Amazon Web Services¶
Documentation¶
kingpin.actors.aws.base¶
The AWS Actors allow you to interact with the resources (such as SQS and ELB)
inside your Amazon AWS account. These actors all support dry runs properly, but
each actor has its own caveats with dry=True. Please read the instructions
below for using each actor.
Required Environment Variables
| AWS_ACCESS_KEY_ID: | |
|---|---|
| Your AWS access key | |
| AWS_SECRET_ACCESS_KEY: | |
| Your AWS secret | |
CloudFormation¶
kingpin.actors.aws.cloudformation¶
-
class
kingpin.actors.aws.cloudformation.Create(*args, **kwargs)[source] Creates a CloudFormation stack.
Creates a CloudFormation stack from scratch and waits until the stack is fully built before exiting the actor.
Options
Capabilities: A list of CF capabilities to add to the stack. Disable_rollback: Set to True to disable rollback of the stack if creation failed. Name: The name of the queue to create Parameters: A dictionary of key/value pairs used to fill in the parameters for the CloudFormation template. Region: AWS region (or zone) string, like ‘us-west-2’ Template: String of path to CloudFormation template. Can either be in the form of a local file path (ie, /my_template.json) or a URI (iehttps://my_site.com/cf.json).Timeout_in_minutes: The amount of time that can pass before the stack status becomes CREATE_FAILED. Examples
{ "desc": "Create production backend stack", "actor": "aws.cloudformation.Create", "options": { "capabilities": [ "CAPABILITY_IAM" ], "disable_rollback": true, "name": "%CF_NAME%", "parameters": { "test_param": "%TEST_PARAM_NAME%", }, "region": "us-west-1", "template": "/examples/cloudformation_test.json", "timeout_in_minutes": 45, } }
Dry Mode
Validates the template, verifies that an existing stack with that name does not exist. Does not create the stack.
-
class
kingpin.actors.aws.cloudformation.Delete(*args, **kwargs)[source] Deletes a CloudFormation stack
Options
Name: The name of the queue to create Region: AWS region (or zone) string, like ‘us-west-2’ Examples
{ "desc": "Create production backend stack", "actor": "aws.cloudformation.Create", "options" { "region": "us-west-1", "name": "%CF_NAME%", } }
Dry Mode
Validates that the CF stack exists, but does not delete it.
Elastic Load Balancing (ELB)¶
kingpin.actors.aws.elb¶
-
class
kingpin.actors.aws.elb.WaitUntilHealthy(*args, **kwargs)[source] Wait indefinitely until a specified ELB is considered “healthy”.
This actor will loop infinitely until a healthy threshold of the ELB is met. The threshold can be reached when the
countas specified in the options is less than or equal to the number of InService instances in the ELB.Another situation is for
countto be a string specifying a percentage (see examples). In this case the percent of InService instances has to be greater than thecountpercentage.Options
Name: The name of the ELB to operate on Count: Number, or percentage of InService instance to consider this ELB healthy Region: AWS region (or zone) name, such as us-east-1 or us-west-2 Examples
{ "actor": "aws.elb.WaitUntilHealthy", "desc": "Wait until production-frontend has 16 hosts", "options": { "name": "production-frontend", "count": 16, "region": "us-west-2" } }
{ "actor": "aws.elb.WaitUntilHealthy", "desc": "Wait until production-frontend has 85% of hosts in-service", "options": { "name": "production-frontend", "count": "85%", "region": "us-west-2" } }
Dry Mode
This actor performs the finding of the ELB as well as calculating its health at all times. The only difference in dry mode is that it will not re-count the instances if the ELB is not healthy. A log message will be printed indicating that the run is dry, and the actor will exit with success.
-
class
kingpin.actors.aws.elb.SetCert(*args, **kwargs)[source] Find a server cert in IAM and use it for a specified ELB.
Options
Region: (str) AWS region (or zone) name, like us-west-2 Name: (str) Name of the ELB Cert_name: (str) Unique IAM certificate name, or ARN Port: (int) Port associated with the cert. (default: 443) Example
{ "actor": "aws.elb.SetCert", "desc": "Run SetCert", "options": { "cert_name": "new-cert", "name": "some-elb", "region": "us-west-2" } }
Dry run
Will check that ELB and Cert names are existent, and will also check that the credentials provided for AWS have access to the new cert for ssl.
-
class
kingpin.actors.aws.elb.RegisterInstance(*args, **kwargs)[source] Add an EC2 instance to a load balancer.
Options
Elb: (str) Name of the ELB Instances: (str, list) Instance id, or list of ids. Default “self” id. Region: (str) AWS region (or zone) name, like us-west-2 Enable_zones: (bool) add all available AZ to the elb. Default: True Example
{ "actor": "aws.elb.RegisterInstance", "desc": "Run RegisterInstance", "options": { "elb": "prod-loadbalancer", "instances": "i-123456", "region": "us-east-1", } }
Dry run
Will find the specified ELB, but not take any actions regarding instances.
-
class
kingpin.actors.aws.elb.DeregisterInstance(*args, **kwargs)[source] Remove EC2 instance(s) from an ELB.
Options
Elb: (str) Name of the ELB Instances: (str, list) Instance id, or list of ids Region: (str) AWS region (or zone) name, like us-west-2 Example
{ "actor": "aws.elb.DeregisterInstance", "desc": "Run DeregisterInstance", "options": { "elb": "fill-in", "instances": "fill-in", "region": "fill-in" } }
Dry run
Will find the ELB but not take any actions regarding the instances.
Identity and Access Management (IAM)¶
kingpin.actors.aws.iam¶
-
class
kingpin.actors.aws.iam.UploadCert(*args, **kwargs)[source] Uploads a new SSL Cert to AWS IAM.
Options
Private_key_path: (str) Path to the private key. Path: (str) The AWS “path” for the server certificate. Default: “/” Public_key_path: (str) Path to the public key certificate. Name: (str) The name for the server certificate. Cert_chain_path: (str) Path to the certificate chain. Optional. Example
{ "actor": "aws.iam.UploadCert", "desc": "Upload a new cert", "options": { "name": "new-cert", "private_key_path": "/cert.key", "public_key_path": "/cert.pem", "cert_chain_path": "/cert-chain.pem" } }
Dry run
Checks that the passed file paths are valid. In the future will also validate that the files are of correct format and content.
-
class
kingpin.actors.aws.iam.DeleteCert(*args, **kwargs)[source] Delete an existing SSL Cert in AWS IAM.
Options
Name: (str) The name for the server certificate. Example
{ "actor": "aws.iam.DeleteCert", "desc": "Run DeleteCert", "options": { "name": "fill-in" } }
Dry run
Will find the cert by name or raise an exception if it’s not found.
Simple Queue Service (SQS)¶
kingpin.actors.aws.sqs¶
-
class
kingpin.actors.aws.sqs.Create(*args, **kwargs)[source] Creates a new SQS queue with the specified name
Options
Name: (str) The name of the queue to create Region: (str) AWS region (or zone) string, like ‘us-west-2’ Examples
{ "actor": "aws.sqs.Create", "desc": "Create queue named async-tasks", "options": { "name": "async-tasks", "region": "us-east-1", } }
Dry Mode
Will not create any queue, or even contact SQS. Will create a mock.Mock object and exit with success.
-
class
kingpin.actors.aws.sqs.Delete(*args, **kwargs)[source] Deletes the SQS queues
Note: even if it`s not empty
Options
Name: (str) The name of the queue to destroy Region: (str) AWS region (or zone) string, like ‘us-west-2’ Idempotent: (bool) Will not raise errors if no matching queues are found. (default: False) Examples
{ "actor": "aws.sqs.Delete", "desc": "Delete queue async-tasks", "options": { "name": "async-tasks", "region": "us-east-1" } }
{ "actor": "aws.sqs.Delete", "desc": "Delete queues with 1234 in the name", "options": { "name": "1234", "region": "us-east-1" } }
Dry Mode
Will find the specified queue, but will have a noop regarding its deletion. Dry mode will fail if no queues are found, and idempotent flag is set to False.
-
class
kingpin.actors.aws.sqs.WaitUntilEmpty(*args, **kwargs)[source] Wait indefinitely until for SQS queues to become empty
This actor will loop infinitely as long as the count of messages in at least one queue is greater than zero. SQS does not guarantee exact count, so this can return a stale value if the number of messages in the queue changes rapidly.
Options
Name: (str) The name or regex pattern of the queues to operate on Region: (str) AWS region (or zone) string, like ‘us-west-2’ Required: (bool) Fail if no matching queues are found. (default: False) Examples
{ "actor": "aws.sqs.WaitUntilEmpty", "desc": "Wait until release-0025a* queues are empty", "options": { "name": "release-0025a", "region": "us-east-1", "required": true } }
Dry Mode
This actor performs the finding of the queue, but will pretend that the count is 0 and return success. Will fail even in dry mode if
requiredoption is set to True and no queues with the name pattern are found.