.toString(instanceIds.toArray())); ec2Client.rebootInstances(request); } catch (AmazonServiceException ase) { LOG.trace("Reboot Instances command returned the error code {}", ase.getErrorCode()); throw ase; } }
private void monitorInstances(AmazonEC2Client ec2Client, Exchange exchange) { Collection instanceIds; MonitorInstancesRequest request = new MonitorInstancesRequest(); if (ObjectHelper.isNotEmpty(exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS))) { instanceIds = exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS, Collection.class); request.withInstanceIds(instanceIds); } else { throw new IllegalArgumentException("Instances Ids must be specified"); } MonitorInstancesResult result; try { result = ec2Client.monitorInstances(request); } catch (AmazonServiceException ase) { LOG.trace("Monitor Instances command returned the error code {}", ase.getErrorCode()); throw ase; } LOG.trace("Start Monitoring instances with Ids [{}] ", Arrays.toString(instanceIds.toArray())); Message message = getMessageForResponse(exchange); message.setBody(result); }
private void unmonitorInstances(AmazonEC2Client ec2Client, Exchange exchange) { Collection instanceIds; UnmonitorInstancesRequest request = new UnmonitorInstancesRequest(); if (ObjectHelper.isNotEmpty(exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS))) { instanceIds = exchange.getIn().getHeader(EC2Constants.INSTANCES_IDS, Collection.class); request.withInstanceIds(instanceIds); } else { throw new IllegalArgumentException("Instances Ids must be specified"); } UnmonitorInstancesResult result; try { result = ec2Client.unmonitorInstances(request); } catch (AmazonServiceException ase) { LOG.trace("Unmonitor Instances command returned the error code {}", ase.getErrorCode()); throw ase; } LOG.trace("Stop Monitoring instances with Ids [{}] ", Arrays.toString(instanceIds.toArray())); Message message = getMessageForResponse(exchange); message.setBody(result); }
@Override public void validate(String name, Configured configuration, PluginExceptionConditionAccumulator accumulator, LocalizationContext localizationContext) { AmazonEC2Client ec2Client = provider.getClient(); AWSKMSClient kmsClient = provider.getKmsClient(); checkImage(ec2Client, configuration, accumulator, localizationContext); Map<String, String> vpcSubnetMap = checkSubnetId(ec2Client, configuration, accumulator, localizationContext); Map<String, Set<String>> vpcSecurityGroupMap = checkSecurityGroupIds(ec2Client, configuration, accumulator, localizationContext); checkVpc(vpcSubnetMap, vpcSecurityGroupMap, accumulator, localizationContext); checkAvailabilityZone(ec2Client, configuration, accumulator, localizationContext); checkPlacementGroup(ec2Client, configuration, accumulator, localizationContext); checkTenancy(configuration, accumulator, localizationContext); checkIamProfileName(configuration, accumulator, localizationContext); checkRootVolumeSize(configuration, accumulator, localizationContext); checkRootVolumeType(configuration, accumulator, localizationContext); checkEbsVolumes(kmsClient, configuration, accumulator, localizationContext); checkKeyName(ec2Client, configuration, accumulator, localizationContext); checkSpotParameters(configuration, accumulator, localizationContext); }
/** * Validates the actual security group permissions against the pre-defined network rules. * * @param client the EC2 client * @param configuration the configuration to be validated * @param accumulator the exception condition accumulator * @param localizationContext the localization context */ private void checkSecurityGroups(AmazonEC2Client client, Configured configuration, PluginExceptionConditionAccumulator accumulator, LocalizationContext localizationContext) { List<String> securityGroupIds = EC2InstanceTemplate.CSV_SPLITTER.splitToList( configuration.getConfigurationValue(SECURITY_GROUP_IDS, localizationContext)); List<SecurityGroup> securityGroups = Collections.emptyList(); try { DescribeSecurityGroupsResult result = client.describeSecurityGroups( new DescribeSecurityGroupsRequest().withGroupIds(securityGroupIds)); securityGroups = result.getSecurityGroups(); } catch (AmazonServiceException e) { if (!e.getErrorCode().startsWith(INVALID_SECURITY_GROUP)) { throw Throwables.propagate(e); } // Otherwise, the error should be caught in anther validation, // EC2InstanceTemplateConfigurationValidator.checkSecurityGroupIds() } for (Direction direction : Direction.values()) { checkRulesForSecurityGroups(securityGroups, direction, accumulator, localizationContext); } }
private static String getEndpointForRegion(AmazonEC2Client client, String regionName) { requireNonNull(client, "client is null"); requireNonNull(regionName, "regionName is null"); LOG.info(">> Describing all regions to find endpoint for '{}'", regionName); DescribeRegionsResult result = client.describeRegions(); List<String> regions = Lists.newArrayListWithExpectedSize(result.getRegions().size()); for (Region candidate : result.getRegions()) { regions.add(candidate.getRegionName()); if (candidate.getRegionName().equals(regionName)) { LOG.info("<< Found endpoint '{}' for region '{}'", candidate.getEndpoint(), regionName); return candidate.getEndpoint(); } } throw new IllegalArgumentException(String.format("Unable to find an endpoint for region '%s'. " + "Choose one of the following regions: %s", regionName, Joiner.on(", ").join(regions))); }
/** * Creates a client for accessing Amazon EC2 service. * * @param awsParamsDto the AWS related parameters DTO that includes optional AWS credentials and proxy information * * @return the Amazon EC2 client */ @Cacheable(DaoSpringModuleConfig.HERD_CACHE_NAME) public AmazonEC2Client getEc2Client(AwsParamsDto awsParamsDto) { // Get client configuration. ClientConfiguration clientConfiguration = awsHelper.getClientConfiguration(awsParamsDto); // If specified, use the AWS credentials passed in. if (StringUtils.isNotBlank(awsParamsDto.getAwsAccessKeyId())) { return new AmazonEC2Client( new BasicSessionCredentials(awsParamsDto.getAwsAccessKeyId(), awsParamsDto.getAwsSecretKey(), awsParamsDto.getSessionToken()), clientConfiguration); } // Otherwise, use the default AWS credentials provider chain. else { return new AmazonEC2Client(clientConfiguration); } }
/** * This implementation uses the DescribeAvailabilityZones API to get the list of AZs. */ @Override public List<AvailabilityZone> getAvailabilityZonesForSubnetIds(Collection<Subnet> subnets, AwsParamsDto awsParamsDto) { Set<String> zoneNames = new HashSet<>(); for (Subnet subnet : subnets) { zoneNames.add(subnet.getAvailabilityZone()); } AmazonEC2Client ec2Client = getEc2Client(awsParamsDto); DescribeAvailabilityZonesRequest describeAvailabilityZonesRequest = new DescribeAvailabilityZonesRequest(); describeAvailabilityZonesRequest.setZoneNames(zoneNames); DescribeAvailabilityZonesResult describeAvailabilityZonesResult = ec2Operations.describeAvailabilityZones(ec2Client, describeAvailabilityZonesRequest); return describeAvailabilityZonesResult.getAvailabilityZones(); }
@Override public void modifyInstanceAttribute(AmazonEC2Client ec2Client, ModifyInstanceAttributeRequest modifyInstanceAttributeRequest) { if (modifyInstanceAttributeRequest.getGroups() != null && modifyInstanceAttributeRequest.getGroups().get(0).equals(MockAwsOperationsHelper.AMAZON_SERVICE_EXCEPTION)) { throw new AmazonServiceException(MockAwsOperationsHelper.AMAZON_SERVICE_EXCEPTION); } if (modifyInstanceAttributeRequest.getGroups() != null && modifyInstanceAttributeRequest.getGroups().get(0).equals(MockAwsOperationsHelper.AMAZON_THROTTLING_EXCEPTION)) { AmazonServiceException throttlingException = new AmazonServiceException("test throttling exception"); throttlingException.setErrorCode("ThrottlingException"); throw throttlingException; } }
protected Ec2TagInstanceDiscovery(AmazonEC2Client ec2Client) { Preconditions.checkNotNull(ec2Client); this.ec2Client = ec2Client; Preconditions.checkState(!Strings.isNullOrEmpty(CLUSTER_TAG_KEY.get()), PROPERTY_NAME + " must be supplied!"); String regionName = DynamicPropertyFactory.getInstance().getStringProperty("turbine.region", "").get(); if(Strings.isNullOrEmpty(regionName)) { Region currentRegion = Regions.getCurrentRegion(); if(currentRegion != null) { regionName = currentRegion.getName(); } else { regionName = "us-east-1"; } } ec2Client.setRegion(Region.getRegion(Regions.fromName(regionName))); log.debug("Set the ec2 region to [{}]", regionName); }
protected AsgTagInstanceDiscovery(AmazonAutoScalingClient asgClient, AmazonEC2Client ec2Client) { Preconditions.checkNotNull(asgClient); Preconditions.checkNotNull(ec2Client); Preconditions.checkState(!Strings.isNullOrEmpty(CLUSTER_TAG_KEY.get()), TAG_PROPERTY_NAME + " must be supplied!"); this.asgClient = asgClient; this.ec2Client = ec2Client; String regionName = DynamicPropertyFactory.getInstance().getStringProperty("turbine.region", "").get(); if(Strings.isNullOrEmpty(regionName)) { Region currentRegion = Regions.getCurrentRegion(); if(currentRegion != null) { regionName = currentRegion.getName(); } else { regionName = "us-east-1"; } } Region region = Region.getRegion(Regions.fromName(regionName)); ec2Client.setRegion(region); asgClient.setRegion(region); log.debug("Set the region to [{}]", region); }
@Override @Cacheable(cacheNames = "ami-details", cacheManager = "oneDayTTLCacheManager") public Map<String, String> getAmiDetails(final String accountId, final Region region, final String amiId) { final ImmutableMap.Builder<String, String> result = ImmutableMap.builder(); result.put("ami_id", amiId); final AmazonEC2Client ec2 = clientProvider.getClient(AmazonEC2Client.class, accountId, region); final Optional<Image> ami = Optional.ofNullable(new DescribeImagesRequest().withImageIds(amiId)) .map(ec2::describeImages) .map(DescribeImagesResult::getImages) .map(List::stream) .flatMap(Stream::findFirst); ami.map(Image::getName).ifPresent(name -> result.put("ami_name", name)); ami.map(Image::getOwnerId).ifPresent(owner -> result.put("ami_owner_id", owner)); return result.build(); }
@Override @Cacheable(cacheNames = "ec2-instance", cacheManager = "twoHoursTTLCacheManager") public Optional<Instance> getById(final String accountId, final Region region, final String instanceId) { try { return clientProvider.getClient(AmazonEC2Client.class, accountId, region) .describeInstances(new DescribeInstancesRequest().withInstanceIds(instanceId)) .getReservations().stream() .flatMap(reservation -> reservation.getInstances().stream()) .filter(instance -> Objects.equals(instance.getInstanceId(), instanceId)) .findFirst(); } catch (AmazonEC2Exception e) { if (Objects.equals(e.getErrorCode(), "InvalidInstanceID.NotFound")) { return Optional.empty(); } else { throw e; } } }
@Override public Map<String, SecurityGroupCheckDetails> check(final Collection<String> groupIds, final String account, final Region region) { final DescribeSecurityGroupsRequest describeSecurityGroupsRequest = new DescribeSecurityGroupsRequest(); describeSecurityGroupsRequest.setGroupIds(groupIds); final AmazonEC2Client amazonEC2Client = clientProvider.getClient( AmazonEC2Client.class, account, region); final DescribeSecurityGroupsResult describeSecurityGroupsResult = amazonEC2Client.describeSecurityGroups( describeSecurityGroupsRequest); final ImmutableMap.Builder<String, SecurityGroupCheckDetails> result = ImmutableMap.builder(); for (final SecurityGroup securityGroup : describeSecurityGroupsResult.getSecurityGroups()) { final List<String> offendingRules = securityGroup.getIpPermissions().stream() .filter(isOffending) .map(Object::toString) .collect(toList()); if (!offendingRules.isEmpty()) { final SecurityGroupCheckDetails details = new SecurityGroupCheckDetails( securityGroup.getGroupName(), ImmutableList.copyOf(offendingRules)); result.put(securityGroup.getGroupId(), details); } } return result.build(); }
@SuppressWarnings("unchecked") @Before public void setUp() throws Exception { final ClientProvider mockClientProvider = mock(ClientProvider.class); final AmazonEC2Client mockEC2 = mock(AmazonEC2Client.class); mockPredicate = (Predicate<IpPermission>) mock(Predicate.class); when(mockClientProvider.getClient(any(), any(), any())).thenReturn(mockEC2); securityGroupsChecker = new SecurityGroupsCheckerImpl(mockClientProvider, mockPredicate); final DescribeSecurityGroupsResult securityGroups = new DescribeSecurityGroupsResult() .withSecurityGroups(new SecurityGroup() .withGroupId("sg-12345678") .withGroupName("my-sec-group") .withIpPermissions(new IpPermission() .withIpProtocol("tcp") .withIpv4Ranges(new IpRange().withCidrIp("0.0.0.0/0")) .withFromPort(0) .withToPort(65535) .withIpv6Ranges(new Ipv6Range().withCidrIpv6("::/0")) .withUserIdGroupPairs(new UserIdGroupPair() .withUserId("111222333444") .withGroupId("sg-11223344")))); when(mockEC2.describeSecurityGroups(any())).thenReturn(securityGroups); }
@Test public void testCachingClientProvider() throws InterruptedException { final AmazonWebServiceClient client = provider.getClient( AmazonEC2Client.class, "", Region.getRegion(Regions.EU_CENTRAL_1)); Assertions.assertThat(client).isNotNull(); System.out.println(client.toString()); for (int i = 0; i < 10; i++) { final AmazonEC2Client other = provider.getClient( AmazonEC2Client.class, "", Region.getRegion(Regions.EU_CENTRAL_1)); Assertions.assertThat(other).isNotNull(); Assertions.assertThat(other).isEqualTo(client); System.out.println(other.toString()); TimeUnit.SECONDS.sleep(2); } }
private List<Reservation> fetchReservations(final AmazonEC2Client amazonEC2Client, final CloudTrailEvent event, final List<String> instanceIds){ final DescribeInstancesRequest describeInstancesRequest = new DescribeInstancesRequest(); DescribeInstancesResult describeInstancesResult = null; try { describeInstancesResult = amazonEC2Client .describeInstances(describeInstancesRequest.withInstanceIds(instanceIds)); } catch (final AmazonServiceException e) { LOG.warn("Subnet plugin: {}", e.getErrorMessage()); return null; } return describeInstancesResult.getReservations(); }
private Optional<String> getAmiIdFromEC2Api(final EC2InstanceContext context) { final String instanceId = context.getInstanceId(); try { return context.getClient(AmazonEC2Client.class) .describeInstances(new DescribeInstancesRequest().withInstanceIds(instanceId)) .getReservations() .stream() .map(Reservation::getInstances) .flatMap(Collection::stream) .filter(i -> i.getInstanceId().equals(instanceId)) .map(Instance::getImageId) .findFirst(); } catch (final AmazonClientException e) { log.warn("Could not describe instance " + instanceId, e); return empty(); } }
@Test public void testApplyWithTaupageAmi() throws Exception { when(ec2InstanceContextMock.isTaupageAmi()).thenReturn(Optional.of(true)); when(ec2InstanceContextMock.getInstanceId()).thenReturn(INSTANCE_ID); when(ec2InstanceContextMock.getClient(eq(AmazonEC2Client.class))).thenReturn(amazonEC2ClientMock); when(amazonEC2ClientMock.describeInstanceAttribute(any())).thenReturn(new DescribeInstanceAttributeResult(). withInstanceAttribute(new InstanceAttribute() .withUserData(Base64.encodeAsString("blub: fdsa".getBytes())))); final Optional<TaupageYaml> result = taupageYamlProvider.apply(ec2InstanceContextMock); assertThat(result).isPresent(); verify(ec2InstanceContextMock).isTaupageAmi(); verify(ec2InstanceContextMock).getInstanceId(); verify(ec2InstanceContextMock).getClient(eq(AmazonEC2Client.class)); verify(amazonEC2ClientMock).describeInstanceAttribute(any()); }
@Test public void testApplyWithVersionSimilarToNumber() throws Exception { when(ec2InstanceContextMock.isTaupageAmi()).thenReturn(Optional.of(true)); when(ec2InstanceContextMock.getInstanceId()).thenReturn(INSTANCE_ID); when(ec2InstanceContextMock.getClient(eq(AmazonEC2Client.class))).thenReturn(amazonEC2ClientMock); when(amazonEC2ClientMock.describeInstanceAttribute(any())).thenReturn(new DescribeInstanceAttributeResult(). withInstanceAttribute(new InstanceAttribute() .withUserData(Base64.encodeAsString("application_id: fdsa\napplication_version: 6478e18".getBytes())))); final Optional<TaupageYaml> result = taupageYamlProvider.apply(ec2InstanceContextMock); assertThat(result).isPresent(); assertThat(result.get().getApplicationId()).isEqualTo("fdsa"); assertThat(result.get().getApplicationVersion()).isEqualTo("6478e18"); verify(ec2InstanceContextMock).isTaupageAmi(); verify(ec2InstanceContextMock).getInstanceId(); verify(ec2InstanceContextMock).getClient(eq(AmazonEC2Client.class)); verify(amazonEC2ClientMock).describeInstanceAttribute(any()); }
@Test public void testApplyWithVersionSimilarToNumber1() throws Exception { when(ec2InstanceContextMock.isTaupageAmi()).thenReturn(Optional.of(true)); when(ec2InstanceContextMock.getInstanceId()).thenReturn(INSTANCE_ID); when(ec2InstanceContextMock.getClient(eq(AmazonEC2Client.class))).thenReturn(amazonEC2ClientMock); when(amazonEC2ClientMock.describeInstanceAttribute(any())).thenReturn(new DescribeInstanceAttributeResult(). withInstanceAttribute(new InstanceAttribute() .withUserData(Base64.encodeAsString("application_id: fdsa\napplication_version: '6478e18'".getBytes())))); final Optional<TaupageYaml> result = taupageYamlProvider.apply(ec2InstanceContextMock); assertThat(result).isPresent(); assertThat(result.get().getApplicationId()).isEqualTo("fdsa"); assertThat(result.get().getApplicationVersion()).isEqualTo("6478e18"); verify(ec2InstanceContextMock).isTaupageAmi(); verify(ec2InstanceContextMock).getInstanceId(); verify(ec2InstanceContextMock).getClient(eq(AmazonEC2Client.class)); verify(amazonEC2ClientMock).describeInstanceAttribute(any()); }
@Test public void testApplyWithTaupageAmiButInvalidYaml() throws Exception { // a yaml list is not a valid taupage format. Map is required. final String yamlData = "- a\n- b\n- c\n"; when(ec2InstanceContextMock.isTaupageAmi()).thenReturn(Optional.of(true)); when(ec2InstanceContextMock.getInstanceId()).thenReturn(INSTANCE_ID); when(ec2InstanceContextMock.getClient(eq(AmazonEC2Client.class))).thenReturn(amazonEC2ClientMock); when(amazonEC2ClientMock.describeInstanceAttribute(any())).thenReturn(new DescribeInstanceAttributeResult(). withInstanceAttribute(new InstanceAttribute() .withUserData(Base64.encodeAsString(yamlData.getBytes())))); final Optional<TaupageYaml> result = taupageYamlProvider.apply(ec2InstanceContextMock); assertThat(result).isEmpty(); verify(ec2InstanceContextMock).isTaupageAmi(); verify(ec2InstanceContextMock).getInstanceId(); verify(ec2InstanceContextMock).getClient(eq(AmazonEC2Client.class)); verify(amazonEC2ClientMock).describeInstanceAttribute(any()); }
@Test public void testApplyAmiFound() throws Exception { when(ec2InstanceContextMock.getAmiId()).thenReturn(Optional.of(AMI_ID)); when(ec2InstanceContextMock.getClient(eq(AmazonEC2Client.class))).thenReturn(amazonEC2ClientMock); final DescribeImagesRequest describeImagesRequest = new DescribeImagesRequest().withImageIds(AMI_ID); when(amazonEC2ClientMock.describeImages(eq(describeImagesRequest))) .thenReturn(new DescribeImagesResult() .withImages(newArrayList(new Image() .withImageId(AMI_ID) .withName(AMI_NAME)) ) ); final Optional<Image> result = amiProvider.apply(ec2InstanceContextMock); assertThat(result).isPresent(); verify(ec2InstanceContextMock).getAmiId(); verify(ec2InstanceContextMock).getClient(eq(AmazonEC2Client.class)); verify(amazonEC2ClientMock).describeImages(eq(describeImagesRequest)); }
@Test public void testApplyAmiNotFound() throws Exception { when(ec2InstanceContextMock.getAmiId()).thenReturn(Optional.of(AMI_ID)); when(ec2InstanceContextMock.getClient(eq(AmazonEC2Client.class))).thenReturn(amazonEC2ClientMock); final DescribeImagesRequest describeImagesRequest = new DescribeImagesRequest().withImageIds(AMI_ID); when(amazonEC2ClientMock.describeImages(eq(describeImagesRequest))) .thenReturn(null); final Optional<Image> result = amiProvider.apply(ec2InstanceContextMock); assertThat(result).isEmpty(); verify(ec2InstanceContextMock).getAmiId(); verify(ec2InstanceContextMock).getClient(eq(AmazonEC2Client.class)); verify(amazonEC2ClientMock).describeImages(eq(describeImagesRequest)); }
@Test public void testApplyAmiNotFoundWithException() throws Exception { when(ec2InstanceContextMock.getAmiId()).thenReturn(Optional.of(AMI_ID)); when(ec2InstanceContextMock.getClient(eq(AmazonEC2Client.class))).thenReturn(amazonEC2ClientMock); final DescribeImagesRequest describeImagesRequest = new DescribeImagesRequest().withImageIds(AMI_ID); when(amazonEC2ClientMock.describeImages(eq(describeImagesRequest))) .thenThrow(new AmazonClientException("oops, I did it again... Britney")); final Optional<Image> result = amiProvider.apply(ec2InstanceContextMock); assertThat(result).isEmpty(); verify(ec2InstanceContextMock).getAmiId(); verify(ec2InstanceContextMock).getClient(eq(AmazonEC2Client.class)); verify(amazonEC2ClientMock).describeImages(eq(describeImagesRequest)); }
@Test public void testAmiIdAWSException() throws Exception { when(ec2InstanceContextMock.getInstanceJson()).thenReturn("{json here"); when(ec2InstanceContextMock.getInstanceId()).thenReturn(INSTANCE_ID); when(ec2InstanceContextMock.getClient(eq(AmazonEC2Client.class))) .thenThrow(new AmazonClientException("oops, I did it again... Britney")); final Optional<String> result = amiIdProvider.apply(ec2InstanceContextMock); assertThat(result).isEmpty(); verify(ec2InstanceContextMock).getInstanceJson(); verify(ec2InstanceContextMock).getInstanceId(); verify(ec2InstanceContextMock).getClient(eq(AmazonEC2Client.class)); }
@Override // @HystrixCommand(fallback = my coole exception) // command for account id and client type -> generate new credentials public void processEvent(final CloudTrailEvent event) { final String parameters = event.getEventData().getRequestParameters(); final String instanceId = getFromParameters(parameters); final AmazonEC2Client client = getClientForAccount( event.getEventData().getUserIdentity().getAccountId(), Region.getRegion(Regions.fromName(event.getEventData().getAwsRegion()))); final DescribeInstancesRequest request = new DescribeInstancesRequest(); request.setInstanceIds(Collections.singleton(instanceId)); // try final DescribeInstancesResult result = client.describeInstances(request); // catch credentials are old // throw new my coole exception ( account id, CLIENTTYPE.EC2, exception) -> this will trigger hystrix LOG.info("SAVING RESULT INTO MAGIC DB", result); }
