Merge "aws: add support for attaching instance profiles"

This commit is contained in:
Zuul 2020-07-01 23:43:47 +00:00 committed by Gerrit Code Review
commit 369799dea6
5 changed files with 57 additions and 0 deletions

View File

@ -1715,6 +1715,8 @@ section of the configuration.
- name: debian9
cloud-image: debian9
instance-type: t3.medium
iam-instance-profile:
arn: arn:aws:iam::123456789012:instance-profile/s3-read-only
key-name: zuul
tags:
key1: value1
@ -1941,6 +1943,22 @@ section of the configuration.
Name of the flavor to use.
.. attr:: iam-instance-profile
:type: dict
Used to attach an iam instance profile.
Useful for giving access to services without needing any secrets.
.. attr:: name
Name of the instance profile.
Mutually exclusive with :attr:`providers.[aws].pools.labels.iam-instance-profile.arn`
.. attr:: arn
ARN identifier of the profile.
Mutually exclusive with :attr:`providers.[aws].pools.labels.iam-instance-profile.name`
.. attr:: key-name
:type: string
:required:

View File

@ -58,6 +58,7 @@ class ProviderLabel(ConfigValue):
self.volume_size = None
self.volume_type = None
self.userdata = None
self.iam_instance_profile = None
# The ProviderPool object that owns this label.
self.pool = None
self.tags = None
@ -74,6 +75,7 @@ class ProviderLabel(ConfigValue):
and other.volume_size == self.volume_size
and other.volume_type == self.volume_type
and other.userdata == self.userdata
and other.iam_instance_profile == self.iam_instance_profile
and other.tags == self.tags)
return False
@ -131,6 +133,7 @@ class ProviderPool(ConfigPool):
pl.volume_type = label.get('volume-type')
pl.volume_size = label.get('volume-size')
pl.userdata = label.get('userdata', None)
pl.iam_instance_profile = label.get('iam-instance-profile', None)
pl.tags = [
{
"Key": k,
@ -243,6 +246,10 @@ class AwsProviderConfig(ProviderConfig):
'volume-type': str,
'volume-size': int,
'userdata': str,
'iam-instance-profile': {
v.Exclusive('name', 'iam_instance_profile_id'): str,
v.Exclusive('arn', 'iam_instance_profile_id'): str
},
'tags': dict,
}

View File

@ -193,6 +193,16 @@ class AwsProvider(Provider):
if label.userdata:
args['UserData'] = label.userdata
if label.iam_instance_profile:
if 'name' in label.iam_instance_profile:
args['IamInstanceProfile'] = {
'Name': label.iam_instance_profile['name']
}
elif 'arn' in label.iam_instance_profile:
args['IamInstanceProfile'] = {
'Arn': label.iam_instance_profile['arn']
}
# Default block device mapping parameters are embedded in AMIs.
# We might need to supply our own mapping before lauching the instance.
# We basically want to make sure DeleteOnTermination is true and be

View File

@ -13,6 +13,8 @@ labels:
- name: ubuntu1404-non-host-key-checking
- name: ubuntu1404-private-ip
- name: ubuntu1404-userdata
- name: ubuntu1404-iam-instance-profile-name
- name: ubuntu1404-iam-instance-profile-arn
- name: ubuntu1404-with-tags
- name: ubuntu1404-with-name-tag
@ -93,6 +95,18 @@ providers:
instance-type: t3.medium
key-name: zuul
userdata: fake-user-data
- name: ubuntu1404-iam-instance-profile-name
cloud-image: ubuntu1404
instance-type: t3.medium
key-name: zuul
iam-instance-profile:
name: not-a-real-profile
- name: ubuntu1404-iam-instance-profile-arn
cloud-image: ubuntu1404
instance-type: t3.medium
key-name: zuul
iam-instance-profile:
arn: arn:aws:iam::123456789012:instance-profile/not-a-real-profile
- name: non-host-key-checking
max-servers: 1
subnet-id: null

View File

@ -221,6 +221,14 @@ class TestDriverAws(tests.DBTestCase):
self._test_ec2_machine('ubuntu1404-userdata',
userdata=True)
# Note(avass): moto does not yet support attaching an instance profile
# but these two at least tests to make sure that the instances 'starts'
def test_ec2_machine_iam_instance_profile_name(self):
self._test_ec2_machine('ubuntu1404-iam-instance-profile-name')
def test_ec2_machine_iam_instance_profile_arn(self):
self._test_ec2_machine('ubuntu1404-iam-instance-profile-arn')
def test_ec2_machine_private_ip(self):
self._test_ec2_machine('ubuntu1404-private-ip',
public_ip=False)