diff --git a/actions/cloudbolt_plugins/aws/route_53_dns_plugin/route_53_dns_record_manipulation.py b/actions/cloudbolt_plugins/aws/route_53_dns_plugin/route_53_dns_record_manipulation.py index e24f1c8b..ffe522ed 100644 --- a/actions/cloudbolt_plugins/aws/route_53_dns_plugin/route_53_dns_record_manipulation.py +++ b/actions/cloudbolt_plugins/aws/route_53_dns_plugin/route_53_dns_record_manipulation.py @@ -3,10 +3,9 @@ http://boto3.readthedocs.io/en/latest/reference/services/route53.html#Route53.Client.change_resource_record_sets ''' from resourcehandlers.aws.models import AWSHandler -from common.methods import set_progress -#dns zone friendly name -- no trailing period +# dns zone friendly name -- no trailing period ROUTE_53_DNS_DOMAIN = '{{ r53_domain_name }}' # 'CREATE'|'DELETE'|'UPSERT' @@ -18,6 +17,7 @@ # 60 | 120 | ' TTL = 300 + def get_hosted_zone_id(client=None, zone=None, env_vpc_id=None): ''' This code is intended to work out issues where multiple DNS zones are named @@ -30,30 +30,30 @@ def get_hosted_zone_id(client=None, zone=None, env_vpc_id=None): updated 2018/12/20 ''' - #set_progress(f'getting zone: {zone}') - zone_name = f'{zone}.' #zone names have a trailing period + # set_progress(f'getting zone: {zone}') + zone_name = f'{zone}.' # zone names have a trailing period response = client.list_hosted_zones_by_name(DNSName=zone_name) - #set_progress(f"LEN = {len(response['HostedZones'])}") + # set_progress(f"LEN = {len(response['HostedZones'])}") if len(response['HostedZones']) == 1: return response['HostedZones'][0]['Id'] elif len(response['HostedZones']) > 1: for dns_zone in response['HostedZones']: - #set_progress(dns_zone['Id'], ' -- ', dns_zone['Name']) + # set_progress(dns_zone['Id'], ' -- ', dns_zone['Name']) hz = client.get_hosted_zone(Id=dns_zone['Id']) if not hz: - #set_progress(f"ERROR GETTING HOSTED ZONE FROM AWS: {Item['Id']}") + # set_progress(f"ERROR GETTING HOSTED ZONE FROM AWS: {Item['Id']}") break if env_vpc_id == hz['VPCs'][0]['VPCId']: - #set_progress(f"returning: {dns_zone['Id']}") + # set_progress(f"returning: {dns_zone['Id']}") return dns_zone['Id'] - #set_progress('returning: False') + # set_progress('returning: False') return False -#needed more resiliency in this function - see above -#def get_hosted_zone_id(client, zone): +# needed more resiliency in this function - see above +# def get_hosted_zone_id(client, zone): # response = client.list_hosted_zones_by_name(DNSName=zone) # # get first hosted zone returned # hosted_zone = response['HostedZones'][0] @@ -84,18 +84,24 @@ def run(job=None, server=None, **kwargs): msg = 'DNS domain not set on selected NIC: {}'.format(nic) return "FAILURE", "", msg rh = server.resource_handler.cast() + wrapper = rh.get_api_wrapper() if not isinstance(rh, AWSHandler): msg = 'Route53 not supported on RH Type: {}'.format(rh) return "FAILURE", "", msg region = server.environment.get_cfv('aws_region') - client = rh.get_boto3_client(region_name=region, service_name='route53') + client = wrapper.get_boto3_client( + 'route53', + rh.serviceaccount, + rh.servicepasswd, + region + ) zone_id = get_hosted_zone_id(client=client, zone=route_53_dns_zone, env_vpc_id=server.environment.vpc_id) name = f'{server.hostname}.{dns_domain}' - #name = '{}.{}'.format(server.hostname, dns_domain) + # name = '{}.{}'.format(server.hostname, dns_domain) batch = { 'Comment': 'Created by CloudBolt Job ID: {}'.format(job.id), diff --git a/blueprints/aws_rds_instance/create_aws_rds_instance.py b/blueprints/aws_rds_instance/create_aws_rds_instance.py index 56c88d6e..63f7f0bf 100644 --- a/blueprints/aws_rds_instance/create_aws_rds_instance.py +++ b/blueprints/aws_rds_instance/create_aws_rds_instance.py @@ -3,7 +3,6 @@ new deployed service. """ import json -import boto3 from infrastructure.models import CustomField, Environment from orders.models import CustomFieldValue @@ -42,7 +41,7 @@ def run(job, logger=None, **kwargs): rds_settings.update(dict(MasterUserPassword=db_password)) response = client.create_db_instance(**rds_settings) - service = job.resource_set.first() # Change resource_set to service_set if you are using this script in CB version pre-8.0 + service = job.resource_set.first() # Change resource_set to service_set if you are using this script in CB version pre-8.0 instance = boto_instance_to_dict(response['DBInstance']) store_instance_data_on_service(instance, service) store_aws_environment_on_service(env, service) @@ -56,11 +55,13 @@ def connect_to_rds(env): Return boto connection to the RDS in the specified environment's region. """ rh = env.resource_handler.cast() - return boto3.client( + wrapper = rh.get_api_wrapper() + return wrapper.get_boto3_client( 'rds', - region_name=env.aws_region, - aws_access_key_id=rh.serviceaccount, - aws_secret_access_key=rh.servicepasswd) + rh.serviceaccount, + rh.servicepasswd, + env.aws_region + ) def boto_instance_to_dict(boto_instance): diff --git a/blueprints/aws_rds_instance/delete_aws_rds_instance.py b/blueprints/aws_rds_instance/delete_aws_rds_instance.py index f0bea1a9..bd475755 100644 --- a/blueprints/aws_rds_instance/delete_aws_rds_instance.py +++ b/blueprints/aws_rds_instance/delete_aws_rds_instance.py @@ -1,11 +1,11 @@ import json -import boto3 +from common.methods import set_progress from infrastructure.models import Environment def run(job, logger=None, **kwargs): - service = job.resource_set.first() # Change resource_set to service_set if you are using this script in CB version pre-8.0 + service = job.resource_set.first() # Change resource_set to service_set if you are using this script in CB version pre-8.0 # The Environment ID and RDS Instance data dict were stored as attributes on # this service by a build action. @@ -19,7 +19,7 @@ def run(job, logger=None, **kwargs): identifier = instance['identifier'] job.set_progress('Deleting RDS instance {0}...'.format(identifier)) - response = client.delete_db_instance( + client.delete_db_instance( DBInstanceIdentifier=identifier, # AWS strongly recommends taking a final snapshot before deleting a DB. # To do so, either set this to False or let the user choose by making it @@ -36,10 +36,12 @@ def connect_to_rds(env): """ Return boto connection to the RDS in the specified environment's region. """ - job.set_progress('Connecting to AWS RDS in region {0}.'.format(env.aws_region)) + set_progress('Connecting to AWS RDS in region {0}.'.format(env.aws_region)) rh = env.resource_handler.cast() - return boto3.client( + wrapper = rh.get_api_wrapper() + return wrapper.get_boto3_client( 'rds', - region_name=env.aws_region, - aws_access_key_id=rh.serviceaccount, - aws_secret_access_key=rh.servicepasswd) + rh.serviceaccount, + rh.servicepasswd, + env.aws_region + ) diff --git a/blueprints/aws_rds_instance/refresh_aws_rds_instance_data.py b/blueprints/aws_rds_instance/refresh_aws_rds_instance_data.py index b25df009..7d701f5e 100644 --- a/blueprints/aws_rds_instance/refresh_aws_rds_instance_data.py +++ b/blueprints/aws_rds_instance/refresh_aws_rds_instance_data.py @@ -4,14 +4,14 @@ Library will automatically import this action. """ import json -import boto3 +from common.methods import set_progress from infrastructure.models import Environment from orders.models import CustomFieldValue def run(job, logger=None, **kwargs): - service = job.resource_set.first()# Replace resource_set to service_set if you are using this script in CB version pre-8.0 + service = job.resource_set.first() # Replace resource_set to service_set if you are using this script in CB version pre-8.0 # The Environment ID and RDS Instance data dict were stored as attributes on # this service by a build action. @@ -39,13 +39,15 @@ def connect_to_rds(env): """ Return boto connection to the RDS in the specified environment's region. """ - job.set_progress('Connecting to AWS RDS in region {0}.'.format(env.aws_region)) + set_progress('Connecting to AWS RDS in region {0}.'.format(env.aws_region)) rh = env.resource_handler.cast() - return boto3.client( + wrapper = rh.get_api_wrapper() + return wrapper.get_boto3_client( 'rds', - region_name=env.aws_region, - aws_access_key_id=rh.serviceaccount, - aws_secret_access_key=rh.servicepasswd) + rh.serviceaccount, + rh.servicepasswd, + env.aws_region + ) def boto_instance_to_dict(boto_instance): diff --git a/blueprints/aws_s3_bucket/create_s3_bucket.py b/blueprints/aws_s3_bucket/create_s3_bucket.py index a5a86106..696b5738 100644 --- a/blueprints/aws_s3_bucket/create_s3_bucket.py +++ b/blueprints/aws_s3_bucket/create_s3_bucket.py @@ -27,6 +27,7 @@ def run(job, logger=None, **kwargs): region = '{{ s3_region }}' new_bucket_name = '{{ s3_bucket_name_input }}' rh = AWSHandler.objects.get(id=rh_id) + wrapper = rh.get_api_wrapper() CustomField.objects.get_or_create( name='aws_rh_id', label='AWS RH ID', type='STR', description='Used by the AWS S3 Bucket blueprint' @@ -43,11 +44,11 @@ def run(job, logger=None, **kwargs): resource.save() set_progress('Connecting to Amazon S3') - conn = boto3.resource( - 's3', - region_name=region, - aws_access_key_id=rh.serviceaccount, - aws_secret_access_key=rh.servicepasswd, + conn = wrapper.get_boto3_resource( + rh.serviceaccount, + rh.servicepasswd, + region, + service_name='s3' ) set_progress('Create S3 bucket "{}"'.format(new_bucket_name)) diff --git a/blueprints/aws_s3_bucket/delete_s3_bucket.py b/blueprints/aws_s3_bucket/delete_s3_bucket.py index cb6592bd..1bea8132 100644 --- a/blueprints/aws_s3_bucket/delete_s3_bucket.py +++ b/blueprints/aws_s3_bucket/delete_s3_bucket.py @@ -3,7 +3,6 @@ """ from common.methods import set_progress from resourcehandlers.aws.models import AWSHandler -import boto3 def run(job, logger=None, **kwargs): @@ -12,12 +11,14 @@ def run(job, logger=None, **kwargs): bucket_name = resource.attributes.get(field__name='s3_bucket_name').value rh_id = resource.attributes.get(field__name='aws_rh_id').value rh = AWSHandler.objects.get(id=rh_id) + wrapper = rh.get_api_wrapper() set_progress('Connecting to Amazon S3') - conn = boto3.resource( - 's3', - aws_access_key_id=rh.serviceaccount, - aws_secret_access_key=rh.servicepasswd, + conn = wrapper.get_boto3_resource( + rh.serviceaccount, + rh.servicepasswd, + None, + service_name='s3' ) bucket = conn.Bucket(bucket_name) diff --git a/blueprints/aws_s3_bucket/discover_s3_buckets.py b/blueprints/aws_s3_bucket/discover_s3_buckets.py index 2003742d..4b77c354 100644 --- a/blueprints/aws_s3_bucket/discover_s3_buckets.py +++ b/blueprints/aws_s3_bucket/discover_s3_buckets.py @@ -4,7 +4,6 @@ As all Discovery Plug-ins must do, we define the global `RESOURCE_IDENTIFIER` variable and return a list of dictionaries from the `discover_resources` function. """ -import boto3 from botocore.client import ClientError from common.methods import set_progress from resourcehandlers.aws.models import AWSHandler @@ -14,13 +13,15 @@ def discover_resources(**kwargs): - discovered_buckets = [] + discovered_buckets = [] for handler in AWSHandler.objects.all(): + wrapper = handler.get_api_wrapper() set_progress('Connecting to Amazon S3 for handler: {}'.format(handler)) - conn = boto3.resource( - 's3', - aws_access_key_id=handler.serviceaccount, - aws_secret_access_key=handler.servicepasswd, + conn = wrapper.get_boto3_resource( + handler.serviceaccount, + handler.servicepasswd, + None, + service_name='s3' ) try: @@ -33,5 +34,5 @@ def discover_resources(**kwargs): except ClientError as e: set_progress('AWS ClientError: {}'.format(e)) continue - + return discovered_buckets diff --git a/blueprints/cloudformations/delete_aws_cf_stack.py b/blueprints/cloudformations/delete_aws_cf_stack.py index 29da7167..a729bc68 100644 --- a/blueprints/cloudformations/delete_aws_cf_stack.py +++ b/blueprints/cloudformations/delete_aws_cf_stack.py @@ -1,7 +1,6 @@ #!/usr/bin/env python # This CB plugin is used by the 'LAMP CloudFormation' blueprint -import boto3 from common.methods import set_progress from resourcehandlers.aws.models import AWSHandler @@ -19,13 +18,15 @@ def run(job, logger, resources=None): "resource action") rh = AWSHandler.objects.first() + wrapper = rh.get_api_wrapper() + # See http://boto3.readthedocs.io/en/latest/guide/configuration.html#method-parameters - session = boto3.Session( - aws_access_key_id=rh.serviceaccount, - aws_secret_access_key=rh.servicepasswd, - region_name='us-west-2' + client = wrapper.get_boto3_client( + 'cloudformation', + rh.serviceaccount, + rh.servicepasswd, + 'us-west-2' ) - client = session.client('cloudformation') stack_name = resource.attributes.filter(field__name="aws_stack_name").first() if not stack_name: diff --git a/blueprints/cloudformations/deploy_stack_from_cloud_formation.py b/blueprints/cloudformations/deploy_stack_from_cloud_formation.py index d169d650..35271861 100644 --- a/blueprints/cloudformations/deploy_stack_from_cloud_formation.py +++ b/blueprints/cloudformations/deploy_stack_from_cloud_formation.py @@ -1,7 +1,6 @@ #!/usr/bin/env python # This CB plugin is used by the 'LAMP CloudFormation' blueprint -import boto3 import time from infrastructure.models import CustomField from orders.models import CustomFieldValue @@ -11,14 +10,15 @@ def run(job, logger): rh = AWSHandler.objects.first() + wrapper = rh.get_api_wrapper() # See http://boto3.readthedocs.io/en/latest/guide/configuration.html#method-parameters - session = boto3.Session( - aws_access_key_id=rh.serviceaccount, - aws_secret_access_key=rh.servicepasswd, - region_name='us-west-2' + client = wrapper.get_boto3_client( + 'cloudformation', + rh.serviceaccount, + rh.servicepasswd, + 'us-west-2' ) - client = session.client('cloudformation') timestamp = str(time.time()) timestamp, _ = timestamp.split('.') diff --git a/ui_extensions/aws_network_flow/views.py b/ui_extensions/aws_network_flow/views.py index 515cf81d..9dbf40e5 100644 --- a/ui_extensions/aws_network_flow/views.py +++ b/ui_extensions/aws_network_flow/views.py @@ -2,8 +2,6 @@ import json import socket -import boto3 - from django.shortcuts import render from extensions.views import tab_extension, TabExtensionDelegate @@ -34,11 +32,12 @@ def should_display(self, **kwargs): def _get_boto_logs_client(handler): - return boto3.client( + wrapper = handler.get_api_wrapper() + return wrapper.get_boto3_client( 'logs', - region_name='us-east-1', # region must be us-east-1; data from all regions is sent there. - aws_access_key_id=handler.serviceaccount, - aws_secret_access_key=handler.servicepasswd + handler.serviceaccount, + handler.servicepasswd, + 'us-east-1' ) @@ -130,7 +129,7 @@ def aws_net_flows_json(request, handler_id): # version account_id interface_id srcaddr dstaddr srcport dstport protocol packets bytes start end # action log_status msg_parts = event['message'].split(" ")[2:] # skip the version & account ID, they're not useful - event_time = datetime.datetime.fromtimestamp(event['timestamp']/1000) + event_time = datetime.datetime.fromtimestamp(event['timestamp'] / 1000) row = [helper_tags.when(event_time)] # Try to convert the protocol # to a name. If not found in the lookup table, fall back to the protocol #