Source code for sceptre.stack

# -*- coding: utf-8 -*-

"""
sceptre.stack

This module implements a Stack class, which stores a Stack's data.

"""

import logging

from sceptre.connection_manager import ConnectionManager
from sceptre.exceptions import InvalidConfigFileError
from sceptre.helpers import get_external_stack_name, sceptreise_path
from sceptre.hooks import Hook, HookProperty
from sceptre.resolvers import (
    ResolvableContainerProperty,
    ResolvableValueProperty,
    RecursiveResolve,
    PlaceholderType
)
from sceptre.template import Template


[docs]class Stack(object): """ Stack stores information about a particular CloudFormation Stack. :param name: The name of the Stack. :type project: str :param project_code: A code which is prepended to the Stack names\ of all Stacks built by Sceptre. :type project_code: str :param template_path: The relative path to the CloudFormation, Jinja2\ or Python template to build the Stack from. If this is filled, `template_handler_config` should not be filled. :type template_path: str :param template_handler_config: Configuration for a Template Handler that can resolve its arguments to a template string. Should contain the `type` property to specify the type of template handler to load. Conflicts with `template_path`. :type template_handler_config: dict :param region: The AWS region to build Stacks in. :type region: str :param template_bucket_name: The name of the S3 bucket the Template is uploaded to. :type template_bucket_name: str :param template_key_prefix: A prefix to the key used to store templates uploaded to S3 :type template_key_prefix: str :param required_version: A PEP 440 compatible version specifier. If the Sceptre version does\ not fall within the given version requirement it will abort. :type required_version: str :param parameters: The keys must match up with the name of the parameter.\ The value must be of the type as defined in the template. :type parameters: dict :param sceptre_user_data: Data passed into\ `sceptre_handler(sceptre_user_data)` function in Python templates\ or accessible under `sceptre_user_data` variable within Jinja2\ templates. :type sceptre_user_data: dict :param hooks: A list of arbitrary shell or python commands or scripts to\ run. :type hooks: sceptre.hooks.Hook :param s3_details: :type s3_details: dict :param dependencies: The relative path to the Stack, including the file\ extension of the Stack. :type dependencies: list :param role_arn: The ARN of a CloudFormation Service Role that is assumed\ by CloudFormation to create, update or delete resources. :type role_arn: str :param protected: Stack protection against execution. :type protected: bool :param tags: CloudFormation Tags to be applied to the Stack. :type tags: dict :param external_name: :type external_name: str :param notifications: SNS topic ARNs to publish Stack related events to.\ A maximum of 5 ARNs can be specified per Stack. :type notifications: list :param on_failure: This parameter describes the action taken by\ CloudFormation when a Stack fails to create. :type on_failure: str :param iam_role: The ARN of a role for Sceptre to assume before interacting\ with the environment. If not supplied, Sceptre uses the user's AWS CLI\ credentials. :type iam_role: str :param profile: The name of the profile as defined in ~/.aws/config and\ ~/.aws/credentials. :type profile: str :param stack_timeout: A timeout in minutes before considering the Stack\ deployment as failed. After the specified timeout, the Stack will\ be rolled back. Specifiyng zero, as well as ommiting the field,\ will result in no timeout. Supports only positive integer value. :type stack_timeout: int :param stack_group_config: The StackGroup config for the Stack :type stack_group_config: dict :param iam_role_session_duration: The session duration when Scetre assumes a role.\ If not supplied, Sceptre uses default value (3600 seconds) :type iam_role_session_duration: int """ parameters = ResolvableContainerProperty("parameters") sceptre_user_data = ResolvableContainerProperty( "sceptre_user_data", PlaceholderType.alphanum ) notifications = ResolvableContainerProperty("notifications") tags = ResolvableContainerProperty('tags') # placeholder_override=None here means that if the template_bucket_name is a resolver, # placeholders have been enabled, and that stack hasn't been deployed yet, commands that would # otherwise attempt to upload the template (like validate) won't actually use the template bucket # and will act as if there was no template bucket set. s3_details = ResolvableContainerProperty( "s3_details", PlaceholderType.none ) template_handler_config = ResolvableContainerProperty( 'template_handler_config', PlaceholderType.alphanum ) template_bucket_name = ResolvableValueProperty( "template_bucket_name", PlaceholderType.none ) # Similarly, the placeholder_override=None for iam_role means that actions that would otherwise # use the iam_role will act as if there was no iam role when the iam_role stack has not been # deployed for commands that allow placeholders (like validate). iam_role = ResolvableValueProperty( 'iam_role', PlaceholderType.none ) role_arn = ResolvableValueProperty('role_arn') hooks = HookProperty("hooks") def __init__( self, name: str, project_code: str, region: str, template_path: str = None, template_handler_config: dict = None, template_bucket_name: str = None, template_key_prefix: str = None, required_version: str = None, parameters: dict = None, sceptre_user_data: dict = None, hooks: Hook = None, s3_details: dict = None, iam_role: str = None, dependencies=None, role_arn: str = None, protected: bool = False, tags: dict = None, external_name: str = None, notifications=None, on_failure: str = None, profile: str = None, stack_timeout: int = 0, iam_role_session_duration: int = 0, stack_group_config: dict = {} ): self.logger = logging.getLogger(__name__) if template_path and template_handler_config: raise InvalidConfigFileError("Both 'template_path' and 'template' are set, specify one or the other") if not template_path and not template_handler_config: raise InvalidConfigFileError("Neither 'template_path' nor 'template' is set") self.name = sceptreise_path(name) self.project_code = project_code self.region = region self.required_version = required_version self.external_name = external_name or get_external_stack_name(self.project_code, self.name) self.template_path = template_path self.dependencies = dependencies or [] self.protected = protected self.on_failure = on_failure self.stack_group_config = stack_group_config or {} self.stack_timeout = stack_timeout self.profile = profile self.template_key_prefix = template_key_prefix self.iam_role_session_duration = iam_role_session_duration self._template = None self._connection_manager = None # Resolvers and hooks need to be assigned last self.s3_details = s3_details self.iam_role = iam_role self.tags = tags or {} self.role_arn = role_arn self.template_bucket_name = template_bucket_name self.template_handler_config = template_handler_config self.s3_details = s3_details self.parameters = parameters or {} self.sceptre_user_data = sceptre_user_data or {} self.notifications = notifications or [] self.hooks = hooks or {} def __repr__(self): return ( "sceptre.stack.Stack(" "name='{name}', " "project_code={project_code}, " "template_path={template_path}, " "template_handler_config={template_handler_config}, " "region={region}, " "template_bucket_name={template_bucket_name}, " "template_key_prefix={template_key_prefix}, " "required_version={required_version}, " "iam_role={iam_role}, " "iam_role_session_duration={iam_role_session_duration}, " "profile={profile}, " "sceptre_user_data={sceptre_user_data}, " "parameters={parameters}, " "hooks={hooks}, " "s3_details={s3_details}, " "dependencies={dependencies}, " "role_arn={role_arn}, " "protected={protected}, " "tags={tags}, " "external_name={external_name}, " "notifications={notifications}, " "on_failure={on_failure}, " "stack_timeout={stack_timeout}, " "stack_group_config={stack_group_config}" ")".format( name=self.name, project_code=self.project_code, template_path=self.template_path, template_handler_config=self.template_handler_config, region=self.region, template_bucket_name=self.template_bucket_name, template_key_prefix=self.template_key_prefix, required_version=self.required_version, iam_role=self.iam_role, iam_role_session_duration=self.iam_role_session_duration, profile=self.profile, sceptre_user_data=self.sceptre_user_data, parameters=self.parameters, hooks=self.hooks, s3_details=self.s3_details, dependencies=self.dependencies, role_arn=self.role_arn, protected=self.protected, tags=self.tags, external_name=self.external_name, notifications=self.notifications, on_failure=self.on_failure, stack_timeout=self.stack_timeout, stack_group_config=self.stack_group_config ) ) def __str__(self): return self.name def __eq__(self, stack): return ( self.name == stack.name and self.project_code == stack.project_code and self.template_path == stack.template_path and self.template_handler_config == stack.template_handler_config and self.region == stack.region and self.template_bucket_name == stack.template_bucket_name and self.template_key_prefix == stack.template_key_prefix and self.required_version == stack.required_version and self.iam_role == stack.iam_role and self.iam_role_session_duration == stack.iam_role_session_duration and self.profile == stack.profile and self.sceptre_user_data == stack.sceptre_user_data and self.parameters == stack.parameters and self.hooks == stack.hooks and self.s3_details == stack.s3_details and self.dependencies == stack.dependencies and self.role_arn == stack.role_arn and self.protected == stack.protected and self.tags == stack.tags and self.external_name == stack.external_name and self.notifications == stack.notifications and self.on_failure == stack.on_failure and self.stack_timeout == stack.stack_timeout and self.stack_group_config == stack.stack_group_config ) def __hash__(self): return hash(str(self)) @property def connection_manager(self) -> ConnectionManager: """Returns the ConnectionManager for the stack, creating it if it has not yet been created. :returns: ConnectionManager. """ if self._connection_manager is None: cache_connection_manager = True try: iam_role = self.iam_role except RecursiveResolve: # This would be the case when iam_role is set with a resolver (especially stack_output) # that uses the stack's connection manager. This creates a temporary condition where # you need the iam role to get the iam role. To get around this, it will temporarily # use None as the iam_role but will re-attempt to resolve the value in future accesses. # Since the Stack Output resolver (the most likely culprit) uses the target stack's # iam_role rather than the current stack's one anyway, it actually doesn't matter, # since the stack defining that iam_role won't actually be using that iam_role. self.logger.debug( "Resolving iam_role requires the Stack connection manager. Temporarily setting " "the iam_role to None until it can be fully resolved." ) iam_role = None cache_connection_manager = False connection_manager = ConnectionManager( self.region, self.profile, self.external_name, iam_role, self.iam_role_session_duration ) if cache_connection_manager: self._connection_manager = connection_manager else: # Return early without caching the connection manager. return connection_manager return self._connection_manager @property def template(self): """ Returns the CloudFormation Template used to create the Stack. :returns: The Stack's template. :rtype: Template """ if self._template is None: if self.template_path: handler_config = { "type": "file", "path": self.template_path } else: handler_config = self.template_handler_config self._template = Template( name=self.name, handler_config=handler_config, sceptre_user_data=self.sceptre_user_data, stack_group_config=self.stack_group_config, s3_details=self.s3_details, connection_manager=self.connection_manager ) return self._template