当前位置: 首页>>代码示例>>Python>>正文


Python troposphere.Sub方法代码示例

本文整理汇总了Python中troposphere.Sub方法的典型用法代码示例。如果您正苦于以下问题:Python troposphere.Sub方法的具体用法?Python troposphere.Sub怎么用?Python troposphere.Sub使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在troposphere的用法示例。


在下文中一共展示了troposphere.Sub方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: create_instance_profile

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def create_instance_profile(c, RoleName, model, named=False):
    cfn_name = scrub_name(RoleName + "InstanceProfile")

    kw_args = {
        "Path": "/",
        "Roles": [Ref(scrub_name(RoleName + "Role"))]
    }

    if named:
        kw_args["InstanceProfileName"] = RoleName

    if "retain_on_delete" in model:
        if model["retain_on_delete"] is True:
            kw_args["DeletionPolicy"] = "Retain"

    c.template[c.current_account].add_resource(InstanceProfile(
        cfn_name,
        **kw_args
    ))

    if c.config['global']['template_outputs'] == "enabled":
        c.template[c.current_account].add_output([
            Output(
                cfn_name + "Arn",
                Description="Instance profile for Role " + RoleName + " ARN",
                Value=Ref(cfn_name),
                Export=Export(Sub("${AWS::StackName}-" + cfn_name + "Arn"))
            )
        ]) 
开发者ID:awslabs,项目名称:aws-iam-generator,代码行数:31,代码来源:iam_template_build.py

示例2: add_role

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def add_role(c, RoleName, model, named=False):
    cfn_name = scrub_name(RoleName + "Role")
    kw_args = {
        "Path": "/",
        "AssumeRolePolicyDocument": build_role_trust(c, model['trusts']),
        "ManagedPolicyArns": [],
        "Policies": []
    }

    if named:
        kw_args["RoleName"] = RoleName

    if "managed_policies" in model:
        kw_args["ManagedPolicyArns"] = parse_managed_policies(
                                        c, model["managed_policies"], RoleName)

    if "max_role_duration" in model:
        kw_args['MaxSessionDuration'] = int(model["max_role_duration"])

    if "retain_on_delete" in model:
        if model["retain_on_delete"] is True:
            kw_args["DeletionPolicy"] = "Retain"

    c.template[c.current_account].add_resource(Role(
        cfn_name,
        **kw_args
    ))
    if c.config['global']['template_outputs'] == "enabled":
        c.template[c.current_account].add_output([
            Output(
                cfn_name + "Arn",
                Description="Role " + RoleName + " ARN",
                Value=GetAtt(cfn_name, "Arn"),
                Export=Export(Sub("${AWS::StackName}-" + cfn_name + "Arn"))
            )
        ]) 
开发者ID:awslabs,项目名称:aws-iam-generator,代码行数:38,代码来源:iam_template_build.py

示例3: as_ssm_parameter

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def as_ssm_parameter(self, command_name):
        """
        Return representation of key-value tag for command in a form of SSM ParameterStore parameter.
        :param command_name:
        :return:
        """
        return ssm.Parameter("{}{}Tag".format(command_name, self.name.title()),
                             Name=Sub('/owls/${{AWS::StackName}}/{}/{}'.format(command_name, self.name)),
                             Type=self.get_type(self.value),
                             Value=str(self.value)) 
开发者ID:awslabs,项目名称:aws-systems-manager-document-generator,代码行数:12,代码来源:tag.py

示例4: test_as_ssm_parameter

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def test_as_ssm_parameter():
    ttag = Tag('tname', 'tvalue')
    t_parameter = ttag.as_ssm_parameter('tcommand')

    assert t_parameter.title == 'tcommandTnameTag'
    assert t_parameter.Name.to_dict() == Sub('/owls/${AWS::StackName}/tcommand/tname').to_dict()
    assert t_parameter.Type == 'String'
    assert t_parameter.Value == 'tvalue' 
开发者ID:awslabs,项目名称:aws-systems-manager-document-generator,代码行数:10,代码来源:test_tag.py

示例5: __init__

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def __init__(self, config_file):
        # Read our YAML
        with open(config_file, 'r') as stream:
          self.config = yaml.load(stream, Loader=yaml.FullLoader)
        # We will use our current timestamp in UTC as our build version
        self.build_version = \
            datetime.datetime.utcnow().strftime("%Y-%m-%dZ%H:%M:%S")
        # To hold our Troposphere template objects
        self.template = {}
        # A list of our accounts by names and IDs.
        self.account_ids = []
        self.account_names = []
        # A hash of IDs to names to help in forward and reverse resolution.
        self.account_map_ids = {}
        self.account_map_names = {}
        # Our parent account.
        self.parent = ""
        # SAML Provider
        self.saml_provider = ""
        for account in self.config['accounts']:
            account_id = str(self.config['accounts'][account]['id'])
            # Append to our array of account IDS:
            self.account_ids.append(account_id)
            self.account_names.append(account)
            self.account_map_names[account_id] = account
            self.account_map_ids[account] = account_id
            self.template[account] = Template()
            self.template[account].add_version("2010-09-09")
            self.template[account].add_description(
                "Build " +
                self.build_version +
                " - IAM Users, Groups, Roles, and Policies for account " +
                account +
                " (" + self.account_map_ids[account] + ")"
            )
            self.template[account].add_output([
                Output(
                    "TemplateBuild",
                    Description="CloudFormation Template Build Number",
                    Value=self.build_version,
                    Export=Export(Sub("${AWS::StackName}-" + "TemplateBuild"))
                )
            ])
            if "parent" in self.config['accounts'][account]:
                if self.config['accounts'][account]['parent'] is True:
                    self.parent_account = account
                    self.parent_account_id = account_id
                    if "saml_provider" in self.config['accounts'][account]:
                        self.saml_provider = \
                            self.config['accounts'][account]["saml_provider"]
        if self.parent_account == "":
            raise Exception(
                "No account is marked as parent in the configuration file. "
                "One account should have parent: true"
            )

    # Converts between friendly names and ids for accounts. 
开发者ID:awslabs,项目名称:aws-iam-generator,代码行数:59,代码来源:config_helper.py

示例6: parse_managed_policies

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def parse_managed_policies(c, managed_policies, working_on):
    managed_policy_list = []
    for managed_policy in managed_policies:
        # If we have an ARN then we're explicit
        if re.match(r"^arn:", managed_policy):
            if re.search(r"\${[^}]+}", managed_policy):
                managed_policy_list.append(Sub(managed_policy))
            else:
                managed_policy_list.append(managed_policy)
        # If we have an import: then we're importing from another template.
        elif re.match("^import:", managed_policy):
            m = re.match("^import:(.*)", managed_policy)
            managed_policy_list.append(ImportValue(m.group(1)))
        # Alternately we're dealing with a managed policy locally that
        # we need to 'Ref' to get an ARN.
        else:
            # Confirm this is a local policy, otherwise we'll error out.
            if c.is_local_managed_policy(managed_policy):
                # Policy name exists in the template,
                # lets make sure it will exist in this account.
                if c.is_managed_policy_in_account(
                        managed_policy,
                        c.map_account(c.current_account)
                ):
                    # If this is a ref we'll need to assure it's scrubbed
                    managed_policy_list.append(Ref(scrub_name(managed_policy)))
                else:
                    raise ValueError(
                        "Working on: '{}' - Managed Policy: '{}' "
                        "is not configured to go into account: '{}'".format(
                            working_on,
                            managed_policy,
                            c.current_account
                        )
                    )
            else:
                raise ValueError(
                    "Working on: '{}' - Managed Policy: '{}' "
                    "does not exist in the configuration file".format(
                        working_on,
                        managed_policy
                    )
                )

    return(managed_policy_list)


# We use this over users/groups/roles:
# - Check if we have an import: syntax in use.
# - Under a 'user' context' a local 'group' can be referenced.  If we're
#   operating as named = false the group name won't match the template name
#   so we need to assure we use a 'Ref' in that scenario. 
开发者ID:awslabs,项目名称:aws-iam-generator,代码行数:54,代码来源:iam_template_build.py

示例7: add_managed_policy

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def add_managed_policy(
        c,
        ManagedPolicyName,
        PolicyDocument,
        model,
        named=False
        ):
    cfn_name = scrub_name(ManagedPolicyName)
    kw_args = {
        "Description": "Managed Policy " + ManagedPolicyName,
        "PolicyDocument": PolicyDocument,
        "Groups": [],
        "Roles": [],
        "Users": []
    }

    if named:
        kw_args["ManagedPolicyName"] = ManagedPolicyName
    if "description" in model:
        kw_args["Description"] = model["description"]
    if "groups" in model:
        kw_args["Groups"] = parse_imports(c, "policy", model["groups"])
    if "users" in model:
        kw_args["Users"] = parse_imports(c, "user", model["users"])
    if "roles" in model:
        kw_args["Roles"] = parse_imports(c, "role", model["roles"])

    if "retain_on_delete" in model:
        if model["retain_on_delete"] is True:
            kw_args["DeletionPolicy"] = "Retain"

    c.template[c.current_account].add_resource(ManagedPolicy(
        cfn_name,
        **kw_args
    ))

    if c.config['global']['template_outputs'] == "enabled":
        c.template[c.current_account].add_output([
            Output(
                cfn_name + "PolicyArn",
                Description=kw_args["Description"] + " Policy Document ARN",
                Value=Ref(cfn_name),
                Export=Export(Sub(
                        "${AWS::StackName}-"
                        + cfn_name
                        + "PolicyArn"
                        ))
            )
        ]) 
开发者ID:awslabs,项目名称:aws-iam-generator,代码行数:51,代码来源:iam_template_build.py

示例8: add_user

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def add_user(c, UserName, model, named=False):
    cfn_name = scrub_name(UserName + "User")
    kw_args = {
        "Path": "/",
        "Groups": [],
        "ManagedPolicyArns": [],
        "Policies": [],
    }

    if named:
        kw_args["UserName"] = UserName

    if "groups" in model:
        kw_args["Groups"] = parse_imports(c, "user", model["groups"])

    if "managed_policies" in model:
        kw_args["ManagedPolicyArns"] = parse_managed_policies(
                c,
                model["managed_policies"],
                UserName
            )

    if "password" in model:
        kw_args["LoginProfile"] = LoginProfile(
            Password=model["password"],
            PasswordResetRequired=True
        )

    if "retain_on_delete" in model:
        if model["retain_on_delete"] is True:
            kw_args["DeletionPolicy"] = "Retain"

    c.template[c.current_account].add_resource(User(
        cfn_name,
        **kw_args
    ))
    if c.config['global']['template_outputs'] == "enabled":
        c.template[c.current_account].add_output([
            Output(
                cfn_name + "Arn",
                Description="User " + UserName + " ARN",
                Value=GetAtt(cfn_name, "Arn"),
                Export=Export(Sub("${AWS::StackName}-" + cfn_name + "Arn"))
            )
        ]) 
开发者ID:awslabs,项目名称:aws-iam-generator,代码行数:47,代码来源:iam_template_build.py

示例9: _pipeline_role

# 需要导入模块: import troposphere [as 别名]
# 或者: from troposphere import Sub [as 别名]
def _pipeline_role(buckets: Iterable[s3.Bucket]) -> iam.Role:
    """Build and return the IAM Role resource to be used by CodePipeline to run the pipeline."""
    bucket_statements = [
        AWS.Statement(
            Effect=AWS.Allow,
            Action=[S3.GetBucketVersioning, S3.PutBucketVersioning],
            Resource=[GetAtt(bucket, "Arn") for bucket in buckets],
        ),
        AWS.Statement(
            Effect=AWS.Allow,
            Action=[S3.GetObject, S3.PutObject],
            Resource=[Sub("${{{bucket}.Arn}}/*".format(bucket=bucket.title)) for bucket in buckets],
        ),
    ]
    policy = iam.Policy(
        "PipelinePolicy",
        PolicyName="PipelinePolicy",
        PolicyDocument=AWS.PolicyDocument(
            Statement=bucket_statements
            + [
                AllowEverywhere(Action=[CLOUDWATCH.Action("*"), IAM.PassRole]),
                AllowEverywhere(Action=[LAMBDA.InvokeFunction, LAMBDA.ListFunctions]),
                AllowEverywhere(
                    Action=[
                        CLOUDFORMATION.CreateStack,
                        CLOUDFORMATION.DeleteStack,
                        CLOUDFORMATION.DescribeStacks,
                        CLOUDFORMATION.UpdateStack,
                        CLOUDFORMATION.CreateChangeSet,
                        CLOUDFORMATION.DeleteChangeSet,
                        CLOUDFORMATION.DescribeChangeSet,
                        CLOUDFORMATION.ExecuteChangeSet,
                        CLOUDFORMATION.SetStackPolicy,
                        CLOUDFORMATION.ValidateTemplate,
                    ]
                ),
                AllowEverywhere(Action=[CODEBUILD.BatchGetBuilds, CODEBUILD.StartBuild]),
            ]
        ),
    )
    return iam.Role(
        "CodePipelinesRole", AssumeRolePolicyDocument=_service_assume_role(CODEPIPELINE.prefix), Policies=[policy]
    ) 
开发者ID:aws,项目名称:aws-encryption-sdk-python,代码行数:45,代码来源:pipeline.py


注:本文中的troposphere.Sub方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。