1
# Copyright 2015 Amazon.com, Inc. or its affiliates. All Rights Reserved.
2
#
3
# Licensed under the Apache License, Version 2.0 (the "License"). You
4
# may not use this file except in compliance with the License. A copy of
5
# the License is located at
6
#
7
#     http://aws.amazon.com/apache2.0/
8
#
9
# or in the "license" file accompanying this file. This file is
10
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
11
# ANY KIND, either express or implied. See the License for the specific
12
# language governing permissions and limitations under the License.
13

14
import sys
15

16
from awscli.customizations.commands import BasicCommand
17
from awscli.customizations.codedeploy.systems import DEFAULT_CONFIG_FILE
18
from awscli.customizations.codedeploy.utils import \
19
    validate_region, validate_instance_name, validate_tags, \
20
    validate_iam_user_arn, INSTANCE_NAME_ARG, IAM_USER_ARN_ARG
21
from awscli.utils import create_nested_client
22

23

24
class Register(BasicCommand):
25
    NAME = 'register'
26

27
    DESCRIPTION = (
28
        "Creates an IAM user for the on-premises instance, if not provided, "
29
        "and saves the user's credentials to an on-premises instance "
30
        "configuration file; registers the on-premises instance with AWS "
31
        "CodeDeploy; and optionally adds tags to the on-premises instance."
32
    )
33

34
    TAGS_SCHEMA = {
35
        "type": "array",
36
        "items": {
37
            "type": "object",
38
            "properties": {
39
                "Key": {
40
                    "description": "The tag key.",
41
                    "type": "string",
42
                    "required": True
43
                },
44
                "Value": {
45
                    "description": "The tag value.",
46
                    "type": "string",
47
                    "required": True
48
                }
49
            }
50
        }
51
    }
52

53
    ARG_TABLE = [
54
        INSTANCE_NAME_ARG,
55
        {
56
            'name': 'tags',
57
            'synopsis': '--tags <value>',
58
            'required': False,
59
            'nargs': '+',
60
            'schema': TAGS_SCHEMA,
61
            'help_text': (
62
                'Optional. The list of key/value pairs to tag the on-premises '
63
                'instance.'
64
            )
65
        },
66
        IAM_USER_ARN_ARG
67
    ]
68

69
    def _run_main(self, parsed_args, parsed_globals):
70
        params = parsed_args
71
        params.session = self._session
72
        validate_region(params, parsed_globals)
73
        validate_instance_name(params)
74
        validate_tags(params)
75
        validate_iam_user_arn(params)
76

77
        self.codedeploy = create_nested_client(
78
            self._session,
79
            'codedeploy',
80
            region_name=params.region,
81
            endpoint_url=parsed_globals.endpoint_url,
82
            verify=parsed_globals.verify_ssl
83
        )
84
        self.iam = create_nested_client(
85
            self._session,
86
            'iam',
87
            region_name=params.region
88
        )
89

90
        try:
91
            if not params.iam_user_arn:
92
                self._create_iam_user(params)
93
                self._create_access_key(params)
94
                self._create_user_policy(params)
95
                self._create_config(params)
96
            self._register_instance(params)
97
            if params.tags:
98
                self._add_tags(params)
99
            sys.stdout.write(
100
                'Copy the on-premises configuration file named {0} to the '
101
                'on-premises instance, and run the following command on the '
102
                'on-premises instance to install and configure the AWS '
103
                'CodeDeploy Agent:\n'
104
                'aws deploy install --config-file {0}\n'.format(
105
                    DEFAULT_CONFIG_FILE
106
                )
107
            )
108
        except Exception as e:
109
            sys.stdout.flush()
110
            sys.stderr.write(
111
                'ERROR\n'
112
                '{0}\n'
113
                'Register the on-premises instance by following the '
114
                'instructions in "Configure Existing On-Premises Instances by '
115
                'Using AWS CodeDeploy" in the AWS CodeDeploy User '
116
                'Guide.\n'.format(e)
117
            )
118

119
    def _create_iam_user(self, params):
120
        sys.stdout.write('Creating the IAM user... ')
121
        params.user_name = params.instance_name
122
        response = self.iam.create_user(
123
            Path='/AWS/CodeDeploy/',
124
            UserName=params.user_name
125
        )
126
        params.iam_user_arn = response['User']['Arn']
127
        sys.stdout.write(
128
            'DONE\n'
129
            'IamUserArn: {0}\n'.format(
130
                params.iam_user_arn
131
            )
132
        )
133

134
    def _create_access_key(self, params):
135
        sys.stdout.write('Creating the IAM user access key... ')
136
        response = self.iam.create_access_key(
137
            UserName=params.user_name
138
        )
139
        params.access_key_id = response['AccessKey']['AccessKeyId']
140
        params.secret_access_key = response['AccessKey']['SecretAccessKey']
141
        sys.stdout.write(
142
            'DONE\n'
143
            'AccessKeyId: {0}\n'
144
            'SecretAccessKey: {1}\n'.format(
145
                params.access_key_id,
146
                params.secret_access_key
147
            )
148
        )
149

150
    def _create_user_policy(self, params):
151
        sys.stdout.write('Creating the IAM user policy... ')
152
        params.policy_name = 'codedeploy-agent'
153
        params.policy_document = (
154
            '{\n'
155
            '    "Version": "2012-10-17",\n'
156
            '    "Statement": [ {\n'
157
            '        "Action": [ "s3:Get*", "s3:List*" ],\n'
158
            '        "Effect": "Allow",\n'
159
            '        "Resource": "*"\n'
160
            '    } ]\n'
161
            '}'
162
        )
163
        self.iam.put_user_policy(
164
            UserName=params.user_name,
165
            PolicyName=params.policy_name,
166
            PolicyDocument=params.policy_document
167
        )
168
        sys.stdout.write(
169
            'DONE\n'
170
            'PolicyName: {0}\n'
171
            'PolicyDocument: {1}\n'.format(
172
                params.policy_name,
173
                params.policy_document
174
            )
175
        )
176

177
    def _create_config(self, params):
178
        sys.stdout.write(
179
            'Creating the on-premises instance configuration file named {0}'
180
            '...'.format(DEFAULT_CONFIG_FILE)
181
        )
182
        with open(DEFAULT_CONFIG_FILE, 'w') as f:
183
            f.write(
184
                '---\n'
185
                'region: {0}\n'
186
                'iam_user_arn: {1}\n'
187
                'aws_access_key_id: {2}\n'
188
                'aws_secret_access_key: {3}\n'.format(
189
                    params.region,
190
                    params.iam_user_arn,
191
                    params.access_key_id,
192
                    params.secret_access_key
193
                )
194
            )
195
        sys.stdout.write('DONE\n')
196

197
    def _register_instance(self, params):
198
        sys.stdout.write('Registering the on-premises instance... ')
199
        self.codedeploy.register_on_premises_instance(
200
            instanceName=params.instance_name,
201
            iamUserArn=params.iam_user_arn
202
        )
203
        sys.stdout.write('DONE\n')
204

205
    def _add_tags(self, params):
206
        sys.stdout.write('Adding tags to the on-premises instance... ')
207
        self.codedeploy.add_tags_to_on_premises_instances(
208
            tags=params.tags,
209
            instanceNames=[params.instance_name]
210
        )
211
        sys.stdout.write('DONE\n')
212

213