// findLatestSnap finds the source snapshot to copy
func (c *config) findLatestSnap() error {
cli := rds.New(session.New(), &aws.Config{Region: aws.String(c.src)})
c.debug(fmt.Sprintf("Searching for snapshots for: %s", c.dbid))
q := rds.DescribeDBSnapshotsInput{}
q.DBInstanceIdentifier = aws.String(c.dbid)
resp, err := cli.DescribeDBSnapshots(&q)
if err != nil {
return err
}
newest := time.Unix(0, 0)
newestId := ""
if len(resp.DBSnapshots) < 1 {
return fmt.Errorf("No snapshots found")
}
c.debug(fmt.Sprintf("Found %d snapshots for: %s", len(resp.DBSnapshots), c.dbid))
for _, r := range resp.DBSnapshots {
if r.SnapshotCreateTime.After(newest) {
newestId = *r.DBSnapshotIdentifier
newest = *r.SnapshotCreateTime
}
}
if len(newestId) < 1 {
return fmt.Errorf("No usable snapshot found")
}
c.arn = fmt.Sprintf("arn:aws:rds:%s:%s:snapshot:%s", c.src, c.awsAcctId, newestId)
c.debug(fmt.Sprintf("Found latest snapshot: %s: %s", newestId, newest.String()))
return nil
}
// checkSnapCopied returns true if the source snapshot has already been copied to the destination region
func (c *config) checkSnapCopied() bool {
cli := rds.New(session.New(), &aws.Config{Region: aws.String(c.dst)})
q := rds.DescribeDBSnapshotsInput{}
q.DBInstanceIdentifier = aws.String(c.dbid)
resp, err := cli.DescribeDBSnapshots(&q)
if err != nil {
return false
}
for _, s := range resp.DBSnapshots {
q := rds.ListTagsForResourceInput{ResourceName: aws.String(fmt.Sprintf("arn:aws:rds:%s:%s:snapshot:%s", c.dst, c.awsAcctId, *s.DBSnapshotIdentifier))}
tags, err := cli.ListTagsForResource(&q)
if err != nil {
continue
}
managedByUs := false
matchedSource := false
for _, t := range tags.TagList {
if *t.Key == "managedby" && *t.Value == "rdsbackup" {
managedByUs = true
} else if *t.Key == "sourcearn" && *t.Value == c.arn {
matchedSource = true
}
}
if managedByUs && matchedSource {
return true
}
}
return false
}
func main() {
flag.Parse()
config, err := LoadConfig(configFilePath)
if err != nil {
log.Fatalf("Error loading config file: %s", err)
}
logger := buildLogger(config.LogLevel)
awsConfig := aws.NewConfig().WithRegion(config.RDSConfig.Region)
awsSession := session.New(awsConfig)
iamsvc := iam.New(awsSession)
rdssvc := rds.New(awsSession)
dbInstance := awsrds.NewRDSDBInstance(config.RDSConfig.Region, iamsvc, rdssvc, logger)
dbCluster := awsrds.NewRDSDBCluster(config.RDSConfig.Region, iamsvc, rdssvc, logger)
sqlProvider := sqlengine.NewProviderService(logger)
serviceBroker := rdsbroker.New(config.RDSConfig, dbInstance, dbCluster, sqlProvider, logger)
credentials := brokerapi.BrokerCredentials{
Username: config.Username,
Password: config.Password,
}
brokerAPI := brokerapi.New(serviceBroker, logger, credentials)
http.Handle("/", brokerAPI)
fmt.Println("RDS Service Broker started on port " + port + "...")
http.ListenAndServe(":"+port, nil)
}
// return "httptest.Server" need call close !!
// and Command into OutConfig.Root need call remove !!
func getTestClient(code int, body string) (*httptest.Server, *Command) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(code)
w.Header().Set("Content-Type", "application/xml")
fmt.Fprintln(w, body)
}))
transport := &http.Transport{
Proxy: func(req *http.Request) (*url.URL, error) {
return url.Parse(server.URL)
},
}
httpClient := &http.Client{Transport: transport}
// Override endpoints
testRegion := "rds-try-test-1"
awsConf := aws.NewConfig()
awsConf = awsConf.WithCredentials(credentials.NewStaticCredentials("awsAccesskey1", "awsSecretKey2", ""))
awsConf = awsConf.WithRegion(testRegion)
awsConf = awsConf.WithEndpoint(server.URL)
awsConf = awsConf.WithHTTPClient(httpClient)
awsRds := rds.New(awsConf)
testName := utils.GetAppName() + "-test"
tempDir, _ := ioutil.TempDir("", testName)
defer os.RemoveAll(tempDir)
out := config.OutConfig{
Root: tempDir,
File: true,
Bom: true,
}
rds := config.RDSConfig{
MultiAz: false,
DBId: utils.GetFormatedDBDisplayName(testName),
Region: testRegion,
User: "******",
Pass: "******",
Type: "db.m3.medium",
}
cmdTest := &Command{
OutConfig: out,
RDSConfig: rds,
RDSClient: awsRds,
ARNPrefix: "arn:aws:rds:" + testRegion + ":" + "123456789" + ":",
}
return server, cmdTest
}
func NewRDSClient(region string) (*RDSClient, error) {
sess, err := session.NewSession(&aws.Config{Region: aws.String(region)})
if err != nil {
fmt.Println("Failed to create AWS session,", err)
return nil, err
}
rdssvc := rds.New(sess)
return &RDSClient{
region: region,
rdssvc: rdssvc,
}, nil
}
func getCommandStruct(conf *config.Config) (*command.Command, int) {
// aws Credentials
creds, err := conf.GetAWSCreds()
if err != nil {
log.Errorf("%s", err.Error())
return nil, 1
}
// aws config init
awsConfig := aws.NewConfig()
awsConfig = awsConfig.WithCredentials(creds)
awsConfig = awsConfig.WithRegion(conf.Rds[nameFlag].Region)
// new iam
awsIam := iam.New(awsConfig)
// IAM info
iamUsers, err := awsIam.ListUsers(&iam.ListUsersInput{})
if err != nil {
log.Errorf("%s", err.Error())
return nil, 1
}
if len(iamUsers.Users) <= 0 {
log.Errorf("iam user not found")
return nil, 1
}
// edit IAM ARN
// arn:aws:iam::<account>:user/<username> to arn:aws:rds:<region>:<account>:
// see also
// Tagging Amazon RDS Resources - Amazon Relational Database Service
// http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN
iamSplit := strings.SplitAfter(*iamUsers.Users[0].Arn, "::")
iamAccount := iamSplit[len(iamSplit)-1]
iamSplit = strings.Split(iamAccount, ":")
iamAccount = iamSplit[0]
// new rds
awsRds := rds.New(awsConfig)
commandStruct := &command.Command{
OutConfig: conf.Out,
RDSConfig: conf.Rds[nameFlag],
RDSClient: awsRds,
ARNPrefix: "arn:aws:rds:" + conf.Rds[nameFlag].Region + ":" + iamAccount + ":",
}
log.Debugf("Command: %+v", commandStruct)
return commandStruct, 0
}
// cleanupSnaps
func (c *config) cleanupSnaps() error {
if c.purge <= 0 {
return nil
}
c.debug(fmt.Sprintf("Cleaning up old snapshots in dest region %s...", c.dst))
cli := rds.New(session.New(), &aws.Config{Region: aws.String(c.dst)})
q := rds.DescribeDBSnapshotsInput{}
q.DBInstanceIdentifier = aws.String(c.dbid)
resp, err := cli.DescribeDBSnapshots(&q)
if err != nil {
return err
}
snaps := map[int64]string{}
keys := int64arr{}
for _, s := range resp.DBSnapshots {
q := rds.ListTagsForResourceInput{ResourceName: aws.String(fmt.Sprintf("arn:aws:rds:%s:%s:snapshot:%s", c.dst, c.awsAcctId, *s.DBSnapshotIdentifier))}
tags, err := cli.ListTagsForResource(&q)
if err != nil {
continue
}
for _, t := range tags.TagList {
if *t.Key == "managedby" && *t.Value == "rdsbackup" {
if s.SnapshotCreateTime.Unix() > 0 {
snaps[s.SnapshotCreateTime.Unix()] = *s.DBSnapshotIdentifier
keys = append(keys, s.SnapshotCreateTime.Unix())
}
}
}
}
if len(snaps) <= c.purge {
c.debug(fmt.Sprintf("Found %d snapshots. Purge flag is %d, so nothing will be purged.", len(snaps), c.purge))
} else {
c.debug(fmt.Sprintf("Found %d snapshots. Purge flag is %d, so the oldest %d snapshots will be purged.", len(snaps), c.purge, len(snaps)-c.purge))
sort.Sort(keys)
for i := 0; i < len(snaps)-c.purge; i++ {
c.debug(fmt.Sprintf("Purging snapshot %s.", snaps[keys[i]]))
q := rds.DeleteDBSnapshotInput{DBSnapshotIdentifier: aws.String(snaps[keys[i]])}
resp, err := cli.DeleteDBSnapshot(&q)
if err != nil {
return err
}
if *resp.DBSnapshot.Status != "deleted" {
c.debug(fmt.Sprintf("Warning: snapshot was not deleted successfully: %s", snaps[keys[i]]))
}
}
c.debug("Done purging shapshots.")
}
return nil
}
func (tp *TypeMetrics) rdsInstanceTypes(regionName string, out chan string) {
service := rds.New(tp.newSession(®ionName))
result, err := service.DescribeDBInstances(&rds.DescribeDBInstancesInput{})
if err != nil {
log.Printf("%s\n", err)
return
}
instTypes := make(map[string]int, 0)
for _, instance := range result.DBInstances {
instTypes[*instance.DBInstanceClass]++
}
for instType, instCount := range instTypes {
out <- fmt.Sprintf("aws.%s.instance_types.%s %d %d", regionName, instType, instCount, int32(time.Now().Unix()))
}
}
func Fetch(dbid, path *string) (io.ReadCloser, error) {
svc := rds.New(&aws.Config{
Region: aws.String("ap-northeast-1"),
//LogLevel: aws.LogLevel(aws.LogDebugWithHTTPBody),
})
// RDSのHandlerはQuery APIになっているのでをREST APIに変更
svc.Handlers.Build.Clear()
svc.Handlers.Build.PushBack(rest.Build)
svc.Handlers.Unmarshal.Clear()
svc.Handlers.Unmarshal.PushBack(rest.Unmarshal)
out, err := restrds.DownloadCompleteDBLogFile(svc, &restrds.DownloadCompleteDBLogFileInput{
DBInstanceIdentifier: dbid,
LogFileName: path,
})
if err != nil {
return nil, err
}
return out.Body, nil
}
func (s *AWSSession) fetchRDSList() []*AWSElement {
svc := rds.New(s.Sess)
params := &rds.DescribeDBInstancesInput{}
resp, err := svc.DescribeDBInstances(params)
if err != nil {
fmt.Println("fetchLoadBalancerList: ", err.Error())
return []*AWSElement{}
}
//fmt.Println(resp)
var rdss []*AWSElement
for _, rds := range resp.DBInstances {
rdss = append(rdss, &AWSElement{
Name: *rds.DBInstanceIdentifier,
DNSName: *rds.Endpoint.Address,
})
}
return rdss
}
// waitForCopy waits for the RDS snapshot copy to finish
func (c *config) waitForCopy() error {
c.debug(fmt.Sprintf("Waiting for copy %s...", c.copyId))
cli := rds.New(session.New(), &aws.Config{Region: aws.String(c.dst)})
q := rds.DescribeDBSnapshotsInput{}
q.DBSnapshotIdentifier = aws.String(c.copyId)
for {
resp, err := cli.DescribeDBSnapshots(&q)
if err != nil {
return err
}
if len(resp.DBSnapshots) != 1 {
return fmt.Errorf("New snapshot missing!")
}
s := resp.DBSnapshots[0]
if *s.Status != "creating" {
break
}
c.debug(fmt.Sprintf("Waiting %s (%d%% complete)", *s.Status, *s.PercentProgress))
time.Sleep(10 * time.Second)
}
return nil
}
// copySnap starts the RDS snapshot copy
func (c *config) copySnap() error {
cli := rds.New(session.New(), &aws.Config{Region: aws.String(c.dst)})
t := time.Now()
c.copyId = fmt.Sprintf("%s-%s", c.dbid, t.Format("2006-01-02at15-04MST"))
m := rds.CopyDBSnapshotInput{
SourceDBSnapshotIdentifier: aws.String(c.arn),
Tags: []*rds.Tag{
&rds.Tag{Key: aws.String("time"), Value: aws.String(t.Format("2006-01-02 15:04:05 -0700"))},
&rds.Tag{Key: aws.String("timestamp"), Value: aws.String(fmt.Sprintf("%d", t.Unix()))},
&rds.Tag{Key: aws.String("source"), Value: aws.String(c.src)},
&rds.Tag{Key: aws.String("sourceid"), Value: aws.String(c.dbid)},
&rds.Tag{Key: aws.String("sourcearn"), Value: aws.String(c.arn)},
&rds.Tag{Key: aws.String("managedby"), Value: aws.String("rdsbackup")},
},
TargetDBSnapshotIdentifier: aws.String(c.copyId),
}
resp, err := cli.CopyDBSnapshot(&m)
if err != nil {
return err
} else if *resp.DBSnapshot.Status != "creating" || *resp.DBSnapshot.Status != "pending" {
return fmt.Errorf("Error creating snapshot - unexpected status: %s", *resp.DBSnapshot.Status)
}
return nil
}
func getJsonSawsInfo(config *Config) []byte {
svc := ec2.New(session.New())
rdsc := rds.New(session.New())
instancelist := make([]*ec2.Instance, 0)
for i := range config.EC2 {
//fmt.Println(config.EC2[i].Name)
instances := getInstancesByName(svc, config.EC2[i].Name)
for k := range instances {
instancelist = append(instancelist, instances[k])
}
}
rdslist := make([]*rds.DBInstance, 0)
for i := range config.RDS {
//fmt.Println(config.RDS[i].DBInstanceIdentifier)
dbinstance, err := getRDSInstanceById(rdsc, &config.RDS[i].DBInstanceIdentifier)
if err != nil {
//fmt.Println("Failed to find db instance", config.RDS[i].DBInstanceIdentifier)
} else {
rdslist = append(rdslist, dbinstance)
}
}
sawsinfo := SawsInfo{}
sawsinfo.EC2 = instancelist
sawsinfo.RDS = rdslist
marsh, err := json.Marshal(&sawsinfo)
if err != nil {
fmt.Println("Failed to unmarshal", err)
panic(err)
}
return marsh
}
// Client configures and returns a fully initialized AWSClient
func (c *Config) Client() (interface{}, error) {
var client AWSClient
// Get the auth and region. This can fail if keys/regions were not
// specified and we're attempting to use the environment.
var errs []error
log.Println("[INFO] Building AWS region structure")
err := c.ValidateRegion()
if err != nil {
errs = append(errs, err)
}
if len(errs) == 0 {
// store AWS region in client struct, for region specific operations such as
// bucket storage in S3
client.region = c.Region
log.Println("[INFO] Building AWS auth structure")
// We fetched all credential sources in Provider. If they are
// available, they'll already be in c. See Provider definition.
creds := credentials.NewStaticCredentials(c.AccessKey, c.SecretKey, c.Token)
awsConfig := &aws.Config{
Credentials: creds,
Region: aws.String(c.Region),
MaxRetries: aws.Int(c.MaxRetries),
}
log.Println("[INFO] Initializing IAM Connection")
client.iamconn = iam.New(awsConfig)
err := c.ValidateCredentials(client.iamconn)
if err != nil {
errs = append(errs, err)
}
awsDynamoDBConfig := &aws.Config{
Credentials: creds,
Region: aws.String(c.Region),
MaxRetries: aws.Int(c.MaxRetries),
Endpoint: aws.String(c.DynamoDBEndpoint),
}
log.Println("[INFO] Initializing DynamoDB connection")
client.dynamodbconn = dynamodb.New(awsDynamoDBConfig)
log.Println("[INFO] Initializing ELB connection")
client.elbconn = elb.New(awsConfig)
log.Println("[INFO] Initializing S3 connection")
client.s3conn = s3.New(awsConfig)
log.Println("[INFO] Initializing SQS connection")
client.sqsconn = sqs.New(awsConfig)
log.Println("[INFO] Initializing SNS connection")
client.snsconn = sns.New(awsConfig)
log.Println("[INFO] Initializing RDS Connection")
client.rdsconn = rds.New(awsConfig)
log.Println("[INFO] Initializing Kinesis Connection")
client.kinesisconn = kinesis.New(awsConfig)
authErr := c.ValidateAccountId(client.iamconn)
if authErr != nil {
errs = append(errs, authErr)
}
log.Println("[INFO] Initializing AutoScaling connection")
client.autoscalingconn = autoscaling.New(awsConfig)
log.Println("[INFO] Initializing EC2 Connection")
client.ec2conn = ec2.New(awsConfig)
log.Println("[INFO] Initializing ECS Connection")
client.ecsconn = ecs.New(awsConfig)
log.Println("[INFO] Initializing EFS Connection")
client.efsconn = efs.New(awsConfig)
// aws-sdk-go uses v4 for signing requests, which requires all global
// endpoints to use 'us-east-1'.
// See http://docs.aws.amazon.com/general/latest/gr/sigv4_changes.html
log.Println("[INFO] Initializing Route 53 connection")
client.r53conn = route53.New(&aws.Config{
Credentials: creds,
Region: aws.String("us-east-1"),
MaxRetries: aws.Int(c.MaxRetries),
})
log.Println("[INFO] Initializing Elasticache Connection")
client.elasticacheconn = elasticache.New(awsConfig)
log.Println("[INFO] Initializing Lambda Connection")
client.lambdaconn = lambda.New(awsConfig)
log.Println("[INFO] Initializing CloudWatch SDK connection")
client.cloudwatchconn = cloudwatch.New(awsConfig)
log.Println("[INFO] Initializing CloudWatch Logs connection")
client.cloudwatchlogsconn = cloudwatchlogs.New(awsConfig)
}
if len(errs) > 0 {
return nil, &multierror.Error{Errors: errs}
}
return &client, nil
}
// Client configures and returns a fully initialized AWSClient
func (c *Config) Client() (interface{}, error) {
// Get the auth and region. This can fail if keys/regions were not
// specified and we're attempting to use the environment.
log.Println("[INFO] Building AWS region structure")
err := c.ValidateRegion()
if err != nil {
return nil, err
}
var client AWSClient
// store AWS region in client struct, for region specific operations such as
// bucket storage in S3
client.region = c.Region
log.Println("[INFO] Building AWS auth structure")
creds, err := GetCredentials(c)
if err != nil {
return nil, err
}
// Call Get to check for credential provider. If nothing found, we'll get an
// error, and we can present it nicely to the user
cp, err := creds.Get()
if err != nil {
if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoCredentialProviders" {
return nil, errors.New(`No valid credential sources found for AWS Provider.
Please see https://terraform.io/docs/providers/aws/index.html for more information on
providing credentials for the AWS Provider`)
}
return nil, fmt.Errorf("Error loading credentials for AWS Provider: %s", err)
}
log.Printf("[INFO] AWS Auth provider used: %q", cp.ProviderName)
awsConfig := &aws.Config{
Credentials: creds,
Region: aws.String(c.Region),
MaxRetries: aws.Int(c.MaxRetries),
HTTPClient: cleanhttp.DefaultClient(),
S3ForcePathStyle: aws.Bool(c.S3ForcePathStyle),
}
if logging.IsDebugOrHigher() {
awsConfig.LogLevel = aws.LogLevel(aws.LogDebugWithHTTPBody)
awsConfig.Logger = awsLogger{}
}
if c.Insecure {
transport := awsConfig.HTTPClient.Transport.(*http.Transport)
transport.TLSClientConfig = &tls.Config{
InsecureSkipVerify: true,
}
}
// Set up base session
sess, err := session.NewSession(awsConfig)
if err != nil {
return nil, errwrap.Wrapf("Error creating AWS session: {{err}}", err)
}
// Removes the SDK Version handler, so we only have the provider User-Agent
// Ex: "User-Agent: APN/1.0 HashiCorp/1.0 Terraform/0.7.9-dev"
sess.Handlers.Build.Remove(request.NamedHandler{Name: "core.SDKVersionUserAgentHandler"})
sess.Handlers.Build.PushFrontNamed(addTerraformVersionToUserAgent)
if extraDebug := os.Getenv("TERRAFORM_AWS_AUTHFAILURE_DEBUG"); extraDebug != "" {
sess.Handlers.UnmarshalError.PushFrontNamed(debugAuthFailure)
}
// Some services exist only in us-east-1, e.g. because they manage
// resources that can span across multiple regions, or because
// signature format v4 requires region to be us-east-1 for global
// endpoints:
// http://docs.aws.amazon.com/general/latest/gr/sigv4_changes.html
usEast1Sess := sess.Copy(&aws.Config{Region: aws.String("us-east-1")})
// Some services have user-configurable endpoints
awsEc2Sess := sess.Copy(&aws.Config{Endpoint: aws.String(c.Ec2Endpoint)})
awsElbSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.ElbEndpoint)})
awsIamSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.IamEndpoint)})
awsS3Sess := sess.Copy(&aws.Config{Endpoint: aws.String(c.S3Endpoint)})
dynamoSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.DynamoDBEndpoint)})
kinesisSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.KinesisEndpoint)})
// These two services need to be set up early so we can check on AccountID
client.iamconn = iam.New(awsIamSess)
client.stsconn = sts.New(sess)
if !c.SkipCredsValidation {
err = c.ValidateCredentials(client.stsconn)
if err != nil {
return nil, err
}
}
if !c.SkipRequestingAccountId {
partition, accountId, err := GetAccountInfo(client.iamconn, client.stsconn, cp.ProviderName)
if err == nil {
client.partition = partition
client.accountid = accountId
}
}
authErr := c.ValidateAccountId(client.accountid)
if authErr != nil {
return nil, authErr
}
client.acmconn = acm.New(sess)
client.apigateway = apigateway.New(sess)
client.appautoscalingconn = applicationautoscaling.New(sess)
client.autoscalingconn = autoscaling.New(sess)
client.cfconn = cloudformation.New(sess)
client.cloudfrontconn = cloudfront.New(sess)
client.cloudtrailconn = cloudtrail.New(sess)
client.cloudwatchconn = cloudwatch.New(sess)
client.cloudwatcheventsconn = cloudwatchevents.New(sess)
client.cloudwatchlogsconn = cloudwatchlogs.New(sess)
client.codecommitconn = codecommit.New(usEast1Sess)
client.codedeployconn = codedeploy.New(sess)
client.dsconn = directoryservice.New(sess)
client.dynamodbconn = dynamodb.New(dynamoSess)
client.ec2conn = ec2.New(awsEc2Sess)
client.ecrconn = ecr.New(sess)
client.ecsconn = ecs.New(sess)
client.efsconn = efs.New(sess)
client.elasticacheconn = elasticache.New(sess)
client.elasticbeanstalkconn = elasticbeanstalk.New(sess)
client.elastictranscoderconn = elastictranscoder.New(sess)
client.elbconn = elb.New(awsElbSess)
client.elbv2conn = elbv2.New(awsElbSess)
client.emrconn = emr.New(sess)
client.esconn = elasticsearch.New(sess)
client.firehoseconn = firehose.New(sess)
client.glacierconn = glacier.New(sess)
client.kinesisconn = kinesis.New(kinesisSess)
client.kmsconn = kms.New(sess)
client.lambdaconn = lambda.New(sess)
client.lightsailconn = lightsail.New(usEast1Sess)
client.opsworksconn = opsworks.New(usEast1Sess)
client.r53conn = route53.New(usEast1Sess)
client.rdsconn = rds.New(sess)
client.redshiftconn = redshift.New(sess)
client.simpledbconn = simpledb.New(sess)
client.s3conn = s3.New(awsS3Sess)
client.sesConn = ses.New(sess)
client.snsconn = sns.New(sess)
client.sqsconn = sqs.New(sess)
client.ssmconn = ssm.New(sess)
client.wafconn = waf.New(sess)
return &client, nil
}
func RDS() *rds.RDS {
return rds.New(awsConfig())
}
testSink *lagertest.TestSink
logger lager.Logger
rdsDBCluster DBCluster
)
BeforeEach(func() {
region = "rds-region"
dbClusterIdentifier = "cf-cluster-id"
})
JustBeforeEach(func() {
awsSession = session.New(nil)
iamsvc = iam.New(awsSession)
rdssvc = rds.New(awsSession)
logger = lager.NewLogger("rdsdbcluster_test")
testSink = lagertest.NewTestSink()
logger.RegisterSink(testSink)
rdsDBCluster = NewRDSDBCluster(region, iamsvc, rdssvc, logger)
})
var _ = Describe("Describe", func() {
var (
properDBClusterDetails DBClusterDetails
describeDBClusters []*rds.DBCluster
describeDBCluster *rds.DBCluster
func newClient() *rds.RDS {
cfg := loadConfig()
return rds.New(session.New(cfg))
}
func setupRDS(c *cli.Context) *rds.RDS {
region := c.GlobalString("region")
maxRetries := c.GlobalInt("max-retries")
cfg := aws.NewConfig().WithRegion(region).WithMaxRetries(maxRetries)
return rds.New(session.New(), cfg)
}
func init() {
gucumber.Before("@rds", func() {
gucumber.World["client"] = rds.New(smoke.Session)
})
}
// Client configures and returns a fully initailized AWSClient
func (c *Config) Client() (interface{}, error) {
var client AWSClient
// Get the auth and region. This can fail if keys/regions were not
// specified and we're attempting to use the environment.
var errs []error
log.Println("[INFO] Building AWS region structure")
err := c.ValidateRegion()
if err != nil {
errs = append(errs, err)
}
if len(errs) == 0 {
// store AWS region in client struct, for region specific operations such as
// bucket storage in S3
client.region = c.Region
log.Println("[INFO] Building AWS auth structure")
creds := credentials.NewChainCredentials([]credentials.Provider{
&credentials.StaticProvider{Value: credentials.Value{
AccessKeyID: c.AccessKey,
SecretAccessKey: c.SecretKey,
SessionToken: c.Token,
}},
&credentials.EnvProvider{},
&credentials.SharedCredentialsProvider{Filename: "", Profile: ""},
&credentials.EC2RoleProvider{},
})
awsConfig := &aws.Config{
Credentials: creds,
Region: c.Region,
MaxRetries: c.MaxRetries,
}
log.Println("[INFO] Initializing DynamoDB connection")
client.dynamodbconn = dynamodb.New(awsConfig)
log.Println("[INFO] Initializing ELB connection")
client.elbconn = elb.New(awsConfig)
log.Println("[INFO] Initializing S3 connection")
client.s3conn = s3.New(awsConfig)
log.Println("[INFO] Initializing SQS connection")
client.sqsconn = sqs.New(awsConfig)
log.Println("[INFO] Initializing SNS connection")
client.snsconn = sns.New(awsConfig)
log.Println("[INFO] Initializing RDS Connection")
client.rdsconn = rds.New(awsConfig)
log.Println("[INFO] Initializing IAM Connection")
client.iamconn = iam.New(awsConfig)
log.Println("[INFO] Initializing Kinesis Connection")
client.kinesisconn = kinesis.New(awsConfig)
err := c.ValidateAccountId(client.iamconn)
if err != nil {
errs = append(errs, err)
}
log.Println("[INFO] Initializing AutoScaling connection")
client.autoscalingconn = autoscaling.New(awsConfig)
log.Println("[INFO] Initializing EC2 Connection")
client.ec2conn = ec2.New(awsConfig)
log.Println("[INFO] Initializing ECS Connection")
client.ecsconn = ecs.New(awsConfig)
// aws-sdk-go uses v4 for signing requests, which requires all global
// endpoints to use 'us-east-1'.
// See http://docs.aws.amazon.com/general/latest/gr/sigv4_changes.html
log.Println("[INFO] Initializing Route 53 connection")
client.r53conn = route53.New(&aws.Config{
Credentials: creds,
Region: "us-east-1",
MaxRetries: c.MaxRetries,
})
log.Println("[INFO] Initializing Elasticache Connection")
client.elasticacheconn = elasticache.New(awsConfig)
log.Println("[INFO] Initializing Lambda Connection")
client.lambdaconn = lambda.New(awsConfig)
log.Println("[INFO] Initializing CloudWatch SDK connection")
client.cloudwatchconn = cloudwatch.New(awsConfig)
}
if len(errs) > 0 {
return nil, &multierror.Error{Errors: errs}
}
return &client, nil
}
func Create(config *Config) {
//fmt.Println("Create not implemented")
uuids := uuid.New()
svc := ec2.New(session.New())
rdsc := rds.New(session.New())
elbc := elb.New(session.New())
if config.KeyPair != "" {
dkpi := &ec2.DescribeKeyPairsInput{KeyNames: []*string{&config.KeyPair}}
dkpo, err := svc.DescribeKeyPairs(dkpi)
if err != nil {
// almost certainly due to keypair already existing
//fmt.Println("Failed to describe key pairs:", err)
}
if len(dkpo.KeyPairs) == 0 {
ckpi := &ec2.CreateKeyPairInput{KeyName: &config.KeyPair}
ckpo, err := svc.CreateKeyPair(ckpi)
if err != nil {
fmt.Println("Failed to create keypair:")
panic(err)
}
fmt.Println("Created keypair:", config.KeyPair)
err = ioutil.WriteFile(config.KeyPair+".key", []byte(*ckpo.KeyMaterial), 0600)
if err != nil {
fmt.Println("Failed to write to", config.KeyPair+".key:", err)
fmt.Println(*ckpo.KeyMaterial)
} else {
fmt.Println("Key saved to file:", config.KeyPair+".key")
}
}
}
err := verifyAndCreateVPC(svc, config)
if err != nil {
panic(err)
}
err = deleteSawsInfo(config)
if err != nil {
panic(err)
}
doneChan := make(chan string)
numStepsDeferred := 0
// Creat RDS
for i := range config.RDS {
// setup RDS instances
_, err = getRDSInstanceById(rdsc, &config.RDS[i].DBInstanceIdentifier)
if err == nil {
fmt.Println("RDS instance", config.RDS[i].DBInstanceIdentifier, "exists.")
continue
}
groupname := "sawsdbprivate"
cdbsgi := &rds.CreateDBSubnetGroupInput{DBSubnetGroupName: &groupname, SubnetIds: []*string{&config.PrivateSubnetId, &config.PublicSubnetId}, DBSubnetGroupDescription: &groupname}
_, err := rdsc.CreateDBSubnetGroup(cdbsgi)
if err != nil {
//fmt.Println("Failed to create db subnetgroup:", err)
//FIXME: search for subnet gorup if already created
//panic(err)
}
//fmt.Println("Creating with:", config.RDS[i])
//fmt.Println("DBSubnetGroupName: ", cdsgo.DBSubnetGroup.DBSubnetGroupName)
//fmt.Println("Engine: ", config.RDS[i].Engine)
//fmt.Println("DBName: ", config.RDS[i].DBName)
//fmt.Println("DBInstanceIdentifier: ", config.RDS[i].DBInstanceIdentifier)
//fmt.Println("AllocatedStorage: ", config.RDS[i].AllocatedStorage)
//fmt.Println("DBInstanceClass: ", config.RDS[i].DBInstanceClass)
//fmt.Println("MasterUsername: "******"MasterUserPassword: "******"Error creating db instance.")
panic(err)
}
//fmt.Println(cdbo)
fmt.Println("Created", config.RDS[i].Engine, "RDS instance: ", config.RDS[i].DBInstanceIdentifier)
numStepsDeferred++
go func() {
rdsinst, err := waitForRDSEndpoint(rdsc, &config.RDS[i].DBInstanceIdentifier)
if err != nil {
fmt.Println(err)
doneChan <- fmt.Sprint(err)
} else {
doneChan <- fmt.Sprintf("Endpoint for RDS instance %s: %s", config.RDS[i].DBInstanceIdentifier, *rdsinst.Endpoint.Address)
}
}()
}
// Creat EC2
for i := range config.EC2 {
//fmt.Println("Creating EC2 instance:", config.EC2[i].Name)
//fmt.Println(config.EC2[i].InstanceType)
instances := getInstancesByName(svc, config.EC2[i].Name)
exists := false
for k := range instances {
if *instances[k].State.Name == "terminated" {
//fmt.Println("Instance is terminated:", *instances[k].InstanceId)
} else {
fmt.Println("Instance", config.EC2[i].Name, "already exists:", *instances[k].InstanceId)
exists = true
}
}
if !exists {
//fmt.Println("No instance found, creating...")
var userdata string
if config.EC2[i].InitialConfig == "" {
userdata = getUserData(config.InitialConfig, config.S3Bucket, config.EC2[i].Name, config.VPC, uuids)
} else {
userdata = getUserData(config.EC2[i].InitialConfig, config.S3Bucket, config.EC2[i].Name, config.VPC, uuids)
}
numsteps := createInstance(svc, config, config.EC2[i], userdata, doneChan)
numStepsDeferred += numsteps
}
}
// Create ELB
for i := range config.ELB {
//fmt.Println("elbport ", config.ELB[i].InstancePort)
//fmt.Println("instanceport ", config.ELB[i].InstancePort)
secgroupids := getSecurityGroupIds(svc, config, config.ELB[i].SecurityGroups)
listn := &elb.Listener{InstancePort: &config.ELB[i].InstancePort, InstanceProtocol: &config.ELB[i].Protocol, Protocol: &config.ELB[i].Protocol, LoadBalancerPort: &config.ELB[i].InstancePort}
//clbi := &elb.CreateLoadBalancerInput{Listeners: []*elb.Listener{ listn }, LoadBalancerName: &config.ELB[i].Name, Subnets: []*string{ &config.PublicSubnetId, &config.PrivateSubnetId }, SecurityGroups: secgroupids }
clbi := &elb.CreateLoadBalancerInput{Listeners: []*elb.Listener{listn}, LoadBalancerName: &config.ELB[i].Name, Subnets: []*string{&config.PublicSubnetId}, SecurityGroups: secgroupids}
clbo, err := elbc.CreateLoadBalancer(clbi)
if err != nil {
fmt.Println("Failed to create elb:", err)
}
fmt.Println("Created elb:", *clbo.DNSName)
instances := []*elb.Instance{}
for k := range config.ELB[i].Instances {
validInstances := getInstancesByName(svc, config.ELB[i].Instances[k])
//fmt.Println(validInstances)
for j := range validInstances {
if *validInstances[j].State.Name != "terminated" {
instance := &elb.Instance{InstanceId: validInstances[j].InstanceId}
instances = append(instances, instance)
}
}
}
riwlbi := &elb.RegisterInstancesWithLoadBalancerInput{LoadBalancerName: &config.ELB[i].Name, Instances: instances}
_, err = elbc.RegisterInstancesWithLoadBalancer(riwlbi)
if err != nil {
fmt.Println("Failed to register instances with elb:", err)
}
}
if numStepsDeferred != 0 {
fmt.Println("Waiting for remaining", numStepsDeferred, "creation steps to complete...")
for i := 0; i < numStepsDeferred; i++ {
msg := <-doneChan
next := i + 1
fmt.Printf("%d: %s\n", next, msg)
}
}
err = sendSawsInfo(config, uuids)
if err != nil {
panic(err)
}
//fmt.Println("Creating with", config)
}
// Client configures and returns a fully initialized AWSClient
func (c *Config) Client() (interface{}, error) {
var client AWSClient
// Get the auth and region. This can fail if keys/regions were not
// specified and we're attempting to use the environment.
var errs []error
log.Println("[INFO] Building AWS region structure")
err := c.ValidateRegion()
if err != nil {
errs = append(errs, err)
}
if len(errs) == 0 {
// store AWS region in client struct, for region specific operations such as
// bucket storage in S3
client.region = c.Region
log.Println("[INFO] Building AWS auth structure")
creds := getCreds(c.AccessKey, c.SecretKey, c.Token)
// Call Get to check for credential provider. If nothing found, we'll get an
// error, and we can present it nicely to the user
_, err = creds.Get()
if err != nil {
errs = append(errs, fmt.Errorf("Error loading credentials for AWS Provider: %s", err))
return nil, &multierror.Error{Errors: errs}
}
awsConfig := &aws.Config{
Credentials: creds,
Region: aws.String(c.Region),
MaxRetries: aws.Int(c.MaxRetries),
HTTPClient: cleanhttp.DefaultClient(),
}
log.Println("[INFO] Initializing IAM Connection")
sess := session.New(awsConfig)
client.iamconn = iam.New(sess)
err = c.ValidateCredentials(client.iamconn)
if err != nil {
errs = append(errs, err)
}
// Some services exist only in us-east-1, e.g. because they manage
// resources that can span across multiple regions, or because
// signature format v4 requires region to be us-east-1 for global
// endpoints:
// http://docs.aws.amazon.com/general/latest/gr/sigv4_changes.html
usEast1AwsConfig := &aws.Config{
Credentials: creds,
Region: aws.String("us-east-1"),
MaxRetries: aws.Int(c.MaxRetries),
HTTPClient: cleanhttp.DefaultClient(),
}
usEast1Sess := session.New(usEast1AwsConfig)
awsDynamoDBConfig := *awsConfig
awsDynamoDBConfig.Endpoint = aws.String(c.DynamoDBEndpoint)
log.Println("[INFO] Initializing DynamoDB connection")
dynamoSess := session.New(&awsDynamoDBConfig)
client.dynamodbconn = dynamodb.New(dynamoSess)
log.Println("[INFO] Initializing ELB connection")
client.elbconn = elb.New(sess)
log.Println("[INFO] Initializing S3 connection")
client.s3conn = s3.New(sess)
log.Println("[INFO] Initializing SQS connection")
client.sqsconn = sqs.New(sess)
log.Println("[INFO] Initializing SNS connection")
client.snsconn = sns.New(sess)
log.Println("[INFO] Initializing RDS Connection")
client.rdsconn = rds.New(sess)
awsKinesisConfig := *awsConfig
awsKinesisConfig.Endpoint = aws.String(c.KinesisEndpoint)
log.Println("[INFO] Initializing Kinesis Connection")
kinesisSess := session.New(&awsKinesisConfig)
client.kinesisconn = kinesis.New(kinesisSess)
authErr := c.ValidateAccountId(client.iamconn)
if authErr != nil {
errs = append(errs, authErr)
}
log.Println("[INFO] Initializing Kinesis Firehose Connection")
client.firehoseconn = firehose.New(sess)
log.Println("[INFO] Initializing AutoScaling connection")
client.autoscalingconn = autoscaling.New(sess)
log.Println("[INFO] Initializing EC2 Connection")
client.ec2conn = ec2.New(sess)
log.Println("[INFO] Initializing ECR Connection")
client.ecrconn = ecr.New(sess)
log.Println("[INFO] Initializing ECS Connection")
client.ecsconn = ecs.New(sess)
log.Println("[INFO] Initializing EFS Connection")
client.efsconn = efs.New(sess)
log.Println("[INFO] Initializing ElasticSearch Connection")
client.esconn = elasticsearch.New(sess)
log.Println("[INFO] Initializing Route 53 connection")
client.r53conn = route53.New(usEast1Sess)
log.Println("[INFO] Initializing Elasticache Connection")
client.elasticacheconn = elasticache.New(sess)
log.Println("[INFO] Initializing Lambda Connection")
client.lambdaconn = lambda.New(sess)
log.Println("[INFO] Initializing Cloudformation Connection")
client.cfconn = cloudformation.New(sess)
log.Println("[INFO] Initializing CloudWatch SDK connection")
client.cloudwatchconn = cloudwatch.New(sess)
log.Println("[INFO] Initializing CloudTrail connection")
client.cloudtrailconn = cloudtrail.New(sess)
log.Println("[INFO] Initializing CloudWatch Logs connection")
client.cloudwatchlogsconn = cloudwatchlogs.New(sess)
log.Println("[INFO] Initializing OpsWorks Connection")
client.opsworksconn = opsworks.New(usEast1Sess)
log.Println("[INFO] Initializing Directory Service connection")
client.dsconn = directoryservice.New(sess)
log.Println("[INFO] Initializing Glacier connection")
client.glacierconn = glacier.New(sess)
log.Println("[INFO] Initializing CodeDeploy Connection")
client.codedeployconn = codedeploy.New(sess)
log.Println("[INFO] Initializing CodeCommit SDK connection")
client.codecommitconn = codecommit.New(usEast1Sess)
log.Println("[INFO] Initializing Redshift SDK connection")
client.redshiftconn = redshift.New(sess)
}
if len(errs) > 0 {
return nil, &multierror.Error{Errors: errs}
}
return &client, nil
}
func init() {
Before("@rds", func() {
World["client"] = rds.New(smoke.Session)
})
}
// Client configures and returns a fully initialized AWSClient
func (c *Config) Client() (interface{}, error) {
var client AWSClient
// Get the auth and region. This can fail if keys/regions were not
// specified and we're attempting to use the environment.
var errs []error
log.Println("[INFO] Building AWS region structure")
err := c.ValidateRegion()
if err != nil {
errs = append(errs, err)
}
if len(errs) == 0 {
// store AWS region in client struct, for region specific operations such as
// bucket storage in S3
client.region = c.Region
log.Println("[INFO] Building AWS auth structure")
// We fetched all credential sources in Provider. If they are
// available, they'll already be in c. See Provider definition.
creds := credentials.NewStaticCredentials(c.AccessKey, c.SecretKey, c.Token)
awsConfig := &aws.Config{
Credentials: creds,
Region: aws.String(c.Region),
MaxRetries: aws.Int(c.MaxRetries),
HTTPClient: cleanhttp.DefaultClient(),
}
log.Println("[INFO] Initializing IAM Connection")
client.iamconn = iam.New(awsConfig)
err := c.ValidateCredentials(client.iamconn)
if err != nil {
errs = append(errs, err)
}
awsDynamoDBConfig := &aws.Config{
Credentials: creds,
Region: aws.String(c.Region),
MaxRetries: aws.Int(c.MaxRetries),
Endpoint: aws.String(c.DynamoDBEndpoint),
}
// Some services exist only in us-east-1, e.g. because they manage
// resources that can span across multiple regions, or because
// signature format v4 requires region to be us-east-1 for global
// endpoints:
// http://docs.aws.amazon.com/general/latest/gr/sigv4_changes.html
usEast1AwsConfig := &aws.Config{
Credentials: creds,
Region: aws.String("us-east-1"),
MaxRetries: aws.Int(c.MaxRetries),
HTTPClient: cleanhttp.DefaultClient(),
}
log.Println("[INFO] Initializing DynamoDB connection")
client.dynamodbconn = dynamodb.New(awsDynamoDBConfig)
log.Println("[INFO] Initializing ELB connection")
client.elbconn = elb.New(awsConfig)
log.Println("[INFO] Initializing S3 connection")
client.s3conn = s3.New(awsConfig)
log.Println("[INFO] Initializing SQS connection")
client.sqsconn = sqs.New(awsConfig)
log.Println("[INFO] Initializing SNS connection")
client.snsconn = sns.New(awsConfig)
log.Println("[INFO] Initializing RDS Connection")
client.rdsconn = rds.New(awsConfig)
log.Println("[INFO] Initializing Kinesis Connection")
client.kinesisconn = kinesis.New(awsConfig)
authErr := c.ValidateAccountId(client.iamconn)
if authErr != nil {
errs = append(errs, authErr)
}
log.Println("[INFO] Initializing AutoScaling connection")
client.autoscalingconn = autoscaling.New(awsConfig)
log.Println("[INFO] Initializing EC2 Connection")
client.ec2conn = ec2.New(awsConfig)
log.Println("[INFO] Initializing ECS Connection")
client.ecsconn = ecs.New(awsConfig)
log.Println("[INFO] Initializing EFS Connection")
client.efsconn = efs.New(awsConfig)
log.Println("[INFO] Initializing ElasticSearch Connection")
client.esconn = elasticsearch.New(awsConfig)
log.Println("[INFO] Initializing Route 53 connection")
client.r53conn = route53.New(usEast1AwsConfig)
log.Println("[INFO] Initializing Elasticache Connection")
client.elasticacheconn = elasticache.New(awsConfig)
log.Println("[INFO] Initializing Lambda Connection")
client.lambdaconn = lambda.New(awsConfig)
log.Println("[INFO] Initializing Cloudformation Connection")
client.cfconn = cloudformation.New(awsConfig)
log.Println("[INFO] Initializing CloudWatch SDK connection")
client.cloudwatchconn = cloudwatch.New(awsConfig)
log.Println("[INFO] Initializing CloudWatch Logs connection")
client.cloudwatchlogsconn = cloudwatchlogs.New(awsConfig)
log.Println("[INFO] Initializing OpsWorks Connection")
client.opsworksconn = opsworks.New(usEast1AwsConfig)
log.Println("[INFO] Initializing Directory Service connection")
client.dsconn = directoryservice.New(awsConfig)
log.Println("[INFO] Initializing Glacier connection")
client.glacierconn = glacier.New(awsConfig)
log.Println("[INFO] Initializing CodeDeploy Connection")
client.codedeployconn = codedeploy.New(awsConfig)
}
if len(errs) > 0 {
return nil, &multierror.Error{Errors: errs}
}
return &client, nil
}
func Destroy(config *Config) {
//fmt.Println("Destroy not implemented")
svc := ec2.New(session.New())
elbc := elb.New(session.New())
rdsc := rds.New(session.New())
doneChan := make(chan string)
numStepsDeferred := 0
for i := range config.EC2 {
fmt.Println("Destroying EC2 instance:", config.EC2[i].Name)
//fmt.Println(config.EC2[i].InstanceType)
instances := getInstancesByName(svc, config.EC2[i].Name)
for k := range instances {
if *instances[k].State.Name == "terminated" {
//fmt.Println("Instance is terminated:", *instances[k].InstanceId)
} else {
//fmt.Println("Instance will be terminated:", *instances[k].InstanceId)
if config.EC2[i].HasExternalIP {
//fmt.Println("Has external IP")
//waitForNonXState(svc, instances[k].InstanceId, "shutting-down")
err := releaseExternalIP(svc, *instances[k].InstanceId)
if err != nil {
fmt.Println("Failed to release ip: ", err)
}
}
instanceids := []*string{instances[k].InstanceId}
tii := ec2.TerminateInstancesInput{InstanceIds: instanceids}
_, err := svc.TerminateInstances(&tii)
if err != nil {
panic(err)
}
numStepsDeferred++
go func() {
//err := waitForDetachedNetwork(svc,instances[k].InstanceId)
err := waitForXState(svc, instances[k].InstanceId, "terminated")
if err != nil {
fmt.Println(err)
doneChan <- fmt.Sprint(err)
} else {
//time.Sleep(20*time.Second)
doneChan <- fmt.Sprintf("Terminated instance: %s", *instances[k].InstanceId)
}
}()
}
}
}
if config.DestroyPolicy == "nuke" {
for i := range config.RDS {
abool := true
ddbi := &rds.DeleteDBInstanceInput{DBInstanceIdentifier: &config.RDS[i].DBInstanceIdentifier, SkipFinalSnapshot: &abool}
_, err := rdsc.DeleteDBInstance(ddbi)
if err != nil {
fmt.Println("Error deleting instance:", err)
}
//fmt.Println(ddbo)
numStepsDeferred++
go func() {
err := waitForDeleteRDS(rdsc, &config.RDS[i].DBInstanceIdentifier)
if err != nil {
fmt.Println(err)
doneChan <- fmt.Sprint(err)
} else {
groupname := "sawsdbprivate"
ddbsgi := &rds.DeleteDBSubnetGroupInput{DBSubnetGroupName: &groupname}
_, err = rdsc.DeleteDBSubnetGroup(ddbsgi)
if err != nil {
fmt.Println("Failed to delete db subnetgroup:", err)
}
doneChan <- fmt.Sprintf("Destroyed %s RDS instance: %s", config.RDS[i].Engine, config.RDS[i].DBInstanceIdentifier)
}
}()
}
}
for i := range config.ELB {
dlbi := &elb.DeleteLoadBalancerInput{LoadBalancerName: &config.ELB[i].Name}
_, err := elbc.DeleteLoadBalancer(dlbi)
if err != nil {
fmt.Println("Failed to delete load balancer:", err)
} else {
fmt.Println("Destroyed load balancer:", config.ELB[i].Name)
}
}
if numStepsDeferred != 0 {
fmt.Println("Waiting for remaining", numStepsDeferred, "destroy steps to complete...")
for i := 0; i < numStepsDeferred; i++ {
msg := <-doneChan
next := i + 1
fmt.Printf("%d: %s\n", next, msg)
}
}
if config.DestroyPolicy == "nuke" {
dvi := &ec2.DescribeVpcsInput{}
dvo, err := svc.DescribeVpcs(dvi)
if err != nil {
panic(err)
}
for i := range dvo.Vpcs {
if *dvo.Vpcs[i].CidrBlock == config.VPC {
config.VpcId = *dvo.Vpcs[i].VpcId
}
}
if config.VpcId == "" {
fmt.Println("No VPC found, so not removing VPC or dependencies.")
return
}
// before we mess with gateways and security groups, lets make sure all attached addresses are gone. they should really all be gone at this point, but it takes a bit sometimes...
fmt.Println("Waiting for IPs to be free from Vpcs/Subnets...")
err = waitForNoUsedIPS(svc, config.VpcId)
if err != nil {
fmt.Println(err)
}
// destroy security groups associated with VPC
secgroups := getSecurityGroupIdsByVPC(svc, config.VpcId)
for i := range secgroups {
dsgi := &ec2.DeleteSecurityGroupInput{GroupId: secgroups[i]}
_, err := svc.DeleteSecurityGroup(dsgi)
if err != nil {
fmt.Println("Error deleting security group:", err)
} else {
fmt.Println("Delete security group:", *secgroups[i])
}
}
// deactivate and destroy gateways associated with VPC
gatewayids, err := getGatewayIds(svc, config.VpcId)
if err != nil {
fmt.Println("Error fetching gateway list:", err)
}
for i := range gatewayids {
digi := &ec2.DetachInternetGatewayInput{InternetGatewayId: &gatewayids[i], VpcId: &config.VpcId}
_, err := svc.DetachInternetGateway(digi)
if err != nil {
fmt.Println("Failed to detach internet gateway:", err)
}
deigi := &ec2.DeleteInternetGatewayInput{InternetGatewayId: &gatewayids[i]}
_, err = svc.DeleteInternetGateway(deigi)
if err != nil {
fmt.Println("Failed to delete internet gateway:", gatewayids[i])
}
}
// wait a bit for aws to settle...
//fmt.Println("All instances, security groups, gateways destroyed, resting a bit and removing route tables, subnets and VPC...")
//time.Sleep(60*time.Second)
// destroy subnets associated with VPC
filters := make([]*ec2.Filter, 0)
keyname := "vpc-id"
filter := ec2.Filter{
Name: &keyname, Values: []*string{&config.VpcId}}
filters = append(filters, &filter)
dsi := &ec2.DescribeSubnetsInput{Filters: filters}
subnets, err := svc.DescribeSubnets(dsi)
if err != nil {
fmt.Println("Error describing subnets associated with VPC:", err)
}
for i := range subnets.Subnets {
desi := &ec2.DeleteSubnetInput{SubnetId: subnets.Subnets[i].SubnetId}
_, err = svc.DeleteSubnet(desi)
if err != nil {
fmt.Println("Failed to delete subnet:", err)
}
}
// destroy route tables associated with VPC
filters = make([]*ec2.Filter, 0)
keyname = "vpc-id"
filter = ec2.Filter{
Name: &keyname, Values: []*string{&config.VpcId}}
filters = append(filters, &filter)
rti := &ec2.DescribeRouteTablesInput{Filters: filters}
rttables, err := svc.DescribeRouteTables(rti)
if err != nil {
fmt.Println("Error describing route table associated with VPC:", err)
}
for i := range rttables.RouteTables {
drti := &ec2.DeleteRouteTableInput{RouteTableId: rttables.RouteTables[i].RouteTableId}
_, err = svc.DeleteRouteTable(drti)
if err != nil {
//fmt.Println("Failed to delete route table:", err)
}
}
devi := &ec2.DeleteVpcInput{VpcId: &config.VpcId}
_, err = svc.DeleteVpc(devi)
if err != nil {
fmt.Println("Error deleting vpc: ", err)
}
fmt.Println("Destroyed VPC:", config.VpcId)
} else {
fmt.Println("Everything but RDS and VPC destroyed.")
}
}
func init() {
Before("@rds", func() {
World["client"] = rds.New(nil)
})
}
func TestInterface(t *testing.T) {
assert.Implements(t, (*rdsiface.RDSAPI)(nil), rds.New(nil))
}
// Client configures and returns a fully initialized AWSClient
func (c *Config) Client() (interface{}, error) {
// Get the auth and region. This can fail if keys/regions were not
// specified and we're attempting to use the environment.
var errs []error
log.Println("[INFO] Building AWS region structure")
err := c.ValidateRegion()
if err != nil {
errs = append(errs, err)
}
var client AWSClient
if len(errs) == 0 {
// store AWS region in client struct, for region specific operations such as
// bucket storage in S3
client.region = c.Region
log.Println("[INFO] Building AWS auth structure")
creds := GetCredentials(c.AccessKey, c.SecretKey, c.Token, c.Profile, c.CredsFilename)
// Call Get to check for credential provider. If nothing found, we'll get an
// error, and we can present it nicely to the user
cp, err := creds.Get()
if err != nil {
if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "NoCredentialProviders" {
errs = append(errs, fmt.Errorf(`No valid credential sources found for AWS Provider.
Please see https://terraform.io/docs/providers/aws/index.html for more information on
providing credentials for the AWS Provider`))
} else {
errs = append(errs, fmt.Errorf("Error loading credentials for AWS Provider: %s", err))
}
return nil, &multierror.Error{Errors: errs}
}
log.Printf("[INFO] AWS Auth provider used: %q", cp.ProviderName)
awsConfig := &aws.Config{
Credentials: creds,
Region: aws.String(c.Region),
MaxRetries: aws.Int(c.MaxRetries),
HTTPClient: cleanhttp.DefaultClient(),
}
if logging.IsDebugOrHigher() {
awsConfig.LogLevel = aws.LogLevel(aws.LogDebugWithHTTPBody)
awsConfig.Logger = awsLogger{}
}
if c.Insecure {
transport := awsConfig.HTTPClient.Transport.(*http.Transport)
transport.TLSClientConfig = &tls.Config{
InsecureSkipVerify: true,
}
}
// Set up base session
sess := session.New(awsConfig)
sess.Handlers.Build.PushFrontNamed(addTerraformVersionToUserAgent)
// Some services exist only in us-east-1, e.g. because they manage
// resources that can span across multiple regions, or because
// signature format v4 requires region to be us-east-1 for global
// endpoints:
// http://docs.aws.amazon.com/general/latest/gr/sigv4_changes.html
usEast1Sess := sess.Copy(&aws.Config{Region: aws.String("us-east-1")})
// Some services have user-configurable endpoints
awsEc2Sess := sess.Copy(&aws.Config{Endpoint: aws.String(c.Ec2Endpoint)})
awsElbSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.ElbEndpoint)})
awsIamSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.IamEndpoint)})
dynamoSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.DynamoDBEndpoint)})
kinesisSess := sess.Copy(&aws.Config{Endpoint: aws.String(c.KinesisEndpoint)})
// These two services need to be set up early so we can check on AccountID
client.iamconn = iam.New(awsIamSess)
client.stsconn = sts.New(sess)
err = c.ValidateCredentials(client.stsconn)
if err != nil {
errs = append(errs, err)
return nil, &multierror.Error{Errors: errs}
}
accountId, err := GetAccountId(client.iamconn, client.stsconn, cp.ProviderName)
if err == nil {
client.accountid = accountId
}
authErr := c.ValidateAccountId(client.accountid)
if authErr != nil {
errs = append(errs, authErr)
}
client.apigateway = apigateway.New(sess)
client.autoscalingconn = autoscaling.New(sess)
client.cfconn = cloudformation.New(sess)
client.cloudfrontconn = cloudfront.New(sess)
client.cloudtrailconn = cloudtrail.New(sess)
client.cloudwatchconn = cloudwatch.New(sess)
client.cloudwatcheventsconn = cloudwatchevents.New(sess)
client.cloudwatchlogsconn = cloudwatchlogs.New(sess)
client.codecommitconn = codecommit.New(usEast1Sess)
client.codedeployconn = codedeploy.New(sess)
client.dsconn = directoryservice.New(sess)
client.dynamodbconn = dynamodb.New(dynamoSess)
client.ec2conn = ec2.New(awsEc2Sess)
client.ecrconn = ecr.New(sess)
client.ecsconn = ecs.New(sess)
client.efsconn = efs.New(sess)
client.elasticacheconn = elasticache.New(sess)
client.elasticbeanstalkconn = elasticbeanstalk.New(sess)
client.elastictranscoderconn = elastictranscoder.New(sess)
client.elbconn = elb.New(awsElbSess)
client.emrconn = emr.New(sess)
client.esconn = elasticsearch.New(sess)
client.firehoseconn = firehose.New(sess)
client.glacierconn = glacier.New(sess)
client.kinesisconn = kinesis.New(kinesisSess)
client.kmsconn = kms.New(sess)
client.lambdaconn = lambda.New(sess)
client.opsworksconn = opsworks.New(usEast1Sess)
client.r53conn = route53.New(usEast1Sess)
client.rdsconn = rds.New(sess)
client.redshiftconn = redshift.New(sess)
client.simpledbconn = simpledb.New(sess)
client.s3conn = s3.New(sess)
client.sesConn = ses.New(sess)
client.snsconn = sns.New(sess)
client.sqsconn = sqs.New(sess)
}
if len(errs) > 0 {
return nil, &multierror.Error{Errors: errs}
}
return &client, nil
}
func RDS() *rds.RDS {
return rds.New(session.New(), awsConfig())
}