Class: AwsEc2Instance
- Inherits:
-
Object
- Object
- AwsEc2Instance
- Defined in:
- lib/resources/aws/aws_ec2_instance.rb
Instance Method Summary collapse
-
#catch_aws_errors ⇒ Object
TODO: DRY up, see github.com/chef/inspec/issues/2633 Copied from resource_support/aws/aws_resource_mixin.rb.
- #exists? ⇒ Boolean
- #has_roles? ⇒ Boolean
- #id ⇒ Object (also: #instance_id)
-
#initialize(opts, conn = nil) ⇒ AwsEc2Instance
constructor
TODO: rewrite to avoid direct injection, match other resources, use AwsSingularResourceMixin.
-
#inspec_runner ⇒ Object
TODO: DRY up, see github.com/chef/inspec/issues/2633 Copied from resource_support/aws/aws_singular_resource_mixin.rb.
- #security_group_ids ⇒ Object
-
#security_groups ⇒ Object
Don’t document this - it’s a bit hard to use.
-
#state ⇒ Object
returns the instance state.
- #tags ⇒ Object
- #to_s ⇒ Object
Constructor Details
#initialize(opts, conn = nil) ⇒ AwsEc2Instance
TODO: rewrite to avoid direct injection, match other resources, use AwsSingularResourceMixin
23 24 25 26 27 28 29 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 23 def initialize(opts, conn = nil) @opts = opts @opts.is_a?(Hash) ? @display_name = @opts[:name] : @display_name = opts @ec2_client = conn ? conn.ec2_client : inspec_runner.backend.aws_client(Aws::EC2::Client) @ec2_resource = conn ? conn.ec2_resource : inspec_runner.backend.aws_resource(Aws::EC2::Resource, {}) @iam_resource = conn ? conn.iam_resource : inspec_runner.backend.aws_resource(Aws::IAM::Resource, {}) end |
Instance Method Details
#catch_aws_errors ⇒ Object
TODO: DRY up, see github.com/chef/inspec/issues/2633 Copied from resource_support/aws/aws_resource_mixin.rb
33 34 35 36 37 38 39 40 41 42 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 33 def catch_aws_errors yield rescue Aws::Errors::MissingCredentialsError # The AWS error here is unhelpful: # "unable to sign request without credentials set" Inspec::Log.error "It appears that you have not set your AWS credentials. You may set them using environment variables, or using the 'aws://region/aws_credentials_profile' target. See https://docs.chef.io/inspec/platforms/ for details." fail_resource("No AWS credentials available") rescue Aws::Errors::ServiceError => e fail_resource e. end |
#exists? ⇒ Boolean
78 79 80 81 82 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 78 def exists? return false if instance.nil? instance.exists? end |
#has_roles? ⇒ Boolean
141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 141 def has_roles? catch_aws_errors do instance_profile = instance.iam_instance_profile if instance_profile roles = @iam_resource.instance_profile( instance_profile.arn.gsub(%r{^.*\/}, "") ).roles else roles = nil end roles && !roles.empty? end end |
#id ⇒ Object Also known as: instance_id
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 56 def id return @instance_id if defined?(@instance_id) catch_aws_errors do if @opts.is_a?(Hash) first = @ec2_resource.instances( { filters: [{ name: "tag:Name", values: [@opts[:name]], }], } ).first # catch case where the instance is not known @instance_id = first.id unless first.nil? else @instance_id = @opts end end end |
#inspec_runner ⇒ Object
TODO: DRY up, see github.com/chef/inspec/issues/2633 Copied from resource_support/aws/aws_singular_resource_mixin.rb
46 47 48 49 50 51 52 53 54 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 46 def inspec_runner # When running under inspec-cli, we have an 'inspec' method that # returns the runner. When running under unit tests, we don't # have that, but we still have to call this to pass something # (nil is OK) to the backend. # TODO: remove with https://github.com/chef/inspec-aws/issues/216 # TODO: remove after rewrite to include AwsSingularResource inspec if respond_to?(:inspec) end |
#security_group_ids ⇒ Object
125 126 127 128 129 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 125 def security_group_ids catch_aws_errors do @security_group_ids ||= instance.security_groups.map(&:group_id) end end |
#security_groups ⇒ Object
Don’t document this - it’s a bit hard to use. Our current doctrine is to use dumb things, like arrays of strings - use security_group_ids instead.
117 118 119 120 121 122 123 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 117 def security_groups catch_aws_errors do @security_groups ||= instance.security_groups.map do |sg| { id: sg.group_id, name: sg.group_name } end end end |
#state ⇒ Object
returns the instance state
85 86 87 88 89 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 85 def state catch_aws_errors do instance&.state&.name end end |
#tags ⇒ Object
131 132 133 134 135 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 131 def catch_aws_errors do @tags ||= instance..map { |tag| { key: tag.key, value: tag.value } } end end |
#to_s ⇒ Object
137 138 139 |
# File 'lib/resources/aws/aws_ec2_instance.rb', line 137 def to_s "EC2 Instance #{@display_name}" end |