forked from pulumi/examples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
__main__.py
79 lines (69 loc) · 2.44 KB
/
__main__.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# Copyright 2020, Pulumi Corporation. All rights reserved.
import pulumi
import pulumi_aws as aws
import provisioners
# Get the config ready to go.
config = pulumi.Config()
# If keyName is provided, an existing KeyPair is used, else if publicKey is provided a new KeyPair
# derived from the publicKey is created.
key_name = config.get('keyName')
public_key = config.get('publicKey')
# The privateKey associated with the selected key must be provided (either directly or base64 encoded),
# along with an optional passphrase if needed.
def decode_key(key):
if key.startswith('-----BEGIN RSA PRIVATE KEY-----'):
return key
return key.encode('ascii')
private_key = config.require_secret('privateKey').apply(decode_key)
private_key_passphrase = config.get_secret('privateKeyPassphrase')
# Create a new security group that permits SSH and web access.
secgrp = aws.ec2.SecurityGroup('secgrp',
description='Foo',
ingress=[
aws.ec2.SecurityGroupIngressArgs(protocol='tcp', from_port=22, to_port=22, cidr_blocks=['0.0.0.0/0']),
aws.ec2.SecurityGroupIngressArgs(protocol='tcp', from_port=80, to_port=80, cidr_blocks=['0.0.0.0/0']),
],
)
# Get the AMI
ami = aws.get_ami(
owners=['amazon'],
most_recent=True,
filters=[aws.GetAmiFilterArgs(
name='name',
values=['amzn2-ami-hvm-2.0.????????-x86_64-gp2'],
)],
)
# Create an EC2 server that we'll then provision stuff onto.
size = 't2.micro'
if key_name is None:
key = aws.ec2.KeyPair('key', public_key=public_key)
key_name = key.key_name
server = aws.ec2.Instance('server',
instance_type=size,
ami=ami.id,
key_name=key_name,
vpc_security_group_ids=[ secgrp.id ],
)
conn = provisioners.ConnectionArgs(
host=server.public_ip,
username='ec2-user',
private_key=private_key,
private_key_passphrase=private_key_passphrase,
)
# Copy a config file to our server.
cp_config = provisioners.CopyFile('config',
conn=conn,
src='myapp.conf',
dest='myapp.conf',
opts=pulumi.ResourceOptions(depends_on=[server]),
)
# Execute a basic command on our server.
cat_config = provisioners.RemoteExec('cat-config',
conn=conn,
commands=['cat myapp.conf'],
opts=pulumi.ResourceOptions(depends_on=[cp_config]),
)
# Export the server's IP/host and stdout from the command.
pulumi.export('publicIp', server.public_ip)
pulumi.export('publicHostName', server.public_dns)
pulumi.export('catConfigStdout', cat_config.results[0]['stdout'])