Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1488 from andharris/iam-roles

Browse Source 
add iam roles to redshift
This commit is contained in:
Steve Pulec 2018-03-07 09:28:26 -05:00 committed by GitHub
commit 4997694fd6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 43 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
moto/redshift/models.py
View File

@ -73,7 +73,7 @@ class Cluster(TaggableResourceMixin, BaseModel):
preferred_maintenance_window, cluster_parameter_group_name, preferred_maintenance_window, cluster_parameter_group_name,
automated_snapshot_retention_period, port, cluster_version, automated_snapshot_retention_period, port, cluster_version,
allow_version_upgrade, number_of_nodes, publicly_accessible, allow_version_upgrade, number_of_nodes, publicly_accessible,
encrypted, region_name, tags=None): encrypted, region_name, tags=None, iam_roles_arn=None):
super(Cluster, self).__init__(region_name, tags) super(Cluster, self).__init__(region_name, tags)
self.redshift_backend = redshift_backend self.redshift_backend = redshift_backend
self.cluster_identifier = cluster_identifier self.cluster_identifier = cluster_identifier
@ -118,6 +118,8 @@ class Cluster(TaggableResourceMixin, BaseModel):
else: else:
self.number_of_nodes = 1 self.number_of_nodes = 1
self.iam_roles_arn = iam_roles_arn or []
@classmethod @classmethod
def create_from_cloudformation_json(cls, resource_name, cloudformation_json, region_name): def create_from_cloudformation_json(cls, resource_name, cloudformation_json, region_name):
redshift_backend = redshift_backends[region_name] redshift_backend = redshift_backends[region_name]
@ -234,7 +236,11 @@ class Cluster(TaggableResourceMixin, BaseModel):
"Port": self.port "Port": self.port
}, },
"PendingModifiedValues": [], "PendingModifiedValues": [],
"Tags": self.tags "Tags": self.tags,
"IamRoles": [{
"ApplyStatus": "in-sync",
"IamRoleArn": iam_role_arn
} for iam_role_arn in self.iam_roles_arn]
} }
try: try:
@ -378,7 +384,7 @@ class Snapshot(TaggableResourceMixin, BaseModel):
resource_type = 'snapshot' resource_type = 'snapshot'
def __init__(self, cluster, snapshot_identifier, region_name, tags=None): def __init__(self, cluster, snapshot_identifier, region_name, tags=None, iam_roles_arn=None):
super(Snapshot, self).__init__(region_name, tags) super(Snapshot, self).__init__(region_name, tags)
self.cluster = copy.copy(cluster) self.cluster = copy.copy(cluster)
self.snapshot_identifier = snapshot_identifier self.snapshot_identifier = snapshot_identifier
@ -386,6 +392,7 @@ class Snapshot(TaggableResourceMixin, BaseModel):
self.status = 'available' self.status = 'available'
self.create_time = iso_8601_datetime_with_milliseconds( self.create_time = iso_8601_datetime_with_milliseconds(
datetime.datetime.now()) datetime.datetime.now())
self.iam_roles_arn = iam_roles_arn or []
@property @property
def resource_id(self): def resource_id(self):
@ -407,7 +414,11 @@ class Snapshot(TaggableResourceMixin, BaseModel):
'NodeType': self.cluster.node_type, 'NodeType': self.cluster.node_type,
'NumberOfNodes': self.cluster.number_of_nodes, 'NumberOfNodes': self.cluster.number_of_nodes,
'DBName': self.cluster.db_name, 'DBName': self.cluster.db_name,
'Tags': self.tags 'Tags': self.tags,
"IamRoles": [{
"ApplyStatus": "in-sync",
"IamRoleArn": iam_role_arn
} for iam_role_arn in self.iam_roles_arn]
} }

11
moto/redshift/responses.py
View File

@ -99,6 +99,12 @@ class RedshiftResponse(BaseResponse):
vpc_security_group_ids = self._get_multi_param('VpcSecurityGroupIds.VpcSecurityGroupId') vpc_security_group_ids = self._get_multi_param('VpcSecurityGroupIds.VpcSecurityGroupId')
return vpc_security_group_ids return vpc_security_group_ids
def _get_iam_roles(self):
iam_roles = self._get_multi_param('IamRoles.member')
if not iam_roles:
iam_roles = self._get_multi_param('IamRoles.IamRoleArn')
return iam_roles
def _get_subnet_ids(self): def _get_subnet_ids(self):
subnet_ids = self._get_multi_param('SubnetIds.member') subnet_ids = self._get_multi_param('SubnetIds.member')
if not subnet_ids: if not subnet_ids:
@ -127,7 +133,8 @@ class RedshiftResponse(BaseResponse):
"publicly_accessible": self._get_param("PubliclyAccessible"), "publicly_accessible": self._get_param("PubliclyAccessible"),
"encrypted": self._get_param("Encrypted"), "encrypted": self._get_param("Encrypted"),
"region_name": self.region, "region_name": self.region,
"tags": self.unpack_complex_list_params('Tags.Tag', ('Key', 'Value')) "tags": self.unpack_complex_list_params('Tags.Tag', ('Key', 'Value')),
"iam_roles_arn": self._get_iam_roles(),
} }
cluster = self.redshift_backend.create_cluster(**cluster_kwargs).to_json() cluster = self.redshift_backend.create_cluster(**cluster_kwargs).to_json()
cluster['ClusterStatus'] = 'creating' cluster['ClusterStatus'] = 'creating'
@ -162,6 +169,7 @@ class RedshiftResponse(BaseResponse):
"automated_snapshot_retention_period": self._get_int_param( "automated_snapshot_retention_period": self._get_int_param(
'AutomatedSnapshotRetentionPeriod'), 'AutomatedSnapshotRetentionPeriod'),
"region_name": self.region, "region_name": self.region,
"iam_roles_arn": self._get_iam_roles(),
} }
cluster = self.redshift_backend.restore_from_cluster_snapshot(**restore_kwargs).to_json() cluster = self.redshift_backend.restore_from_cluster_snapshot(**restore_kwargs).to_json()
cluster['ClusterStatus'] = 'creating' cluster['ClusterStatus'] = 'creating'
@ -209,6 +217,7 @@ class RedshiftResponse(BaseResponse):
"number_of_nodes": self._get_int_param('NumberOfNodes'), "number_of_nodes": self._get_int_param('NumberOfNodes'),
"publicly_accessible": self._get_param("PubliclyAccessible"), "publicly_accessible": self._get_param("PubliclyAccessible"),
"encrypted": self._get_param("Encrypted"), "encrypted": self._get_param("Encrypted"),
"iam_roles_arn": self._get_iam_roles(),
} }
cluster_kwargs = {} cluster_kwargs = {}
# We only want parameters that were actually passed in, otherwise # We only want parameters that were actually passed in, otherwise

18
tests/test_redshift/test_redshift.py
View File

@ -333,6 +333,24 @@ def test_create_cluster_with_vpc_security_groups_boto3():
list(group_ids).should.equal([security_group.id]) list(group_ids).should.equal([security_group.id])
@mock_redshift
def test_create_cluster_with_iam_roles():
iam_roles_arn = ['arn:aws:iam:::role/my-iam-role',]
client = boto3.client('redshift', region_name='us-east-1')
cluster_id = 'my_cluster'
client.create_cluster(
ClusterIdentifier=cluster_id,
NodeType="dw.hs1.xlarge",
MasterUsername="username",
MasterUserPassword="password",
IamRoles=iam_roles_arn
)
response = client.describe_clusters(ClusterIdentifier=cluster_id)
cluster = response['Clusters'][0]
iam_roles = [role['IamRoleArn'] for role in cluster['IamRoles']]
iam_roles_arn.should.equal(iam_roles)
@mock_redshift_deprecated @mock_redshift_deprecated
def test_create_cluster_with_parameter_group(): def test_create_cluster_with_parameter_group():
conn = boto.connect_redshift() conn = boto.connect_redshift()