mirror of
https://github.com/valitydev/salt.git
synced 2024-11-07 17:09:03 +00:00
Merge pull request #31547 from kraney/boto_lambda
boto_lambda: Add support for VPC access
This commit is contained in:
Nicole Thomas
commit
3cd31b0917
@ -116,7 +116,7 @@ def __virtual__():
|
||||
a given version.
|
||||
'''
|
||||
required_boto_version = '2.8.0'
|
||||
required_boto3_version = '1.2.1'
|
||||
required_boto3_version = '1.2.5'
|
||||
# the boto_lambda execution module relies on the connect_to_region() method
|
||||
# which was added in boto 2.8.0
|
||||
# https://github.com/boto/boto/commit/33ac26b416fbb48a60602542b4ce15dcc7029f12
|
||||
@ -201,7 +201,7 @@ def create_function(FunctionName, Runtime, Role, Handler, ZipFile=None,
|
||||
S3Bucket=None, S3Key=None, S3ObjectVersion=None,
|
||||
Description="", Timeout=3, MemorySize=128, Publish=False,
|
||||
WaitForRole=False, RoleRetries=5,
|
||||
region=None, key=None, keyid=None, profile=None):
|
||||
region=None, key=None, keyid=None, profile=None, VpcConfig=None):
|
||||
'''
|
||||
Given a valid config, create a function.
|
||||
|
||||
@ -236,6 +236,9 @@ def create_function(FunctionName, Runtime, Role, Handler, ZipFile=None,
|
||||
}
|
||||
if S3ObjectVersion:
|
||||
code['S3ObjectVersion'] = S3ObjectVersion
|
||||
kwargs = {}
|
||||
if VpcConfig is not None:
|
||||
kwargs['VpcConfig'] = VpcConfig
|
||||
if WaitForRole:
|
||||
retrycount = RoleRetries
|
||||
else:
|
||||
@ -244,7 +247,7 @@ def create_function(FunctionName, Runtime, Role, Handler, ZipFile=None,
|
||||
try:
|
||||
func = conn.create_function(FunctionName=FunctionName, Runtime=Runtime, Role=role_arn, Handler=Handler,
|
||||
Code=code, Description=Description, Timeout=Timeout, MemorySize=MemorySize,
|
||||
Publish=Publish)
|
||||
Publish=Publish, **kwargs)
|
||||
except ClientError as e:
|
||||
if retry > 1 and e.response.get('Error', {}).get('Code') == 'InvalidParameterValueException':
|
||||
log.info('Function not created but IAM role may not have propagated, will retry')
|
||||
@ -313,7 +316,7 @@ def describe_function(FunctionName, region=None, key=None,
|
||||
if func:
|
||||
keys = ('FunctionName', 'Runtime', 'Role', 'Handler', 'CodeSha256',
|
||||
'CodeSize', 'Description', 'Timeout', 'MemorySize', 'FunctionArn',
|
||||
'LastModified')
|
||||
'LastModified', 'VpcConfig')
|
||||
return {'function': dict([(k, func.get(k)) for k in keys])}
|
||||
else:
|
||||
return {'function': None}
|
||||
@ -323,7 +326,7 @@ def describe_function(FunctionName, region=None, key=None,
|
||||
|
||||
def update_function_config(FunctionName, Role=None, Handler=None,
|
||||
Description=None, Timeout=None, MemorySize=None,
|
||||
region=None, key=None, keyid=None, profile=None):
|
||||
region=None, key=None, keyid=None, profile=None, VpcConfig=None):
|
||||
'''
|
||||
Update the named lambda function to the configuration.
|
||||
|
||||
@ -344,6 +347,7 @@ def update_function_config(FunctionName, Role=None, Handler=None,
|
||||
'Description': Description,
|
||||
'Timeout': Timeout,
|
||||
'MemorySize': MemorySize,
|
||||
'VpcConfig': VpcConfig,
|
||||
}.iteritems():
|
||||
if var:
|
||||
args[val] = var
|
||||
@ -356,7 +360,7 @@ def update_function_config(FunctionName, Role=None, Handler=None,
|
||||
if r:
|
||||
keys = ('FunctionName', 'Runtime', 'Role', 'Handler', 'CodeSha256',
|
||||
'CodeSize', 'Description', 'Timeout', 'MemorySize', 'FunctionArn',
|
||||
'LastModified')
|
||||
'LastModified', 'VpcConfig')
|
||||
return {'updated': True, 'function': dict([(k, r.get(k)) for k in keys])}
|
||||
else:
|
||||
log.warning('Function was not updated')
|
||||
@ -406,7 +410,7 @@ def update_function_code(FunctionName, ZipFile=None, S3Bucket=None, S3Key=None,
|
||||
if r:
|
||||
keys = ('FunctionName', 'Runtime', 'Role', 'Handler', 'CodeSha256',
|
||||
'CodeSize', 'Description', 'Timeout', 'MemorySize', 'FunctionArn',
|
||||
'LastModified')
|
||||
'LastModified', 'VpcConfig')
|
||||
return {'updated': True, 'function': dict([(k, r.get(k)) for k in keys])}
|
||||
else:
|
||||
log.warning('Function was not updated')
|
||||
|
||||
@ -84,7 +84,7 @@ def function_present(name, FunctionName, Runtime, Role, Handler, ZipFile=None, S
|
||||
S3Key=None, S3ObjectVersion=None,
|
||||
Description='', Timeout=3, MemorySize=128,
|
||||
Permissions=None, RoleRetries=5,
|
||||
region=None, key=None, keyid=None, profile=None):
|
||||
region=None, key=None, keyid=None, profile=None, VpcConfig=None):
|
||||
'''
|
||||
Ensure function exists.
|
||||
|
||||
@ -141,6 +141,14 @@ def function_present(name, FunctionName, Runtime, Role, Handler, ZipFile=None, S
|
||||
to an image processing function. The default value is 128 MB. The value must be a multiple of
|
||||
64 MB.
|
||||
|
||||
VpcConfig
|
||||
If your Lambda function accesses resources in a VPC, you provide this
|
||||
parameter identifying the list of security group IDs and subnet IDs.
|
||||
These must belong to the same VPC. You must provide at least one
|
||||
security group and one subnet ID.
|
||||
|
||||
.. versionadded:: Carbon
|
||||
|
||||
Permissions
|
||||
A list of permission definitions to be added to the function's policy
|
||||
|
||||
@ -203,6 +211,7 @@ def function_present(name, FunctionName, Runtime, Role, Handler, ZipFile=None, S
|
||||
S3ObjectVersion=S3ObjectVersion,
|
||||
Description=Description,
|
||||
Timeout=Timeout, MemorySize=MemorySize,
|
||||
VpcConfig=VpcConfig,
|
||||
WaitForRole=True,
|
||||
RoleRetries=RoleRetries,
|
||||
region=region, key=key,
|
||||
@ -234,7 +243,7 @@ def function_present(name, FunctionName, Runtime, Role, Handler, ZipFile=None, S
|
||||
ret['changes'] = {}
|
||||
# function exists, ensure config matches
|
||||
_ret = _function_config_present(FunctionName, Role, Handler, Description, Timeout,
|
||||
MemorySize, region, key, keyid, profile)
|
||||
MemorySize, VpcConfig, region, key, keyid, profile)
|
||||
if not _ret.get('result'):
|
||||
ret['result'] = False
|
||||
ret['comment'] = _ret['comment']
|
||||
@ -274,7 +283,7 @@ def _get_role_arn(name, region=None, key=None, keyid=None, profile=None):
|
||||
|
||||
|
||||
def _function_config_present(FunctionName, Role, Handler, Description, Timeout,
|
||||
MemorySize, region, key, keyid, profile):
|
||||
MemorySize, VpcConfig, region, key, keyid, profile):
|
||||
ret = {'result': True, 'comment': '', 'changes': {}}
|
||||
func = __salt__['boto_lambda.describe_function'](FunctionName,
|
||||
region=region, key=key, keyid=keyid, profile=profile)['function']
|
||||
@ -291,6 +300,13 @@ def _function_config_present(FunctionName, Role, Handler, Description, Timeout,
|
||||
need_update = True
|
||||
ret['changes'].setdefault('new', {})[var] = locals()[var]
|
||||
ret['changes'].setdefault('old', {})[var] = func[val]
|
||||
# VpcConfig returns the extra value 'VpcId' so do a special compare
|
||||
oldval = func.get('VpcConfig', {})
|
||||
oldval.pop('VpcId', None)
|
||||
if oldval != VpcConfig:
|
||||
need_update = True
|
||||
ret['changes'].setdefault('new', {})['VpcConfig'] = VpcConfig
|
||||
ret['changes'].setdefault('old', {})['VpcConfig'] = func.get('VpcConfig')
|
||||
if need_update:
|
||||
ret['comment'] = os.linesep.join([ret['comment'], 'Function config to be modified'])
|
||||
if __opts__['test']:
|
||||
@ -301,6 +317,7 @@ def _function_config_present(FunctionName, Role, Handler, Description, Timeout,
|
||||
_r = __salt__['boto_lambda.update_function_config'](FunctionName=FunctionName,
|
||||
Role=Role, Handler=Handler, Description=Description,
|
||||
Timeout=Timeout, MemorySize=MemorySize,
|
||||
VpcConfig=VpcConfig,
|
||||
region=region, key=key,
|
||||
keyid=keyid, profile=profile)
|
||||
if not _r.get('updated'):
|
||||
|
||||
Loading…
Reference in New Issue
Block a user