%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/states/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/states/boto_vpc.pyc

�
���^c@@s�dZddlmZmZmZddlZddlmZddlj	j
Z
dZeje
�Zd�Zddddddddd�Zdddddd�Zdddddddddddddd	�
Zddddddd
�Zdddddddddded�Zd�Zddddddd
�Zdddddddd�Zeddddd�Zddddddddddd�
Zdddddddd�Zdddddd�Zdddddddd�Zddddd�Zdddddddd�Z ddddddddd�Z!dddddddd�Z"ddddddddddd�
Z#ddddddddddd�
Z$ddddddd�Z%ddddddd�Z&dS(uB
Manage VPCs
=================

.. versionadded:: 2015.8.0

:depends:

- boto >= 2.8.0
- boto3 >= 1.2.6

Create and destroy VPCs. Be aware that this interacts with Amazon's services,
and so may incur charges.

This module accepts explicit vpc credentials but can also utilize
IAM roles assigned to the instance through Instance Profiles. Dynamic
credentials are then automatically obtained from AWS API and no further
configuration is necessary. More information available `here
<http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html>`_.

If IAM roles are not used you need to specify them either in a pillar file or
in the minion's config file:

.. code-block:: yaml

    vpc.keyid: GKTADJGHEIQSXMKKRBJ08H
    vpc.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

It's also possible to specify ``key``, ``keyid`` and ``region`` via a profile,
either passed in as a dict, or as a string to pull from pillars or minion
config:

.. code-block:: yaml

    myprofile:
      keyid: GKTADJGHEIQSXMKKRBJ08H
      key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
      region: us-east-1

.. code-block:: yaml

    aws:
      region:
        us-east-1:
          profile:
            keyid: GKTADJGHEIQSXMKKRBJ08H
            key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
            region: us-east-1

.. code-block:: jinja

    Ensure VPC exists:
      boto_vpc.present:
        - name: myvpc
        - cidr_block: 10.10.11.0/24
        - dns_hostnames: True
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

    Ensure subnet exists:
      boto_vpc.subnet_present:
        - name: mysubnet
        - vpc_id: vpc-123456
        - cidr_block: 10.0.0.0/16
        - region: us-east-1
        - profile: myprofile

    {% set profile = salt['pillar.get']('aws:region:us-east-1:profile' ) %}
    Ensure internet gateway exists:
      boto_vpc.internet_gateway_present:
        - name: myigw
        - vpc_name: myvpc
        - profile: {{ profile }}

    Ensure route table exists:
      boto_vpc.route_table_present:
        - name: my_route_table
        - vpc_id: vpc-123456
        - routes:
          - destination_cidr_block: 0.0.0.0/0
            instance_id: i-123456
          - subnet_names:
            - subnet1
            - subnet2
          - region: us-east-1
          - profile:
            keyid: GKTADJGHEIQSXMKKRBJ08H
            key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

.. versionadded:: 2016.11.0

Request, accept and delete VPC peering connections.
VPC peering connections can be named allowing the name
to be used throughout the state file. Following
example shows how to request and accept a VPC
peering connection.

.. code-block:: yaml

    accept the vpc peering connection:
      boto_vpc.accept_vpc_peering_connection:
        - conn_name: salt_vpc_peering
        - region: us-west-2
        - require:
          - boto_vpc: request a vpc peering connection

    request a vpc peering connection:
      boto_vpc.request_vpc_peering_connection:
        - requester_vpc_id: vpc-4a3d522e
        - peer_vpc_id: vpc-ae81e9ca
        - region: us-west-2
        - conn_name: salt_vpc_peering

VPC peering connections need not be named. In this case
the VPC peering connection ID should be used in the state
file.

.. code-block:: yaml

    accept the vpc peering connection:
      boto_vpc.accept_vpc_peering_connection:
        - conn_id: pcx-1873c371
        - region: us-west-2

VPC peering connections can be deleted, as shown below.

.. code-block:: yaml

    delete a named vpc peering connection:
      boto_vpc.delete_vpc_peering_connection:
        - conn_name: salt_vpc_peering

Delete also accepts a VPC peering connection id.

.. code-block:: yaml

    delete a vpc peering connection by id:
      boto_vpc.delete_vpc_peering_connection:
        - conn_id: pcx-1873c371

i(tabsolute_importtprint_functiontunicode_literalsN(tsixuboto_vpccC@s6d}d}dtkrtStdj||�fSdS(u)
    Only load if boto is available.
    u2.8.0u1.2.6uboto_vpc.existsudThe following libraries are required to run the boto_vpc state module: boto >= {0} and boto3 >= {1}.N(t__salt__t__virtualname__tFalsetformat(tboto_versiont
boto3_version((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pyt__virtual__�s	c

C@s�i|d6td6dd6id6}
tdd|d|d	|d
|d|d|	�}d
|kr�t|
d<dj|d
d�|
d<|
S|jd�s�tdr�dj|�|
d<d"|
d<|
Std|d|d|d|d|d|d	|d
|d|d|	�	}|jd�s@t|
d<dj|d
d�|
d<|
Stdd|dd	|d
|d|d|	�}id"d6|
dd<||
dd<d j|�|
d<|
Sd!|
d<|
S(#u
    Ensure VPC exists.

    name
        Name of the VPC.

    cidr_block
        The range of IPs in CIDR format, for example: 10.0.0.0/24. Block
        size must be between /16 and /28 netmask.

    instance_tenancy
        Instances launched in this VPC will be ingle-tenant or dedicated
        hardware.

    dns_support
        Indicates whether the DNS resolution is supported for the VPC.

    dns_hostnames
        Indicates whether the instances launched in the VPC get DNS hostnames.

    tags
        A list of tags.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesuboto_vpc.existstnamettagstregiontkeytkeyidtprofileuerroruFailed to create VPC: {0}.umessageuexistsutestuVPC {0} is set to be created.uboto_vpc.createtinstance_tenancytvpc_nametenable_dns_supporttenable_dns_hostnamesucreateduError in creating VPC: {0}.uboto_vpc.describetvpc_iduiduvpcuoldunewuVPC {0} created.uVPC present.N(tTrueRRRtgett__opts__tNone(
Rt
cidr_blockRtdns_supportt
dns_hostnamesRR
RRRtrettrt	_describe((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytpresent�s>'




	
 
c	
C@s�i|d6td6dd6id6}tdd|d|d	|d
|d|d|�}d
|kr�t|d<dj|d
d�|d<|S|jd�}|s�dj|�|d<|Stdr�dj|�|d<d|d<|Stdd|d|d	|d
|d|d|�}|dsCt|d<dj|d
d�|d<|Si|d6|dd<idd6|dd<dj|�|d<|S(u�
    Ensure VPC with passed properties is absent.

    name
        Name of the VPC.

    tags
        A list of tags. All tags must match.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesuboto_vpc.get_idRRR
RRRuerroruFailed to delete VPC: {0}.umessageuidu{0} VPC does not exist.utestuVPC {0} is set to be removed.uboto_vpc.deleteRudeleteduvpcuoldunewuVPC {0} deleted.N(RRRRRRR(	RRR
RRRRRt_id((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytabsent�s:






cC@s�i|d6td6dd6id6}i|d6|d6|d6|d	6|d
6}tdd|d
|d|
d|d|d|
�}d|kr�t|d<dj|dd�|d<|S|jd�r�d|d<|Stdr�dj|�|d<d(|d<|Stdd|d|d|d|d|d
|d|	d |d!|d|
d|d|d|
�
}|jd"�s�t|d<d#j|dd�|d<|Sid(d$6|dd%<i|d$6|dd&<d'j|�|d<|Sd(S()u�
    Ensure a set of DHCP options with the given settings exist.
    Note that the current implementation only SETS values during option set
    creation.  It is unable to update option sets in place, and thus merely
    verifies the set exists via the given name and/or dhcp_options_id param.

    name
        (string)
        Name of the DHCP options.

    vpc_name
        (string)
        Name of a VPC to which the options should be associated.  Either
        vpc_name or vpc_id must be provided.

    vpc_id
        (string)
        Id of a VPC to which the options should be associated.  Either
        vpc_name or vpc_id must be provided.

    domain_name
        (string)
        Domain name to be assiciated with this option set.

    domain_name_servers
        (list of strings)
        The IP address(es) of up to four domain name servers.

    ntp_servers
        (list of strings)
        The IP address(es) of up to four desired NTP servers.

    netbios_name_servers
        (list of strings)
        The IP address(es) of up to four NetBIOS name servers.

    netbios_node_type
        (string)
        The NetBIOS node type (1, 2, 4, or 8).  For more information about
        the allowed values, see RFC 2132.  The recommended is 2 at this
        time (broadcast and multicast are currently not supported).

    tags
        (dict of key:value pairs)
        A set of tags to be added.

    region
        (string)
        Region to connect to.

    key
        (string)
        Secret key to be used.

    keyid
        (string)
        Access key to be used.

    profile
        (various)
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.

    .. versionadded:: 2016.3.0
    unameuresultuucommentuchangesudomain_nameudomain_name_serversuntp_serversunetbios_name_serversunetbios_node_typeuboto_vpc.dhcp_options_existstdhcp_options_idtdhcp_options_nameR
RRRuerroru%Failed to validate DHCP options: {0}.umessageuexistsuDHCP options already present.utestu'DHCP options {0} are set to be created.uboto_vpc.create_dhcp_optionstdomain_nametdomain_name_serverstntp_serverstnetbios_name_serverstnetbios_node_typeRRRucreatedu"Failed to create DHCP options: {0}udhcp_optionsuoldunewuDHCP options {0} created.N(RRRRRRR(RR#RRR%R&R'R(R)RR
RRRRt_newR((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytdhcp_options_present3sRE



	



	
c	C@s�i|d6td6dd6id6}tddd|d	|d
|d|d|�}d
|kr�t|d<dj|d
d�|d<|S|jd�}|s�dj|�|d<|Stdr�dj|�|d<d|d<|Stdd|dd	|d
|d|d|�}|jd�sCt|d<dj|d
d�|d<|Si|d6|dd<idd6|dd<dj|�|d<|S(u;
    Ensure a set of DHCP options with the given settings exist.

    name
        (string)
        Name of the DHCP options set.

    dhcp_options_id
        (string)
        Id of the DHCP options set.

    region
        (string)
        Region to connect to.

    key
        (string)
        Secret key to be used.

    keyid
        (string)
        Access key to be used.

    profile
        (various)
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.

    .. versionadded:: 2016.3.0
    unameuresultuucommentuchangesuboto_vpc.get_resource_idudhcp_optionsRR
RRRuerroru#Failed to delete DHCP options: {0}.umessageuiduDHCP options {0} do not exist.utestu'DHCP options {0} are set to be deleted.uboto_vpc.delete_dhcp_optionsR#udeletedu"Failed to delete DHCP options: {0}uoldunewuDHCP options {0} deleted.N(RRRRRRR(	RR#R
RRRRRR!((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytdhcp_options_absent�s:





c
C@s�i|d6td6dd6id6}
tdd|d|d	|d
|d|d|	�}d
|kr�t|
d<dj|d
d�|
d<|
Sd4}d4}d4}|
s�|r�d4}t}|
r�|
}tdd|
d	|d
|d|d|	�}n:|r&|}tdd|d	|d
|d|d|	�}n|r�d|kr�|dr�|
r|t}tdd|
d	|d
|d|d|	�}q�|r�t}tdd|d	|d
|d|d|	�}q�q�q�n|s�t|
d<dj|�|
d<|
Sn|jd�stdr#dj|�|
d<d4|
d<|
Stdd|d|d|d|d|d|d|d	|d
|d|d|	�}|jd�s�t|
d<dj|d
d�|
d<|
Std d!|d"d	|d
|d|d|	�}id4d#6|
dd$<||
dd%<d&j|�|
d<n
d'|
d<|r�|sVtd d|d	|d
|d|d|	�}nt||d#d"�s~tdr�d(j|�}d)j|
d|g�|
d<d4|
d<|
Sd*|d#krEt	j
d+�td,|d#d*d	|d
|d|d|	�}|d-sEd.j|�}d)j|
d|g�|
d<t|
d<|
Snd$|
dkrf||
dd$<ntd/d|d"d|d	|d
|d|d|	�}d
|kr�d0j|||d
d�}d)j|
d|g�|
d<t|
d<|
Sd1j|�}d)j|
d|g�|
d<d%|
dkratd d|d	|d
|d|d|	�|
dd%<q�|d2|
dd%d#d*<q�d)j|
dd3j|�g�|
d<n|
S(5u
    Ensure a subnet exists.

    name
        Name of the subnet.

    cidr_block
        The range if IPs for the subnet, in CIDR format. For example:
        10.0.0.0/24. Block size must be between /16 and /28 netmask.

    vpc_name
        Name of the VPC in which the subnet should be placed. Either
        vpc_name or vpc_id must be provided.

    vpc_id
        Id of the VPC in which the subnet should be placed. Either vpc_name
        or vpc_id must be provided.

    availability_zone
        AZ in which the subnet should be placed.

    tags
        A list of tags.

    route_table_id
        A route table ID to explicitly associate the subnet with.  If both route_table_id
        and route_table_name are specified, route_table_id will take precedence.

        .. versionadded:: 2016.11.0

    route_table_name
        A route table name to explicitly associate the subnet with.  If both route_table_id
        and route_table_name are specified, route_table_id will take precedence.

        .. versionadded:: 2016.11.0

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesuboto_vpc.subnet_existstsubnet_nameRR
RRRuerroruFailed to create subnet: {0}.umessageuboto_vpc.route_table_existstroute_table_idtroute_table_nameuexistsuboto_vpc.describe_route_tableu1The specified route table {0} could not be found.utestu Subnet {0} is set to be created.uboto_vpc.create_subnetRtavailability_zonetauto_assign_public_ipv4RRucreateduFailed to create subnet: {0}uboto_vpc.describe_subnett	subnet_iduidusubnetuoldunewuSubnet {0} created.uSubnet present.u3Subnet is set to be associated with route table {0}u u#explicit_route_table_association_idu.Need to disassociate from existing route tableu!boto_vpc.disassociate_route_tableu
disassociatedu?Unable to disassociate subnet {0} with its current route table.uboto_vpc.associate_route_tableu9Failed to associate subnet {0} with route table {1}: {2}.u4Subnet successfully associated with route table {0}.uassociation_idu1Subnet is already associated with route table {0}N(RRRRRRRt_verify_subnet_associationtjointlogtdebug(RRRRR0RR
RRRR.R/R1RRtroute_table_descRtrtidtrttroute_table_foundtmsgtdrt_rettart_ret((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytsubnet_present�s�8






	
 






 
cC@sE|rAd|krAx)|dD]}|d|krtSqWqAntS(u
    Helper function verify a subnet's route table association

    route_table_desc
        the description of a route table, as returned from boto_vpc.describe_route_table

    subnet_id
        the subnet id to verify

    .. versionadded:: 2016.11.0
    uassociationsu	subnet_id(RR(R7R2tassociation((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pyR3�sc	C@s�i|d6td6dd6id6}tddd|d	|d
|d|d|�}d
|kr�t|d<dj|d
d�|d<|S|jd�}|s�dj|�|d<|Stdr�dj||d�|d<d|d<|Stdd|d	|d
|d|d|�}|jd�sFt|d<dj|d
d�|d<|Si|d6|dd<idd6|dd<dj|�|d<|S(ue
    Ensure subnet with passed properties is absent.

    name
        Name of the subnet.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesuboto_vpc.get_resource_idusubnetRR
RRRuerroruFailed to delete subnet: {0}.umessageuidu{0} subnet does not exist.utestu&Subnet {0} ({1}) is set to be removed.uboto_vpc.delete_subnetR-udeleteduFailed to delete subnet: {0}uoldunewuSubnet {0} deleted.N(RRRRRRR(	RR2R
RRRRRR!((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pyt
subnet_absent�s<





c
C@s�i|d6td6dd6id6}tddd|d	|d
|d|d|�}	d
|	kr�t|d<dj|	d
d�|d<|S|	jd�sytdr�dj|�|d<d|d<|Stdd|d|d|d|d	|d
|d|d|�}	|	jd�s4t|d<dj|	d
d�|d<|Sidd6|dd<i|	dd6|dd<dj|�|d<|Sdj|�|d<|S( uh
    Ensure an internet gateway exists.

    name
        Name of the internet gateway.

    vpc_name
        Name of the VPC to which the internet gateway should be attached.

    vpc_id
        Id of the VPC to which the internet_gateway should be attached.
        Only one of vpc_name or vpc_id may be provided.

    tags
        A list of tags.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesuboto_vpc.resource_existsuinternet_gatewayRR
RRRuerroru'Failed to create internet gateway: {0}.umessageuexistsutestu*Internet gateway {0} is set to be created.u boto_vpc.create_internet_gatewaytinternet_gateway_nameRRRucreatedu&Failed to create internet gateway: {0}uolduidunewuInternet gateway {0} created.uInternet gateway {0} present.N(RRRRRRR(
RRRRR
RRRRR((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytinternet_gateway_present�s>!




	
c	
C@s�i|d6td6dd6id6}tddd|d	|d
|d|d|�}d
|kr�t|d<dj|d
d�|d<|S|d}|s�dj|�|d<|Stdr�dj|�|d<d|d<|Stdd|d|d	|d
|d|d|�}|jd�s@t|d<dj|d
d�|d<|Si|d6|dd<idd6|dd<dj|�|d<|S(u�
    Ensure the named internet gateway is absent.

    name
        Name of the internet gateway.

    detach
        First detach the internet gateway from a VPC, if attached.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesuboto_vpc.get_resource_iduinternet_gatewayRR
RRRuerroru'Failed to delete internet gateway: {0}.umessageuidu$Internet gateway {0} does not exist.utestu*Internet gateway {0} is set to be removed.u boto_vpc.delete_internet_gatewayRAtdetachudeleteduoldunewuInternet gateway {0} deleted.N(RRRRRRR(	RRCR
RRRRRtigw_id((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytinternet_gateway_absent8s>





	
c
C@s#i|d6td6dd6id6}td|d|d|d	|d
|d|d|	d
|
�}|d|d<dj|d|dg�|d<|ds�|d|d<|dtkr�|S|ddkr�tdr�|Sntd|d|d	|d
|d|d|	d
|
�}tj|d|d�|d<dj|d|dg�|d<|dsx|d|d<|dtkrx|Snt	d|d|d|d	|d
|d|d|	d
|
�}tj|d|d�|d<dj|d|dg�|d<|ds|d|d<|dtkr|Sn|S(u�
    Ensure route table with routes exists and is associated to a VPC.

    This function requires boto3 to be installed if nat gatewyas are specified.

    Example:

    .. code-block:: yaml

        boto_vpc.route_table_present:
          - name: my_route_table
          - vpc_id: vpc-123456
          - routes:
            - destination_cidr_block: 0.0.0.0/0
              internet_gateway_name: InternetGateway
            - destination_cidr_block: 10.10.11.0/24
              instance_id: i-123456
            - destination_cidr_block: 10.10.12.0/24
              interface_id: eni-123456
            - destination_cidr_block: 10.10.13.0/24
              instance_name: mygatewayserver
          - subnet_names:
            - subnet1
            - subnet2

    name
        Name of the route table.

    vpc_name
        Name of the VPC with which the route table should be associated.

    vpc_id
        Id of the VPC with which the route table should be associated.
        Either vpc_name or vpc_id must be provided.

    routes
        A list of routes.  Each route has a cidr and a target.

    subnet_ids
        A list of subnet ids to associate

    subnet_names
        A list of subnet names to associate

    tags
        A list of tags.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesRRRRR
RRRu utestR/troutest
subnet_idstsubnet_namesN(
Rt_route_table_presentR4RRRt_routes_presentt
dictupdatetupdatet_subnets_present(
RRRRFRGRHRR
RRRRt_ret((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytroute_table_presentvsB?

!
!
!
cC@s�i|d6td6dd6id6}tdddd	|d
|d|d|d
|�}	d|	kr�t|d<dj|	dd�|d<|S|	jd�}
|
s�tdr�dj|�}||d<d|d<|Stdd|d|d|d|d
|d|d|d
|�}	|	jd�sCt|d<dj|	dd�|d<|Sidd6|dd<i|	dd6|dd<dj|�|d<|Sdj||
�|d<|S(Nunameuresultuucommentuchangesuboto_vpc.get_resource_idtresourceuroute_tableRR
RRRuerroru"Failed to create route table: {0}.umessageuidutestu%Route table {0} is set to be created.uboto_vpc.create_route_tableR/RRRucreateduoldunewuRoute table {0} created.uRoute table {0} ({1}) present.(RRRRRRR(RRRRR
RRRRRR!R;((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pyRI�sB

	




cC@sLi|d6td6dd6id6}tdd|d|d	|d
|d|d|�}d
|kr�dj||d
d�}	|	|d<t|d<|S|d}g}
|r�td@�}x|D]�}i}
x:tj|�D])\}}||kr�|||
|<q�q�W|jd�r�tddd|dd	|d
|d|d|�}d
|kr�dj|jd�|d
d�}	|	|d<t|d<|S|ddkr�dj|�}	|	|d<t|d<|S|d|
d<n|jd�r�tddd|dd	|d
|d|d|�}d
|kr[d j|jd�|d
d�}	|	|d<t|d<|S|ddkr�d!j|�}	|	|d<t|d<|S|d|
d<n|jd"�r1dA}td(d|d"d	|d
|d|d|d)|�}|dkr$d*j|d"�}	|	|d<t|d<|S||
d<n|jd+�r�td,d-|d+d	|d
|d|d|�}|s�d.}	|	|d<t|d<|S|dd/|
d<n|
j	|
�q�Wng}g}x4|
D],}||d0kr�|j	t
|��q�q�WxF|d0D]:}||
kr
|jd�d1krD|j	|�qDq
q
W|sT|rHtd2r�d3j|�}	|	|d<d|d<|S|r5x�|D]�}td4d5|dd6|dd	|d
|d|d|�}|d7sd8j|d||d
d�}	|	|d<t|d<|Sd9j|d|�|d<q�Wn|r�x�|D]�}td:d5|dd	|d
|d|d||�}|d;s�d<j|d||d
d�}	|	|d<t|d<|Sd=j|d|�|d<qBWni|d0d06|dd><tdd|d|d	|d
|d|d|�}i|dd0d06|dd?<n|S(BNunameuresultuucommentuchangesuboto_vpc.describe_route_tablesR/RR
RRRuerroru;Could not retrieve configuration for route table {0}: {1}`.umessageiu
gateway_iduinstance_idudestination_cidr_blockuinterface_iduvpc_peering_connection_idunat_gateway_iduinternet_gateway_nameuboto_vpc.get_resource_iduinternet_gatewayRu1Error looking up id for internet gateway {0}: {1}uidu$Internet gateway {0} does not exist.uvpc_peering_connection_nameuvpc_peering_connectionu7Error looking up id for VPC peering connection {0}: {1}u*VPC peering connection {0} does not exist.u
instance_nameupendingu	rebootingurunningustoppingustoppeduboto_ec2.get_idt	in_statesuInstance {0} does not exist.unat_gateway_subnet_nameuboto_vpc.describe_nat_gatewaysR-uNat gateway does not exist.uNatGatewayIduroutesulocalutestu,Route table {0} set to have routes modified.uboto_vpc.delete_routeR.tdestination_cidr_blockudeletedu5Failed to delete route {0} from route table {1}: {2}.u'Deleted route {0} from route table {1}.uboto_vpc.create_routeucreatedu3Failed to create route {0} in route table {1}: {2}.u%Created route {0} in route table {1}.uoldunew(u
gateway_iduinstance_idudestination_cidr_blockuinterface_iduvpc_peering_connection_idunat_gateway_id(upendingu	rebootingurunningustoppingustopped(RRRRtsetRt	iteritemsRRtappendtdictR(R/RFRR
RRRRtroute_tableR;t_routest
route_keystit_rtktvRtrunning_statest	to_deletet	to_createtroutetres((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pyRJs�

	











	










	



!
 


!" cC@s�i|d6td6dd6id6}|s1g}n|r�x�|D]�}	tddd|	d	|d
|d|d|�}
d
|
kr�dj|
d
d�}||d<t|d<|S|
ddkr�dj|	�}||d<t|d<|S|j|
d�q>Wntdd|d|d	|d
|d|d|�}|sZdj|�}||d<t|d<|Sg|dD]}
|
d^qe}g|D]}
|
|kr�|
^q�}g}xF|dD]:}
|
d|kr�|
ddk	r�|j|
d�q�q�W|s�|r�tdr,dj|�}||d<d|d<|S|r�x�|D]y}td|||||�}
d
|
kr�dj|||
d
d�}||d<t|d<|Sdj||�|d<q9Wn|r_x�|D]�}tdd|dd|d	|d
|d|d|�}
d
|
krBd j|||
d
d�}||d<t|d<|Sd!j||�|d<q�Wni|dd"6|dd#<tdd|d|d	|d
|d|d|�}i|dd"6|dd$<n|S(%Nunameuresultuucommentuchangesuboto_vpc.get_resource_idusubnetRR
RRRuerroru Error looking up subnet ids: {0}umessageuiduSubnet {0} does not exist.uboto_vpc.describe_route_tableR/Ru5Could not retrieve configuration for route table {0}.uassociationsu	subnet_idutestu;Subnet associations for route table {0} set to be modified.u!boto_vpc.disassociate_route_tableu3Failed to dissociate {0} from route table {1}: {2}.u,Dissociated subnet {0} from route table {1}.uboto_vpc.associate_route_tableR.R2u9Failed to associate subnet {0} with route table {1}: {2}.u+Associated subnet {0} with route table {1}.usubnets_associationsuoldunew(RRRRRRUR(R/RGRHRR
RRRRRZRR;RWtxt	assoc_idsR`R_tr_asctsntnew_sub((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pyRM�s�

	






!% 








"cC@soi|d6td6dd6id6}tddd|d	|d
|d|d|�}d
|kr|t|d<|d
d|d<|S|d}|s�dj|�|d<|Stdr�dj|�|d<d|d<|Stdd|d	|d
|d|d|�}d
|kr.t|d<dj|d
d�|d<|Si|d6|dd<idd6|dd<dj|�|d<|S(ub
    Ensure the named route table is absent.

    name
        Name of the route table.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesuboto_vpc.get_resource_iduroute_tableRR
RRRuerrorumessageuiduRoute table {0} does not exist.utestu%Route table {0} is set to be removed.uboto_vpc.delete_route_tableR/u!Failed to delete route table: {0}uoldunewuRoute table {0} deleted.N(RRRRRR(RR
RRRRRtrtbl_id((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytroute_table_absent�s>





	
c
C@s\i|d6td6dd6id6}tdd|d|d	|d
|d|d|�}	|	s,td
r�d}
|
|d<d|d<|Stdd|d|d	|d
|d|d|d|�}	|	jd�s�t|d<dj|	dd�|d<|Sidd6|dd<i|	dd6|dd<d|d<|S|	d}|jd�}dj|�|d<|S(u�
    Ensure a nat gateway exists within the specified subnet

    This function requires boto3.

    .. versionadded:: 2016.11.0

    Example:

    .. code-block:: yaml

        boto_vpc.nat_gateway_present:
          - subnet_name: my-subnet

    name
        Name of the state

    subnet_name
        Name of the subnet within which the nat gateway should exist

    subnet_id
        Id of the subnet within which the nat gateway should exist.
        Either subnet_name or subnet_id must be provided.

    allocation_id
        If specified, the elastic IP address referenced by the ID is
        associated with the gateway. Otherwise, a new allocation_id is created and used.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.
    unameuresultuucommentuchangesuboto_vpc.describe_nat_gatewaysR-R2R
RRRutestu!Nat gateway is set to be created.uboto_vpc.create_nat_gatewayt
allocation_iducreatedu"Failed to create nat gateway: {0}.uerrorumessageunat_gatewayuolduidunewuNat gateway created.iuNatGatewayIduNat gateway {0} present.N(RRRRRRR(
RR-R2R
RRRRjRRR;tinstR!((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytnat_gateway_presents>+

	


	


cC@soi|d6td6dd6id6}tdd|d|d	|d
|d|d|�}	|	sgd
|d<|Stdr�d|d<d|d<|Sx�|	D]�}
|
jd�}tdd|dtd	|d
|d|d|dtd|�}	d|	krt|d<dj|	dd�|d<|Sdj|ddj|�f�|d<q�Wi|d6|dd<idd6|dd<|S(u
    Ensure the nat gateway in the named subnet is absent.

    This function requires boto3.

    .. versionadded:: 2016.11.0

    name
        Name of the state.

    subnet_name
        Name of the subnet within which the nat gateway should exist

    subnet_id
        Id of the subnet within which the nat gateway should exist.
        Either subnet_name or subnet_id must be provided.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.

    wait_for_delete_retries
        NAT gateway may take some time to be go into deleted or failed state.
        During the deletion process, subsequent release of elastic IPs may fail;
        this state will automatically retry this number of times to ensure
        the NAT gateway is in deleted or failed state before proceeding.
        Default is set to 0 for backward compatibility.

    unameuresultuucommentuchangesuboto_vpc.describe_nat_gatewaysR-R2R
RRRuNat gateway does not exist.utestu!Nat gateway is set to be removed.uNatGatewayIduboto_vpc.delete_nat_gatewaytnat_gateway_idtrelease_eipstwait_for_deletetwait_for_delete_retriesuerroru!Failed to delete nat gateway: {0}umessageu, uNat gateway {0} deleted.unat_gatewayuoldunewN(RRRRRRRR4(RR-R2R
RRRRpRRtgwRh((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytnat_gateway_absentas@*

	




	
*c
C@sQtjd�tdd|d|d|d|d|d|�}i|d	6td
6id6dd
6}|s�t|d
<|djidd6�|Stdr�|djidd6�|Sd}	tjd|	�t|	d|d|d|d|d|d|�}
d|
kr*dj|
d�|d
<t|d
<|S|djidd6|
dd6�|S(u�
    Accept a VPC pending requested peering connection between two VPCs.

    name
        Name of this state

    conn_id
        The connection ID to accept. Exclusive with conn_name. String type.

    conn_name
        The name of the VPC peering connection to accept. Exclusive with conn_id. String type.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.

    .. versionadded:: 2016.11.0

    Example:

    .. code-block:: yaml

        boto_vpc.accept_vpc_peering_connection:
          - conn_name: salt_peering_connection

        # usage with vpc peering connection id and region
        boto_vpc.accept_vpc_peering_connection:
          - conn_id: pbx-1873d472
          - region: us-west-2

    u-Called state to accept VPC peering connectionu&boto_vpc.is_peering_connection_pendingtconn_idt	conn_nameR
RRRunameuresultuchangesuBoto VPC peering stateucommentu<No pending VPC peering connection found. Nothing to be done.uoldutestu8Pending VPC peering connection found and can be acceptedu&boto_vpc.accept_vpc_peering_connectionu4Calling `%s()` to accept this VPC peering connectionRuerroru!Failed to accept VPC peering: {0}uumsgunew(R5R6RRRLRRR(RRsRtR
RRRtpendingRtfuntresult((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytaccept_vpc_peering_connection�s8*






"
#cC@sItjd�i|d6td6id6dd6}|rltd|d|d	|d
|	d|
�jdg�}ng}|r�d
|d<|Stdr�|s�d|d<n|Stjd�td||||d|d|d|d	|d
|	d|
�}
d|
kr"dj|
d�|d<t|d<|S|djidd6|
dd6�|S(u�
    name
        Name of the state

    requester_vpc_id
        ID of the requesting VPC. Exclusive with requester_vpc_name. String type.

    requester_vpc_name
        Name tag of the requesting VPC.  Exclusive with requester_vpc_id.  String type.

    peer_vpc_id
        ID of the VPC tp crete VPC peering connection with.  This can be a VPC in another account. Exclusive with peer_vpc_name. String type.

    peer_vpc_name
        Name tag of the VPC tp crete VPC peering connection with.  This can only be a VPC the same account. Exclusive with peer_vpc_id.  String type.

    conn_name
        The (optional) name to use for this VPC peering connection. String type.

    peer_owner_id
        ID of the owner of the peer VPC. String type. If this isn't supplied AWS uses your account ID.  Required if peering to a different account.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.

    .. versionadded:: 2016.11.0

    Example:

    .. code-block:: yaml

        request a vpc peering connection:
          boto_vpc.request_vpc_peering_connection:
            - requester_vpc_id: vpc-4b3522e
            - peer_vpc_id: vpc-ae83f9ca
            - conn_name: salt_peering_connection

    u.Called state to request VPC peering connectionunameuresultuchangesuBoto VPC peering stateucommentu(boto_vpc.describe_vpc_peering_connectionR
RRRuVPC-Peeringsu:VPC peering connection already exists, nothing to be done.utestu&VPC peering connection will be createdu.Called module to create VPC peering connectionu'boto_vpc.request_vpc_peering_connectionRt
peer_owner_iduerroru"Failed to request VPC peering: {0}uuoldumsgunew(	R5R6RRRRRRRL(Rtrequester_vpc_idtrequester_vpc_nametpeer_vpc_idt
peer_vpc_nameRtRyR
RRRRtvpc_idsRw((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytrequest_vpc_peering_connectionsT4

	



	

cC@s/i|d6td6dd6id6}tdd|d|d	|d
|	d|
�r�tdd|d
|d|d|d	|d
|	d|
�r�dj||p�|p�|�|d<tj|d�|Std|d|d|d	|d
|	d|
�Std|d|d|d|d|d|d|d|d	|d
|	d|
�S(u�
    name
        Name of the state

    requester_vpc_id
        ID of the requesting VPC. Exclusive with requester_vpc_name.

    requester_vpc_name
        Name tag of the requesting VPC.  Exclusive with requester_vpc_id.

    peer_vpc_id
        ID of the VPC tp crete VPC peering connection with. This can be a VPC in
        another account. Exclusive with peer_vpc_name.

    peer_vpc_name
        Name tag of the VPC tp crete VPC peering connection with. This can only
        be a VPC in the same account, else resolving it into a vpc ID will fail.
        Exclusive with peer_vpc_id.

    conn_name
        The name to use for this VPC peering connection.

    peer_owner_id
        ID of the owner of the peer VPC. Defaults to your account ID, so a value
        is required if peering with a VPC in a different account.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.

    .. versionadded:: 2016.11.0

    Example:

    .. code-block:: yaml

        ensure peering twixt local vpc and the other guys:
          boto_vpc.vpc_peering_connection_present:
            - requester_vpc_name: my_local_vpc
            - peer_vpc_name: some_other_guys_vpc
            - conn_name: peering_from_here_to_there
            - peer_owner_id: 012345654321


    unameuresultuucommentuchangesu&boto_vpc.is_peering_connection_pendingRtR
RRRu,boto_vpc.peering_connection_pending_from_vpcRRu=VPC peering {0} already requested - pending acceptance by {1}RRzR{R|R}Ry(RRRR5tinfoRxR(RRzR{R|R}RtRyR
RRRR((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytvpc_peering_connection_presentms0:

	cC@st|||||||�S(N(tdelete_vpc_peering_connection(RRsRtR
RRR((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pytvpc_peering_connection_absent�sc

C@s@tjd�i|d6td6id6dd6}|rltd|d|d	|d
|d|�jdg�}n	|g}|s�d
|d<|Stdr�|r�d|d<n|Stjd�tdd|d|d|d	|d
|d|�}	d|	krdj|	d�|d<t|d<|S|djidd6|	dd6�|S(u�
    name
        Name of the state

    conn_id
        ID of the peering connection to delete.  Exclusive with conn_name.

    conn_name
        The name of the peering connection to delete.  Exclusive with conn_id.

    region
        Region to connect to.

    key
        Secret key to be used.

    keyid
        Access key to be used.

    profile
        A dict with region, key and keyid, or a pillar key (string) that
        contains a dict with region, key and keyid.

    .. versionadded:: 2016.11.0

    Example:

    .. code-block:: yaml

        delete a vpc peering connection:
          boto_vpc.delete_vpc_peering_connection:
            - region: us-west-2
            - conn_id: pcx-4613b12e

    Connection name can be specified (instead of ID).
    Specifying both conn_name and conn_id will result in an
    error.

    .. code-block:: yaml

        delete a vpc peering connection:
          boto_vpc.delete_vpc_peering_connection:
            - conn_name: salt_vpc_peering

    u-Called state to delete VPC peering connectionunameuresultuchangesuBoto VPC peering stateucommentu(boto_vpc.describe_vpc_peering_connectionR
RRRuVPC-Peeringsu,No VPC connection found, nothing to be done.utestu'VPC peering connection would be deletedu.Called module to delete VPC peering connectionu&boto_vpc.delete_vpc_peering_connectionRsRtuerroru!Failed to delete VPC peering: {0}uuoldumsgunew(	R5R6RRRRRRRL(
RRsRtR
RRRRR~Rw((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pyR��s:/

0	






('t__doc__t
__future__RRRtloggingtsalt.extRtsalt.utils.dictupdatetutilsRKRt	getLoggert__name__R5R
RR R"R+R,RR>R3R@RBRERORIRJRMRiRlRrRxRR�R�R�(((s8/usr/lib/python2.7/site-packages/salt/states/boto_vpc.pyt<module>�sp	J;		yE�	<	D=		b*|R<P	O	O	h	R

Zerion Mini Shell 1.0