func (d *driver) getSnapshot( volumeID, snapshotID, snapshotName string) ([]ec2.Snapshot, error) { filter := ec2.NewFilter() if snapshotName != "" { filter.Add("tag:Name", fmt.Sprintf("%s", snapshotName)) } if volumeID != "" { filter.Add("volume-id", volumeID) } snapshotList := []string{} if snapshotID != "" { //using snapshotList is returning stale data //snapshotList = append(snapshotList, snapshotID) filter.Add("snapshot-id", snapshotID) } resp, err := d.ec2Instance.Snapshots(snapshotList, filter) if err != nil { return []ec2.Snapshot{}, err } return resp.Snapshots, nil }
func (s *S) TestDescribeInstancesExample1(c *C) { testServer.Response(200, nil, DescribeInstancesExample1) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.DescribeInstances([]string{"i-1", "i-2"}, nil) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeInstances"}) c.Assert(req.Form["InstanceId.1"], DeepEquals, []string{"i-1"}) c.Assert(req.Form["InstanceId.2"], DeepEquals, []string{"i-2"}) c.Assert(err, IsNil) c.Assert(resp.RequestId, Equals, "98e3c9a4-848c-4d6d-8e8a-b1bdEXAMPLE") c.Assert(resp.Reservations, HasLen, 2) r0 := resp.Reservations[0] c.Assert(r0.ReservationId, Equals, "r-b27e30d9") c.Assert(r0.OwnerId, Equals, "999988887777") c.Assert(r0.RequesterId, Equals, "854251627541") c.Assert(r0.SecurityGroups, DeepEquals, []ec2.SecurityGroup{{Name: "default", Id: "sg-67ad940e"}}) c.Assert(r0.Instances, HasLen, 1) r0i := r0.Instances[0] c.Assert(r0i.InstanceId, Equals, "i-c5cd56af") c.Assert(r0i.PrivateDNSName, Equals, "domU-12-31-39-10-56-34.compute-1.internal") c.Assert(r0i.DNSName, Equals, "ec2-174-129-165-232.compute-1.amazonaws.com") c.Assert(r0i.AvailabilityZone, Equals, "us-east-1b") c.Assert(r0i.IPAddress, Equals, "174.129.165.232") c.Assert(r0i.PrivateIPAddress, Equals, "10.198.85.190") }
func (s *S) TestDescribeSecurityGroupsExampleWithFilter(c *C) { testServer.Response(200, nil, DescribeSecurityGroupsExample) filter := ec2.NewFilter() filter.Add("ip-permission.protocol", "tcp") filter.Add("ip-permission.from-port", "22") filter.Add("ip-permission.to-port", "22") filter.Add("ip-permission.group-name", "app_server_group", "database_group") _, err := s.ec2.SecurityGroups(nil, filter) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeSecurityGroups"}) c.Assert(req.Form["Filter.1.Name"], DeepEquals, []string{"ip-permission.from-port"}) c.Assert(req.Form["Filter.1.Value.1"], DeepEquals, []string{"22"}) c.Assert(req.Form["Filter.2.Name"], DeepEquals, []string{"ip-permission.group-name"}) c.Assert(req.Form["Filter.2.Value.1"], DeepEquals, []string{"app_server_group"}) c.Assert(req.Form["Filter.2.Value.2"], DeepEquals, []string{"database_group"}) c.Assert(req.Form["Filter.3.Name"], DeepEquals, []string{"ip-permission.protocol"}) c.Assert(req.Form["Filter.3.Value.1"], DeepEquals, []string{"tcp"}) c.Assert(req.Form["Filter.4.Name"], DeepEquals, []string{"ip-permission.to-port"}) c.Assert(req.Form["Filter.4.Value.1"], DeepEquals, []string{"22"}) c.Assert(err, IsNil) }
func (s *S) TestDescribeVpcs(c *C) { testServer.Response(200, nil, DescribeVpcsExample) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.DescribeVpcs([]string{"id1", "id2"}, filter) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeVpcs"}) c.Assert(req.Form["VpcId.1"], DeepEquals, []string{"id1"}) c.Assert(req.Form["VpcId.2"], DeepEquals, []string{"id2"}) c.Assert(req.Form["VpcId.3"], IsNil) c.Assert(req.Form["Filter.1.Name"], DeepEquals, []string{"key1"}) c.Assert(req.Form["Filter.1.Value.1"], DeepEquals, []string{"value1"}) c.Assert(req.Form["Filter.1.Value.2"], IsNil) c.Assert(req.Form["Filter.2.Name"], DeepEquals, []string{"key2"}) c.Assert(req.Form["Filter.2.Value.1"], DeepEquals, []string{"value2"}) c.Assert(req.Form["Filter.2.Value.2"], DeepEquals, []string{"value3"}) c.Assert(err, IsNil) c.Assert(resp.RequestId, Equals, "7a62c49f-347e-4fc4-9331-6e8eEXAMPLE") c.Assert(resp.VPCs[0].VpcId, Equals, "vpc-1a2b3c4d") c.Assert(resp.VPCs, HasLen, 1) }
func (driver *Driver) getVolume(volumeID, volumeName string) ([]ec2.Volume, error) { filter := ec2.NewFilter() if volumeName != "" { filter.Add("tag:Name", fmt.Sprintf("%s", volumeName)) } volumeList := []string{} if volumeID != "" { volumeList = append(volumeList, volumeID) } resp, err := driver.EC2Instance.Volumes(volumeList, filter) if err != nil { return []ec2.Volume{}, err } return resp.Volumes, nil }
func main() { initFlags() filter := ec2.NewFilter() for _, t := range tags { filter.Add(t.FilterName, t.FilterValue) } auth, err := aws.EnvAuth() if err != nil { log.Fatal(err) } e := ec2.New(auth, region) for { resp, err := e.DescribeInstances(nil, filter) if err != nil { log.Fatal(err) } instances := flattenReservations(resp.Reservations) tagKeys := tags.Keys() if len(tagKeys) == 0 { tagKeys = allTagKeys(instances) } targetGroups := groupByTags(instances, tagKeys) b := marshalTargetGroups(targetGroups) if dest == "-" { _, err = os.Stdout.Write(b) } else { err = atomicWriteFile(dest, b, ".new") } if err != nil { log.Fatal(err) } if sleep == 0 { break } else { time.Sleep(sleep) } } }
func (s *S) TestDescribeSpotRequestsExample(c *C) { testServer.Response(200, nil, DescribeSpotRequestsExample) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.DescribeSpotRequests([]string{"s-1", "s-2"}, filter) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeSpotInstanceRequests"}) c.Assert(req.Form["SpotInstanceRequestId.1"], DeepEquals, []string{"s-1"}) c.Assert(req.Form["SpotInstanceRequestId.2"], DeepEquals, []string{"s-2"}) c.Assert(err, IsNil) c.Assert(resp.RequestId, Equals, "b1719f2a-5334-4479-b2f1-26926EXAMPLE") c.Assert(resp.SpotRequestResults[0].SpotRequestId, Equals, "sir-1a2b3c4d") c.Assert(resp.SpotRequestResults[0].State, Equals, "active") c.Assert(resp.SpotRequestResults[0].SpotPrice, Equals, "0.5") c.Assert(resp.SpotRequestResults[0].SpotLaunchSpec.ImageId, Equals, "ami-1a2b3c4d") }
func (s *S) TestDescribeRouteTables(c *gocheck.C) { testServer.Response(200, nil, DescribeRouteTablesExample) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.DescribeRouteTables([]string{"rt1", "rt2"}, nil) req := testServer.WaitRequest() c.Assert(req.Form["Action"], gocheck.DeepEquals, []string{"DescribeRouteTables"}) c.Assert(req.Form["RouteTableId.1"], gocheck.DeepEquals, []string{"rt1"}) c.Assert(req.Form["RouteTableId.2"], gocheck.DeepEquals, []string{"rt2"}) c.Assert(err, gocheck.IsNil) c.Assert(resp.RequestId, gocheck.Equals, "6f570b0b-9c18-4b07-bdec-73740dcf861aEXAMPLE") c.Assert(resp.RouteTables, gocheck.HasLen, 2) rt1 := resp.RouteTables[0] c.Assert(rt1.Id, gocheck.Equals, "rtb-13ad487a") c.Assert(rt1.VpcId, gocheck.Equals, "vpc-11ad4878") c.Assert(rt1.Routes, gocheck.DeepEquals, []ec2.Route{ {DestinationCidrBlock: "10.0.0.0/22", GatewayId: "local", State: "active", Origin: "CreateRouteTable"}, }) c.Assert(rt1.Associations, gocheck.DeepEquals, []ec2.RouteTableAssociation{ {Id: "rtbassoc-12ad487b", RouteTableId: "rtb-13ad487a", Main: true}, }) rt2 := resp.RouteTables[1] c.Assert(rt2.Id, gocheck.Equals, "rtb-f9ad4890") c.Assert(rt2.VpcId, gocheck.Equals, "vpc-11ad4878") c.Assert(rt2.Routes, gocheck.DeepEquals, []ec2.Route{ {DestinationCidrBlock: "10.0.0.0/22", GatewayId: "local", State: "active", Origin: "CreateRouteTable"}, {DestinationCidrBlock: "0.0.0.0/0", GatewayId: "igw-eaad4883", State: "active"}, }) c.Assert(rt2.Associations, gocheck.DeepEquals, []ec2.RouteTableAssociation{ {Id: "rtbassoc-faad4893", RouteTableId: "rtb-f9ad4890", SubnetId: "subnet-15ad487c"}, }) }
func (s *S) TestDescribeAddressesPublicIPExample(c *C) { testServer.Response(200, nil, DescribeAddressesExample) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.DescribeAddresses([]string{"192.0.2.1", "198.51.100.2", "203.0.113.41"}, []string{}, nil) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeAddresses"}) c.Assert(req.Form["PublicIp.1"], DeepEquals, []string{"192.0.2.1"}) c.Assert(req.Form["PublicIp.2"], DeepEquals, []string{"198.51.100.2"}) c.Assert(req.Form["PublicIp.3"], DeepEquals, []string{"203.0.113.41"}) c.Assert(err, IsNil) c.Assert(resp.RequestId, Equals, "59dbff89-35bd-4eac-99ed-be587EXAMPLE") c.Assert(resp.Addresses, HasLen, 3) r0 := resp.Addresses[0] c.Assert(r0.PublicIp, Equals, "192.0.2.1") c.Assert(r0.Domain, Equals, "standard") c.Assert(r0.InstanceId, Equals, "i-f15ebb98") r0i := resp.Addresses[1] c.Assert(r0i.PublicIp, Equals, "198.51.100.2") c.Assert(r0i.Domain, Equals, "standard") c.Assert(r0i.InstanceId, Equals, "") r0ii := resp.Addresses[2] c.Assert(r0ii.PublicIp, Equals, "203.0.113.41") c.Assert(r0ii.Domain, Equals, "vpc") c.Assert(r0ii.InstanceId, Equals, "i-64600030") c.Assert(r0ii.AssociationId, Equals, "eipassoc-f0229899") c.Assert(r0ii.AllocationId, Equals, "eipalloc-08229861") c.Assert(r0ii.NetworkInterfaceOwnerId, Equals, "053230519467") c.Assert(r0ii.NetworkInterfaceId, Equals, "eni-ef229886") c.Assert(r0ii.PrivateIpAddress, Equals, "10.0.0.228") }
func (s *S) TestDescribeSnapshotsExample(c *C) { testServer.Response(200, nil, DescribeSnapshotsExample) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.Snapshots([]string{"snap-1", "snap-2"}, filter) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeSnapshots"}) c.Assert(req.Form["SnapshotId.1"], DeepEquals, []string{"snap-1"}) c.Assert(req.Form["SnapshotId.2"], DeepEquals, []string{"snap-2"}) c.Assert(req.Form["Filter.1.Name"], DeepEquals, []string{"key1"}) c.Assert(req.Form["Filter.1.Value.1"], DeepEquals, []string{"value1"}) c.Assert(req.Form["Filter.1.Value.2"], IsNil) c.Assert(req.Form["Filter.2.Name"], DeepEquals, []string{"key2"}) c.Assert(req.Form["Filter.2.Value.1"], DeepEquals, []string{"value2"}) c.Assert(req.Form["Filter.2.Value.2"], DeepEquals, []string{"value3"}) c.Assert(err, IsNil) c.Assert(resp.RequestId, Equals, "59dbff89-35bd-4eac-99ed-be587EXAMPLE") c.Assert(resp.Snapshots, HasLen, 1) s0 := resp.Snapshots[0] c.Assert(s0.Id, Equals, "snap-1a2b3c4d") c.Assert(s0.VolumeId, Equals, "vol-8875daef") c.Assert(s0.VolumeSize, Equals, "15") c.Assert(s0.Status, Equals, "pending") c.Assert(s0.StartTime, Equals, "2010-07-29T04:12:01.000Z") c.Assert(s0.Progress, Equals, "30%") c.Assert(s0.OwnerId, Equals, "111122223333") c.Assert(s0.Description, Equals, "Daily Backup") c.Assert(s0.Tags, HasLen, 1) c.Assert(s0.Tags[0].Key, Equals, "Purpose") c.Assert(s0.Tags[0].Value, Equals, "demo_db_14_backup") }
func (s *S) TestDescribeAddressesAllocationIDExample(c *C) { testServer.Response(200, nil, DescribeAddressesAllocationIdExample) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.DescribeAddresses([]string{}, []string{"eipalloc-08229861", "eipalloc-08364752"}, nil) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeAddresses"}) c.Assert(req.Form["AllocationId.1"], DeepEquals, []string{"eipalloc-08229861"}) c.Assert(req.Form["AllocationId.2"], DeepEquals, []string{"eipalloc-08364752"}) c.Assert(err, IsNil) c.Assert(resp.RequestId, Equals, "59dbff89-35bd-4eac-99ed-be587EXAMPLE") c.Assert(resp.Addresses, HasLen, 2) r0 := resp.Addresses[0] c.Assert(r0.PublicIp, Equals, "203.0.113.41") c.Assert(r0.AllocationId, Equals, "eipalloc-08229861") c.Assert(r0.Domain, Equals, "vpc") c.Assert(r0.InstanceId, Equals, "i-64600030") c.Assert(r0.AssociationId, Equals, "eipassoc-f0229899") c.Assert(r0.NetworkInterfaceId, Equals, "eni-ef229886") c.Assert(r0.NetworkInterfaceOwnerId, Equals, "053230519467") c.Assert(r0.PrivateIpAddress, Equals, "10.0.0.228") r1 := resp.Addresses[1] c.Assert(r1.PublicIp, Equals, "146.54.2.230") c.Assert(r1.AllocationId, Equals, "eipalloc-08364752") c.Assert(r1.Domain, Equals, "vpc") c.Assert(r1.InstanceId, Equals, "i-64693456") c.Assert(r1.AssociationId, Equals, "eipassoc-f0348693") c.Assert(r1.NetworkInterfaceId, Equals, "eni-da764039") c.Assert(r1.NetworkInterfaceOwnerId, Equals, "053230519467") c.Assert(r1.PrivateIpAddress, Equals, "10.0.0.102") }
func (s *S) TestDescribeInstancesExample2(c *C) { testServer.Response(200, nil, DescribeInstancesExample2) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.DescribeInstances([]string{"i-1", "i-2"}, filter) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeInstances"}) c.Assert(req.Form["InstanceId.1"], DeepEquals, []string{"i-1"}) c.Assert(req.Form["InstanceId.2"], DeepEquals, []string{"i-2"}) c.Assert(req.Form["Filter.1.Name"], DeepEquals, []string{"key1"}) c.Assert(req.Form["Filter.1.Value.1"], DeepEquals, []string{"value1"}) c.Assert(req.Form["Filter.1.Value.2"], IsNil) c.Assert(req.Form["Filter.2.Name"], DeepEquals, []string{"key2"}) c.Assert(req.Form["Filter.2.Value.1"], DeepEquals, []string{"value2"}) c.Assert(req.Form["Filter.2.Value.2"], DeepEquals, []string{"value3"}) c.Assert(err, IsNil) c.Assert(resp.RequestId, Equals, "59dbff89-35bd-4eac-99ed-be587EXAMPLE") c.Assert(resp.Reservations, HasLen, 1) r0 := resp.Reservations[0] r0i := r0.Instances[0] c.Assert(r0i.State.Code, Equals, 16) c.Assert(r0i.State.Name, Equals, "running") r0t0 := r0i.Tags[0] r0t1 := r0i.Tags[1] c.Assert(r0t0.Key, Equals, "webserver") c.Assert(r0t0.Value, Equals, "") c.Assert(r0t1.Key, Equals, "stack") c.Assert(r0t1.Value, Equals, "Production") }
func (s *ServerTests) TestIPPerms(c *gocheck.C) { g0 := s.makeTestGroup(c, "goamz-test0", "ec2test group 0") defer s.ec2.DeleteSecurityGroup(g0) g1 := s.makeTestGroup(c, "goamz-test1", "ec2test group 1") defer s.ec2.DeleteSecurityGroup(g1) resp, err := s.ec2.SecurityGroups([]ec2.SecurityGroup{g0, g1}, nil) c.Assert(err, gocheck.IsNil) c.Assert(resp.Groups, gocheck.HasLen, 2) c.Assert(resp.Groups[0].IPPerms, gocheck.HasLen, 0) c.Assert(resp.Groups[1].IPPerms, gocheck.HasLen, 0) ownerId := resp.Groups[0].OwnerId // test some invalid parameters // TODO more _, err = s.ec2.AuthorizeSecurityGroup(g0, []ec2.IPPerm{{ Protocol: "tcp", FromPort: 0, ToPort: 1024, SourceIPs: []string{"z127.0.0.1/24"}, }}) c.Assert(err, gocheck.NotNil) c.Check(err.(*ec2.Error).Code, gocheck.Equals, "InvalidPermission.Malformed") // Check that AuthorizeSecurityGroup adds the correct authorizations. _, err = s.ec2.AuthorizeSecurityGroup(g0, []ec2.IPPerm{{ Protocol: "tcp", FromPort: 2000, ToPort: 2001, SourceIPs: []string{"127.0.0.0/24"}, SourceGroups: []ec2.UserSecurityGroup{{ Name: g1.Name, }, { Id: g0.Id, }}, }, { Protocol: "tcp", FromPort: 2000, ToPort: 2001, SourceIPs: []string{"200.1.1.34/32"}, }}) c.Assert(err, gocheck.IsNil) resp, err = s.ec2.SecurityGroups([]ec2.SecurityGroup{g0}, nil) c.Assert(err, gocheck.IsNil) c.Assert(resp.Groups, gocheck.HasLen, 1) c.Assert(resp.Groups[0].IPPerms, gocheck.HasLen, 1) perm := resp.Groups[0].IPPerms[0] srcg := perm.SourceGroups c.Assert(srcg, gocheck.HasLen, 2) // Normalize so we don't care about returned order. if srcg[0].Name == g1.Name { srcg[0], srcg[1] = srcg[1], srcg[0] } c.Check(srcg[0].Name, gocheck.Equals, g0.Name) c.Check(srcg[0].Id, gocheck.Equals, g0.Id) c.Check(srcg[0].OwnerId, gocheck.Equals, ownerId) c.Check(srcg[1].Name, gocheck.Equals, g1.Name) c.Check(srcg[1].Id, gocheck.Equals, g1.Id) c.Check(srcg[1].OwnerId, gocheck.Equals, ownerId) sort.Strings(perm.SourceIPs) c.Check(perm.SourceIPs, gocheck.DeepEquals, []string{"127.0.0.0/24", "200.1.1.34/32"}) // Check that we can't delete g1 (because g0 is using it) _, err = s.ec2.DeleteSecurityGroup(g1) c.Assert(err, gocheck.NotNil) c.Check(err.(*ec2.Error).Code, gocheck.Equals, "InvalidGroup.InUse") _, err = s.ec2.RevokeSecurityGroup(g0, []ec2.IPPerm{{ Protocol: "tcp", FromPort: 2000, ToPort: 2001, SourceGroups: []ec2.UserSecurityGroup{{Id: g1.Id}}, }, { Protocol: "tcp", FromPort: 2000, ToPort: 2001, SourceIPs: []string{"200.1.1.34/32"}, }}) c.Assert(err, gocheck.IsNil) resp, err = s.ec2.SecurityGroups([]ec2.SecurityGroup{g0}, nil) c.Assert(err, gocheck.IsNil) c.Assert(resp.Groups, gocheck.HasLen, 1) c.Assert(resp.Groups[0].IPPerms, gocheck.HasLen, 1) perm = resp.Groups[0].IPPerms[0] srcg = perm.SourceGroups c.Assert(srcg, gocheck.HasLen, 1) c.Check(srcg[0].Name, gocheck.Equals, g0.Name) c.Check(srcg[0].Id, gocheck.Equals, g0.Id) c.Check(srcg[0].OwnerId, gocheck.Equals, ownerId) c.Check(perm.SourceIPs, gocheck.DeepEquals, []string{"127.0.0.0/24"}) // We should be able to delete g1 now because we've removed its only use. _, err = s.ec2.DeleteSecurityGroup(g1) c.Assert(err, gocheck.IsNil) _, err = s.ec2.DeleteSecurityGroup(g0) c.Assert(err, gocheck.IsNil) f := ec2.NewFilter() f.Add("group-id", g0.Id, g1.Id) resp, err = s.ec2.SecurityGroups(nil, f) c.Assert(err, gocheck.IsNil) c.Assert(resp.Groups, gocheck.HasLen, 0) }
func (s *S) TestDescribeImagesExample(c *C) { testServer.Response(200, nil, DescribeImagesExample) filter := ec2.NewFilter() filter.Add("key1", "value1") filter.Add("key2", "value2", "value3") resp, err := s.ec2.Images([]string{"ami-1", "ami-2"}, filter) req := testServer.WaitRequest() c.Assert(req.Form["Action"], DeepEquals, []string{"DescribeImages"}) c.Assert(req.Form["ImageId.1"], DeepEquals, []string{"ami-1"}) c.Assert(req.Form["ImageId.2"], DeepEquals, []string{"ami-2"}) c.Assert(req.Form["Filter.1.Name"], DeepEquals, []string{"key1"}) c.Assert(req.Form["Filter.1.Value.1"], DeepEquals, []string{"value1"}) c.Assert(req.Form["Filter.1.Value.2"], IsNil) c.Assert(req.Form["Filter.2.Name"], DeepEquals, []string{"key2"}) c.Assert(req.Form["Filter.2.Value.1"], DeepEquals, []string{"value2"}) c.Assert(req.Form["Filter.2.Value.2"], DeepEquals, []string{"value3"}) c.Assert(err, IsNil) c.Assert(resp.RequestId, Equals, "4a4a27a2-2e7c-475d-b35b-ca822EXAMPLE") c.Assert(resp.Images, HasLen, 1) i0 := resp.Images[0] c.Assert(i0.Id, Equals, "ami-a2469acf") c.Assert(i0.Type, Equals, "machine") c.Assert(i0.Name, Equals, "example-marketplace-amzn-ami.1") c.Assert(i0.Description, Equals, "Amazon Linux AMI i386 EBS") c.Assert(i0.Location, Equals, "aws-marketplace/example-marketplace-amzn-ami.1") c.Assert(i0.State, Equals, "available") c.Assert(i0.Public, Equals, true) c.Assert(i0.OwnerId, Equals, "123456789999") c.Assert(i0.OwnerAlias, Equals, "aws-marketplace") c.Assert(i0.Architecture, Equals, "i386") c.Assert(i0.KernelId, Equals, "aki-805ea7e9") c.Assert(i0.RootDeviceType, Equals, "ebs") c.Assert(i0.RootDeviceName, Equals, "/dev/sda1") c.Assert(i0.VirtualizationType, Equals, "paravirtual") c.Assert(i0.Hypervisor, Equals, "xen") c.Assert(i0.Tags, HasLen, 1) c.Assert(i0.Tags[0].Key, Equals, "Purpose") c.Assert(i0.Tags[0].Value, Equals, "EXAMPLE") c.Assert(i0.BlockDevices, HasLen, 1) c.Assert(i0.BlockDevices[0].DeviceName, Equals, "/dev/sda1") c.Assert(i0.BlockDevices[0].SnapshotId, Equals, "snap-787e9403") c.Assert(i0.BlockDevices[0].VolumeSize, Equals, int64(8)) c.Assert(i0.BlockDevices[0].DeleteOnTermination, Equals, true) testServer.Response(200, nil, DescribeImagesExample) resp2, err := s.ec2.ImagesByOwners([]string{"ami-1", "ami-2"}, []string{"123456789999", "id2"}, filter) req2 := testServer.WaitRequest() c.Assert(req2.Form["Action"], DeepEquals, []string{"DescribeImages"}) c.Assert(req2.Form["ImageId.1"], DeepEquals, []string{"ami-1"}) c.Assert(req2.Form["ImageId.2"], DeepEquals, []string{"ami-2"}) c.Assert(req2.Form["Owner.1"], DeepEquals, []string{"123456789999"}) c.Assert(req2.Form["Owner.2"], DeepEquals, []string{"id2"}) c.Assert(req2.Form["Filter.1.Name"], DeepEquals, []string{"key1"}) c.Assert(req2.Form["Filter.1.Value.1"], DeepEquals, []string{"value1"}) c.Assert(req2.Form["Filter.1.Value.2"], IsNil) c.Assert(req2.Form["Filter.2.Name"], DeepEquals, []string{"key2"}) c.Assert(req2.Form["Filter.2.Value.1"], DeepEquals, []string{"value2"}) c.Assert(req2.Form["Filter.2.Value.2"], DeepEquals, []string{"value3"}) c.Assert(err, IsNil) c.Assert(resp2.RequestId, Equals, "4a4a27a2-2e7c-475d-b35b-ca822EXAMPLE") c.Assert(resp2.Images, HasLen, 1) i1 := resp2.Images[0] c.Assert(i1.Id, Equals, "ami-a2469acf") c.Assert(i1.Type, Equals, "machine") c.Assert(i1.Name, Equals, "example-marketplace-amzn-ami.1") c.Assert(i1.Description, Equals, "Amazon Linux AMI i386 EBS") c.Assert(i1.Location, Equals, "aws-marketplace/example-marketplace-amzn-ami.1") c.Assert(i1.State, Equals, "available") c.Assert(i1.Public, Equals, true) c.Assert(i1.OwnerId, Equals, "123456789999") c.Assert(i1.OwnerAlias, Equals, "aws-marketplace") c.Assert(i1.Architecture, Equals, "i386") c.Assert(i1.KernelId, Equals, "aki-805ea7e9") c.Assert(i1.RootDeviceType, Equals, "ebs") c.Assert(i1.RootDeviceName, Equals, "/dev/sda1") c.Assert(i1.VirtualizationType, Equals, "paravirtual") c.Assert(i1.Hypervisor, Equals, "xen") c.Assert(i1.BlockDevices, HasLen, 1) c.Assert(i1.BlockDevices[0].DeviceName, Equals, "/dev/sda1") c.Assert(i1.BlockDevices[0].SnapshotId, Equals, "snap-787e9403") c.Assert(i1.BlockDevices[0].VolumeSize, Equals, int64(8)) c.Assert(i1.BlockDevices[0].DeleteOnTermination, Equals, true) }
func (s *ServerTests) TestInstanceFiltering(c *gocheck.C) { groupResp, err := s.ec2.CreateSecurityGroup(ec2.SecurityGroup{Name: sessionName("testgroup1"), Description: "testgroup one description"}) c.Assert(err, gocheck.IsNil) group1 := groupResp.SecurityGroup defer s.ec2.DeleteSecurityGroup(group1) groupResp, err = s.ec2.CreateSecurityGroup(ec2.SecurityGroup{Name: sessionName("testgroup2"), Description: "testgroup two description"}) c.Assert(err, gocheck.IsNil) group2 := groupResp.SecurityGroup defer s.ec2.DeleteSecurityGroup(group2) insts := make([]*ec2.Instance, 3) inst, err := s.ec2.RunInstances(&ec2.RunInstancesOptions{ MinCount: 2, ImageId: imageId, InstanceType: "t1.micro", SecurityGroups: []ec2.SecurityGroup{group1}, }) c.Assert(err, gocheck.IsNil) insts[0] = &inst.Instances[0] insts[1] = &inst.Instances[1] defer terminateInstances(c, s.ec2, insts) imageId2 := "ami-e358958a" // Natty server, i386, EBS store inst, err = s.ec2.RunInstances(&ec2.RunInstancesOptions{ ImageId: imageId2, InstanceType: "t1.micro", SecurityGroups: []ec2.SecurityGroup{group2}, }) c.Assert(err, gocheck.IsNil) insts[2] = &inst.Instances[0] ids := func(indices ...int) (instIds []string) { for _, index := range indices { instIds = append(instIds, insts[index].InstanceId) } return } tests := []struct { about string instanceIds []string // instanceIds argument to Instances method. filters []filterSpec // filters argument to Instances method. resultIds []string // set of instance ids of expected results. allowExtra bool // resultIds may be incomplete. err string // expected error. }{ { about: "check that Instances returns all instances", resultIds: ids(0, 1, 2), allowExtra: true, }, { about: "check that specifying two instance ids returns them", instanceIds: ids(0, 2), resultIds: ids(0, 2), }, { about: "check that specifying a non-existent instance id gives an error", instanceIds: append(ids(0), "i-deadbeef"), err: `.*\(InvalidInstanceID\.NotFound\)`, }, { about: "check that a filter allowed both instances returns both of them", filters: []filterSpec{ {"instance-id", ids(0, 2)}, }, resultIds: ids(0, 2), }, { about: "check that a filter allowing only one instance returns it", filters: []filterSpec{ {"instance-id", ids(1)}, }, resultIds: ids(1), }, { about: "check that a filter allowing no instances returns none", filters: []filterSpec{ {"instance-id", []string{"i-deadbeef12345"}}, }, }, { about: "check that filtering on group id works", filters: []filterSpec{ {"group-id", []string{group1.Id}}, }, resultIds: ids(0, 1), }, { about: "check that filtering on group name works", filters: []filterSpec{ {"group-name", []string{group1.Name}}, }, resultIds: ids(0, 1), }, { about: "check that filtering on image id works", filters: []filterSpec{ {"image-id", []string{imageId}}, }, resultIds: ids(0, 1), allowExtra: true, }, { about: "combination filters 1", filters: []filterSpec{ {"image-id", []string{imageId, imageId2}}, {"group-name", []string{group1.Name}}, }, resultIds: ids(0, 1), }, { about: "combination filters 2", filters: []filterSpec{ {"image-id", []string{imageId2}}, {"group-name", []string{group1.Name}}, }, }, } for i, t := range tests { c.Logf("%d. %s", i, t.about) var f *ec2.Filter if t.filters != nil { f = ec2.NewFilter() for _, spec := range t.filters { f.Add(spec.name, spec.values...) } } resp, err := s.ec2.DescribeInstances(t.instanceIds, f) if t.err != "" { c.Check(err, gocheck.ErrorMatches, t.err) continue } c.Assert(err, gocheck.IsNil) insts := make(map[string]*ec2.Instance) for _, r := range resp.Reservations { for j := range r.Instances { inst := &r.Instances[j] c.Check(insts[inst.InstanceId], gocheck.IsNil, gocheck.Commentf("duplicate instance id: %q", inst.InstanceId)) insts[inst.InstanceId] = inst } } if !t.allowExtra { c.Check(insts, gocheck.HasLen, len(t.resultIds), gocheck.Commentf("expected %d instances got %#v", len(t.resultIds), insts)) } for j, id := range t.resultIds { c.Check(insts[id], gocheck.NotNil, gocheck.Commentf("instance id %d (%q) not found; got %#v", j, id, insts)) } } }
// Periodically populate the host-inventory: func Updater(config *types.Config) { log.Infof("[hostInventoryUpdater] Started") updateFrequency := 5 // Run forever: for { // Sleep until the next run: log.Debugf("[hostInventoryUpdater] Sleeping for %vs ...", updateFrequency) time.Sleep(time.Duration(updateFrequency) * time.Second) // Authenticate with AWS: awsAuth, err := aws.GetAuth("", "", "", time.Now()) if err != nil { log.Errorf("[hostInventoryUpdater] Unable to authenticate to AWS! (%s)", err) continue } else { log.Debugf("[hostInventoryUpdater] Authenticated to AWS") } // Make a new EC2 connection: log.Debugf("[hostInventoryUpdater] Connecting to EC2 ...") ec2Connection := ec2.New(awsAuth, aws.Regions[config.AWSRegion]) // Prepare a filter: filter := ec2.NewFilter() filter.Add("instance-state-name", "running") // Make a "DescribeInstances" call (lists ALL instances in your account): describeInstancesResponse, err := ec2Connection.DescribeInstances([]string{}, filter) if err != nil { log.Errorf("[hostInventoryUpdater] Failed to make describe-instances call: %v", err) } else { log.Debugf("[hostInventoryUpdater] Found %v instances running in your account", len(describeInstancesResponse.Reservations)) // Lock the host-list (so we don't change it while another goroutine is using it): log.Tracef("[hostInventoryUpdater] Trying to lock config.HostInventoryMutex ...") config.HostInventoryMutex.Lock() log.Tracef("[hostInventoryUpdater] Locked config.HostInventoryMutex") // Clear out the existing host-inventory: config.HostInventory = types.HostInventory{ Environments: make(map[string]types.Environment), } // Re-populate it from the describe instances response: for _, reservation := range describeInstancesResponse.Reservations { // Search for our role and environment tags: var role, environment string for _, tag := range reservation.Instances[0].Tags { if tag.Key == config.RoleTag { role = tag.Value } if tag.Key == config.EnvironmentTag { environment = tag.Value } } // Make sure we have environment and role tags: if environment == "" || role == "" { log.Debugf("[hostInventoryUpdater] Instance (%v) must have both 'environment' and 'role' metadata in order for DNS records to be creted!", reservation.Instances[0].InstanceId) // Continue with the next instance: continue } else { log.Infof("[hostInventoryUpdater] Building records for instance (%v) in zone (%v) ...", reservation.Instances[0].InstanceId, reservation.Instances[0].AvailabilityZone) } // Add a new environment to the inventory (unless we already have it): if _, ok := config.HostInventory.Environments[environment]; !ok { config.HostInventory.Environments[environment] = types.Environment{ DNSRecords: make(map[string][]string), } } // Either create or add to the role-per-zone record: internalZoneRecord := fmt.Sprintf("%v.%v.i.%v.%v", role, reservation.Instances[0].AvailabilityZone, environment, config.DNSDomainName) if _, ok := config.HostInventory.Environments[environment].DNSRecords[internalZoneRecord]; !ok { config.HostInventory.Environments[environment].DNSRecords[internalZoneRecord] = []string{reservation.Instances[0].PrivateIPAddress} } else { config.HostInventory.Environments[environment].DNSRecords[internalZoneRecord] = append(config.HostInventory.Environments[environment].DNSRecords[internalZoneRecord], reservation.Instances[0].PrivateIPAddress) } // Either create or add to the role-per-region record: internalRegionRecord := fmt.Sprintf("%v.%v.i.%v.%v", role, config.AWSRegion, environment, config.DNSDomainName) if _, ok := config.HostInventory.Environments[environment].DNSRecords[internalRegionRecord]; !ok { config.HostInventory.Environments[environment].DNSRecords[internalRegionRecord] = []string{reservation.Instances[0].PrivateIPAddress} } else { config.HostInventory.Environments[environment].DNSRecords[internalRegionRecord] = append(config.HostInventory.Environments[environment].DNSRecords[internalRegionRecord], reservation.Instances[0].PrivateIPAddress) } // Either create or add to the external record: if reservation.Instances[0].IPAddress != "" { externalRecord := fmt.Sprintf("%v.%v.e.%v.%v", role, config.AWSRegion, environment, config.DNSDomainName) if _, ok := config.HostInventory.Environments[environment].DNSRecords[externalRecord]; !ok { config.HostInventory.Environments[environment].DNSRecords[externalRecord] = []string{reservation.Instances[0].IPAddress} } else { config.HostInventory.Environments[environment].DNSRecords[externalRecord] = append(config.HostInventory.Environments[environment].DNSRecords[externalRecord], reservation.Instances[0].IPAddress) } } } } // Unlock the host-inventory: log.Tracef("[hostInventoryUpdater] Unlocking config.HostInventoryMutex ...") config.HostInventoryMutex.Unlock() // Now set the sleep time to the correct value: updateFrequency = config.HostUpdateFrequency } }
func (s *ServerTests) TestGroupFiltering(c *gocheck.C) { g := make([]ec2.SecurityGroup, 4) for i := range g { resp, err := s.ec2.CreateSecurityGroup(ec2.SecurityGroup{Name: sessionName(fmt.Sprintf("testgroup%d", i)), Description: fmt.Sprintf("testdescription%d", i)}) c.Assert(err, gocheck.IsNil) g[i] = resp.SecurityGroup c.Logf("group %d: %v", i, g[i]) defer s.ec2.DeleteSecurityGroup(g[i]) } perms := [][]ec2.IPPerm{ {{ Protocol: "tcp", FromPort: 100, ToPort: 200, SourceIPs: []string{"1.2.3.4/32"}, }}, {{ Protocol: "tcp", FromPort: 200, ToPort: 300, SourceGroups: []ec2.UserSecurityGroup{{Id: g[1].Id}}, }}, {{ Protocol: "udp", FromPort: 200, ToPort: 400, SourceGroups: []ec2.UserSecurityGroup{{Id: g[1].Id}}, }}, } for i, ps := range perms { _, err := s.ec2.AuthorizeSecurityGroup(g[i], ps) c.Assert(err, gocheck.IsNil) } groups := func(indices ...int) (gs []ec2.SecurityGroup) { for _, index := range indices { gs = append(gs, g[index]) } return } type groupTest struct { about string groups []ec2.SecurityGroup // groupIds argument to SecurityGroups method. filters []filterSpec // filters argument to SecurityGroups method. results []ec2.SecurityGroup // set of expected result groups. allowExtra bool // specified results may be incomplete. err string // expected error. } filterCheck := func(name, val string, gs []ec2.SecurityGroup) groupTest { return groupTest{ about: "filter check " + name, filters: []filterSpec{{name, []string{val}}}, results: gs, allowExtra: true, } } tests := []groupTest{ { about: "check that SecurityGroups returns all groups", results: groups(0, 1, 2, 3), allowExtra: true, }, { about: "check that specifying two group ids returns them", groups: idsOnly(groups(0, 2)), results: groups(0, 2), }, { about: "check that specifying names only works", groups: namesOnly(groups(0, 2)), results: groups(0, 2), }, { about: "check that specifying a non-existent group id gives an error", groups: append(groups(0), ec2.SecurityGroup{Id: "sg-eeeeeeeee"}), err: `.*\(InvalidGroup\.NotFound\)`, }, { about: "check that a filter allowed two groups returns both of them", filters: []filterSpec{ {"group-id", []string{g[0].Id, g[2].Id}}, }, results: groups(0, 2), }, { about: "check that the previous filter works when specifying a list of ids", groups: groups(1, 2), filters: []filterSpec{ {"group-id", []string{g[0].Id, g[2].Id}}, }, results: groups(2), }, { about: "check that a filter allowing no groups returns none", filters: []filterSpec{ {"group-id", []string{"sg-eeeeeeeee"}}, }, }, filterCheck("description", "testdescription1", groups(1)), filterCheck("group-name", g[2].Name, groups(2)), filterCheck("ip-permission.cidr", "1.2.3.4/32", groups(0)), filterCheck("ip-permission.group-name", g[1].Name, groups(1, 2)), filterCheck("ip-permission.protocol", "udp", groups(2)), filterCheck("ip-permission.from-port", "200", groups(1, 2)), filterCheck("ip-permission.to-port", "200", groups(0)), // TODO owner-id } for i, t := range tests { c.Logf("%d. %s", i, t.about) var f *ec2.Filter if t.filters != nil { f = ec2.NewFilter() for _, spec := range t.filters { f.Add(spec.name, spec.values...) } } resp, err := s.ec2.SecurityGroups(t.groups, f) if t.err != "" { c.Check(err, gocheck.ErrorMatches, t.err) continue } c.Assert(err, gocheck.IsNil) groups := make(map[string]*ec2.SecurityGroup) for j := range resp.Groups { group := &resp.Groups[j].SecurityGroup c.Check(groups[group.Id], gocheck.IsNil, gocheck.Commentf("duplicate group id: %q", group.Id)) groups[group.Id] = group } // If extra groups may be returned, eliminate all groups that // we did not create in this session apart from the default group. if t.allowExtra { namePat := regexp.MustCompile(sessionName("testgroup[0-9]")) for id, g := range groups { if !namePat.MatchString(g.Name) { delete(groups, id) } } } c.Check(groups, gocheck.HasLen, len(t.results)) for j, g := range t.results { rg := groups[g.Id] c.Assert(rg, gocheck.NotNil, gocheck.Commentf("group %d (%v) not found; got %#v", j, g, groups)) c.Check(rg.Name, gocheck.Equals, g.Name, gocheck.Commentf("group %d (%v)", j, g)) } } }