from moto.core.exceptions import RESTError
from moto.core.responses import BaseResponse
from moto.utilities.aws_headers import amzn_request_id
from .models import elbv2_backends, ELBv2Backend
from .exceptions import TargetGroupNotFoundError
from .exceptions import ListenerOrBalancerMissingError
SSL_POLICIES = [
{
"name": "ELBSecurityPolicy-2016-08",
"ssl_protocols": ["TLSv1", "TLSv1.1", "TLSv1.2"],
"ciphers": [
{"name": "ECDHE-ECDSA-AES128-GCM-SHA256", "priority": 1},
{"name": "ECDHE-RSA-AES128-GCM-SHA256", "priority": 2},
{"name": "ECDHE-ECDSA-AES128-SHA256", "priority": 3},
{"name": "ECDHE-RSA-AES128-SHA256", "priority": 4},
{"name": "ECDHE-ECDSA-AES128-SHA", "priority": 5},
{"name": "ECDHE-RSA-AES128-SHA", "priority": 6},
{"name": "ECDHE-ECDSA-AES256-GCM-SHA384", "priority": 7},
{"name": "ECDHE-RSA-AES256-GCM-SHA384", "priority": 8},
{"name": "ECDHE-ECDSA-AES256-SHA384", "priority": 9},
{"name": "ECDHE-RSA-AES256-SHA384", "priority": 10},
{"name": "ECDHE-RSA-AES256-SHA", "priority": 11},
{"name": "ECDHE-ECDSA-AES256-SHA", "priority": 12},
{"name": "AES128-GCM-SHA256", "priority": 13},
{"name": "AES128-SHA256", "priority": 14},
{"name": "AES128-SHA", "priority": 15},
{"name": "AES256-GCM-SHA384", "priority": 16},
{"name": "AES256-SHA256", "priority": 17},
{"name": "AES256-SHA", "priority": 18},
],
},
{
"name": "ELBSecurityPolicy-TLS-1-2-2017-01",
"ssl_protocols": ["TLSv1.2"],
"ciphers": [
{"name": "ECDHE-ECDSA-AES128-GCM-SHA256", "priority": 1},
{"name": "ECDHE-RSA-AES128-GCM-SHA256", "priority": 2},
{"name": "ECDHE-ECDSA-AES128-SHA256", "priority": 3},
{"name": "ECDHE-RSA-AES128-SHA256", "priority": 4},
{"name": "ECDHE-ECDSA-AES256-GCM-SHA384", "priority": 5},
{"name": "ECDHE-RSA-AES256-GCM-SHA384", "priority": 6},
{"name": "ECDHE-ECDSA-AES256-SHA384", "priority": 7},
{"name": "ECDHE-RSA-AES256-SHA384", "priority": 8},
{"name": "AES128-GCM-SHA256", "priority": 9},
{"name": "AES128-SHA256", "priority": 10},
{"name": "AES256-GCM-SHA384", "priority": 11},
{"name": "AES256-SHA256", "priority": 12},
],
},
{
"name": "ELBSecurityPolicy-TLS-1-1-2017-01",
"ssl_protocols": ["TLSv1.1", "TLSv1.2"],
"ciphers": [
{"name": "ECDHE-ECDSA-AES128-GCM-SHA256", "priority": 1},
{"name": "ECDHE-RSA-AES128-GCM-SHA256", "priority": 2},
{"name": "ECDHE-ECDSA-AES128-SHA256", "priority": 3},
{"name": "ECDHE-RSA-AES128-SHA256", "priority": 4},
{"name": "ECDHE-ECDSA-AES128-SHA", "priority": 5},
{"name": "ECDHE-RSA-AES128-SHA", "priority": 6},
{"name": "ECDHE-ECDSA-AES256-GCM-SHA384", "priority": 7},
{"name": "ECDHE-RSA-AES256-GCM-SHA384", "priority": 8},
{"name": "ECDHE-ECDSA-AES256-SHA384", "priority": 9},
{"name": "ECDHE-RSA-AES256-SHA384", "priority": 10},
{"name": "ECDHE-RSA-AES256-SHA", "priority": 11},
{"name": "ECDHE-ECDSA-AES256-SHA", "priority": 12},
{"name": "AES128-GCM-SHA256", "priority": 13},
{"name": "AES128-SHA256", "priority": 14},
{"name": "AES128-SHA", "priority": 15},
{"name": "AES256-GCM-SHA384", "priority": 16},
{"name": "AES256-SHA256", "priority": 17},
{"name": "AES256-SHA", "priority": 18},
],
},
{
"name": "ELBSecurityPolicy-2015-05",
"ssl_protocols": ["TLSv1", "TLSv1.1", "TLSv1.2"],
"ciphers": [
{"name": "ECDHE-ECDSA-AES128-GCM-SHA256", "priority": 1},
{"name": "ECDHE-RSA-AES128-GCM-SHA256", "priority": 2},
{"name": "ECDHE-ECDSA-AES128-SHA256", "priority": 3},
{"name": "ECDHE-RSA-AES128-SHA256", "priority": 4},
{"name": "ECDHE-ECDSA-AES128-SHA", "priority": 5},
{"name": "ECDHE-RSA-AES128-SHA", "priority": 6},
{"name": "ECDHE-ECDSA-AES256-GCM-SHA384", "priority": 7},
{"name": "ECDHE-RSA-AES256-GCM-SHA384", "priority": 8},
{"name": "ECDHE-ECDSA-AES256-SHA384", "priority": 9},
{"name": "ECDHE-RSA-AES256-SHA384", "priority": 10},
{"name": "ECDHE-RSA-AES256-SHA", "priority": 11},
{"name": "ECDHE-ECDSA-AES256-SHA", "priority": 12},
{"name": "AES128-GCM-SHA256", "priority": 13},
{"name": "AES128-SHA256", "priority": 14},
{"name": "AES128-SHA", "priority": 15},
{"name": "AES256-GCM-SHA384", "priority": 16},
{"name": "AES256-SHA256", "priority": 17},
{"name": "AES256-SHA", "priority": 18},
],
},
{
"name": "ELBSecurityPolicy-TLS-1-0-2015-04",
"ssl_protocols": ["TLSv1", "TLSv1.1", "TLSv1.2"],
"ciphers": [
{"name": "ECDHE-ECDSA-AES128-GCM-SHA256", "priority": 1},
{"name": "ECDHE-RSA-AES128-GCM-SHA256", "priority": 2},
{"name": "ECDHE-ECDSA-AES128-SHA256", "priority": 3},
{"name": "ECDHE-RSA-AES128-SHA256", "priority": 4},
{"name": "ECDHE-ECDSA-AES128-SHA", "priority": 5},
{"name": "ECDHE-RSA-AES128-SHA", "priority": 6},
{"name": "ECDHE-ECDSA-AES256-GCM-SHA384", "priority": 7},
{"name": "ECDHE-RSA-AES256-GCM-SHA384", "priority": 8},
{"name": "ECDHE-ECDSA-AES256-SHA384", "priority": 9},
{"name": "ECDHE-RSA-AES256-SHA384", "priority": 10},
{"name": "ECDHE-RSA-AES256-SHA", "priority": 11},
{"name": "ECDHE-ECDSA-AES256-SHA", "priority": 12},
{"name": "AES128-GCM-SHA256", "priority": 13},
{"name": "AES128-SHA256", "priority": 14},
{"name": "AES128-SHA", "priority": 15},
{"name": "AES256-GCM-SHA384", "priority": 16},
{"name": "AES256-SHA256", "priority": 17},
{"name": "AES256-SHA", "priority": 18},
{"name": "DES-CBC3-SHA", "priority": 19},
],
},
{
"name": "ELBSecurityPolicy-FS-1-2-Res-2020-10",
"ssl_protocols": ["TLSv1.2"],
"ciphers": [
{"name": "ECDHE-ECDSA-AES128-GCM-SHA256", "priority": 1},
{"name": "ECDHE-RSA-AES128-GCM-SHA256", "priority": 2},
{"name": "ECDHE-ECDSA-AES256-GCM-SHA384", "priority": 3},
{"name": "ECDHE-RSA-AES256-GCM-SHA384", "priority": 4},
],
},
]
class ELBV2Response(BaseResponse):
def __init__(self) -> None:
super().__init__(service_name="elbv2")
@property
def elbv2_backend(self) -> ELBv2Backend:
return elbv2_backends[self.current_account][self.region]
@amzn_request_id
def create_load_balancer(self) -> str:
params = self._get_params()
load_balancer_name = params.get("Name")
subnet_ids = self._get_multi_param("Subnets.member")
subnet_mappings = params.get("SubnetMappings", [])
security_groups = self._get_multi_param("SecurityGroups.member")
scheme = params.get("Scheme")
loadbalancer_type = params.get("Type")
tags = params.get("Tags")
load_balancer = self.elbv2_backend.create_load_balancer(
name=load_balancer_name, # type: ignore
security_groups=security_groups,
subnet_ids=subnet_ids,
subnet_mappings=subnet_mappings,
scheme=scheme, # type: ignore
loadbalancer_type=loadbalancer_type,
tags=tags,
)
template = self.response_template(CREATE_LOAD_BALANCER_TEMPLATE)
return template.render(load_balancer=load_balancer)
@amzn_request_id
def create_rule(self) -> str:
params = self._get_params()
rules = self.elbv2_backend.create_rule(
listener_arn=params["ListenerArn"],
conditions=params["Conditions"],
priority=params["Priority"],
actions=params["Actions"],
tags=params.get("Tags"),
)
template = self.response_template(CREATE_RULE_TEMPLATE)
return template.render(rules=rules)
@amzn_request_id
def create_target_group(self) -> str:
params = self._get_params()
name = params.get("Name")
vpc_id = params.get("VpcId")
protocol = params.get("Protocol")
protocol_version = params.get("ProtocolVersion", "HTTP1")
port = params.get("Port")
healthcheck_protocol = self._get_param("HealthCheckProtocol")
healthcheck_port = self._get_param("HealthCheckPort")
healthcheck_path = self._get_param("HealthCheckPath")
healthcheck_interval_seconds = self._get_param("HealthCheckIntervalSeconds")
healthcheck_timeout_seconds = self._get_param("HealthCheckTimeoutSeconds")
healthcheck_enabled = self._get_param("HealthCheckEnabled")
healthy_threshold_count = self._get_param("HealthyThresholdCount")
unhealthy_threshold_count = self._get_param("UnhealthyThresholdCount")
matcher = params.get("Matcher")
target_type = params.get("TargetType")
tags = params.get("Tags")
target_group = self.elbv2_backend.create_target_group(
name, # type: ignore
vpc_id=vpc_id,
protocol=protocol,
protocol_version=protocol_version,
port=port,
healthcheck_protocol=healthcheck_protocol,
healthcheck_port=healthcheck_port,
healthcheck_path=healthcheck_path,
healthcheck_interval_seconds=healthcheck_interval_seconds,
healthcheck_timeout_seconds=healthcheck_timeout_seconds,
healthcheck_enabled=healthcheck_enabled,
healthy_threshold_count=healthy_threshold_count,
unhealthy_threshold_count=unhealthy_threshold_count,
matcher=matcher,
target_type=target_type,
tags=tags,
)
template = self.response_template(CREATE_TARGET_GROUP_TEMPLATE)
return template.render(target_group=target_group)
@amzn_request_id
def create_listener(self) -> str:
params = self._get_params()
load_balancer_arn = self._get_param("LoadBalancerArn")
protocol = self._get_param("Protocol")
port = self._get_param("Port")
ssl_policy = self._get_param("SslPolicy", "ELBSecurityPolicy-2016-08")
certificates = self._get_list_prefix("Certificates.member")
if certificates:
certificate = certificates[0].get("certificate_arn")
else:
certificate = None
default_actions = params.get("DefaultActions", [])
alpn_policy = params.get("AlpnPolicy", [])
tags = params.get("Tags")
listener = self.elbv2_backend.create_listener(
load_balancer_arn=load_balancer_arn,
protocol=protocol,
port=port,
ssl_policy=ssl_policy,
certificate=certificate,
actions=default_actions,
alpn_policy=alpn_policy,
tags=tags,
)
template = self.response_template(CREATE_LISTENER_TEMPLATE)
return template.render(listener=listener)
@amzn_request_id
def describe_load_balancers(self) -> str:
arns = self._get_multi_param("LoadBalancerArns.member")
names = self._get_multi_param("Names.member")
all_load_balancers = list(
self.elbv2_backend.describe_load_balancers(arns, names)
)
marker = self._get_param("Marker")
all_names = [balancer.name for balancer in all_load_balancers]
if marker:
start = all_names.index(marker) + 1
else:
start = 0
page_size = self._get_int_param(
"PageSize", 50
) # the default is 400, but using 50 to make testing easier
load_balancers_resp = all_load_balancers[start : start + page_size]
next_marker = None
if len(all_load_balancers) > start + page_size:
next_marker = load_balancers_resp[-1].name
template = self.response_template(DESCRIBE_LOAD_BALANCERS_TEMPLATE)
return template.render(load_balancers=load_balancers_resp, marker=next_marker)
@amzn_request_id
def describe_rules(self) -> str:
listener_arn = self._get_param("ListenerArn")
rule_arns = (
self._get_multi_param("RuleArns.member")
if any(
k
for k in list(self.querystring.keys())
if k.startswith("RuleArns.member")
)
else None
)
all_rules = list(self.elbv2_backend.describe_rules(listener_arn, rule_arns))
all_arns = [rule.arn for rule in all_rules]
page_size = self._get_int_param("PageSize", 50) # set 50 for temporary
marker = self._get_param("Marker")
if marker:
start = all_arns.index(marker) + 1
else:
start = 0
rules_resp = all_rules[start : start + page_size]
next_marker = None
if len(all_rules) > start + page_size:
next_marker = rules_resp[-1].arn
template = self.response_template(DESCRIBE_RULES_TEMPLATE)
return template.render(rules=rules_resp, marker=next_marker)
@amzn_request_id
def describe_target_groups(self) -> str:
load_balancer_arn = self._get_param("LoadBalancerArn")
target_group_arns = self._get_multi_param("TargetGroupArns.member")
names = self._get_multi_param("Names.member")
target_groups = self.elbv2_backend.describe_target_groups(
load_balancer_arn, target_group_arns, names
)
template = self.response_template(DESCRIBE_TARGET_GROUPS_TEMPLATE)
return template.render(target_groups=target_groups)
@amzn_request_id
def describe_target_group_attributes(self) -> str:
target_group_arn = self._get_param("TargetGroupArn")
target_group = self.elbv2_backend.target_groups.get(target_group_arn)
if not target_group:
raise TargetGroupNotFoundError()
template = self.response_template(DESCRIBE_TARGET_GROUP_ATTRIBUTES_TEMPLATE)
return template.render(attributes=target_group.attributes)
@amzn_request_id
def describe_listeners(self) -> str:
load_balancer_arn = self._get_param("LoadBalancerArn")
listener_arns = self._get_multi_param("ListenerArns.member")
if not load_balancer_arn and not listener_arns:
raise ListenerOrBalancerMissingError()
listeners = self.elbv2_backend.describe_listeners(
load_balancer_arn, listener_arns
)
template = self.response_template(DESCRIBE_LISTENERS_TEMPLATE)
return template.render(listeners=listeners)
@amzn_request_id
def delete_load_balancer(self) -> str:
arn = self._get_param("LoadBalancerArn")
self.elbv2_backend.delete_load_balancer(arn)
template = self.response_template(DELETE_LOAD_BALANCER_TEMPLATE)
return template.render()
@amzn_request_id
def delete_rule(self) -> str:
arn = self._get_param("RuleArn")
self.elbv2_backend.delete_rule(arn)
template = self.response_template(DELETE_RULE_TEMPLATE)
return template.render()
@amzn_request_id
def delete_target_group(self) -> str:
arn = self._get_param("TargetGroupArn")
self.elbv2_backend.delete_target_group(arn)
template = self.response_template(DELETE_TARGET_GROUP_TEMPLATE)
return template.render()
@amzn_request_id
def delete_listener(self) -> str:
arn = self._get_param("ListenerArn")
self.elbv2_backend.delete_listener(arn)
template = self.response_template(DELETE_LISTENER_TEMPLATE)
return template.render()
@amzn_request_id
def modify_rule(self) -> str:
rule_arn = self._get_param("RuleArn")
params = self._get_params()
conditions = params.get("Conditions", [])
actions = params.get("Actions", [])
rules = self.elbv2_backend.modify_rule(
rule_arn=rule_arn, conditions=conditions, actions=actions
)
template = self.response_template(MODIFY_RULE_TEMPLATE)
return template.render(rules=rules)
@amzn_request_id
def modify_target_group_attributes(self) -> str:
target_group_arn = self._get_param("TargetGroupArn")
attrs = self._get_list_prefix("Attributes.member")
attributes = {attr["key"]: attr["value"] for attr in attrs}
self.elbv2_backend.modify_target_group_attributes(target_group_arn, attributes)
template = self.response_template(MODIFY_TARGET_GROUP_ATTRIBUTES_TEMPLATE)
return template.render(attributes=attributes)
@amzn_request_id
def register_targets(self) -> str:
target_group_arn = self._get_param("TargetGroupArn")
targets = self._get_list_prefix("Targets.member")
self.elbv2_backend.register_targets(target_group_arn, targets)
template = self.response_template(REGISTER_TARGETS_TEMPLATE)
return template.render()
@amzn_request_id
def deregister_targets(self) -> str:
target_group_arn = self._get_param("TargetGroupArn")
targets = self._get_list_prefix("Targets.member")
self.elbv2_backend.deregister_targets(target_group_arn, targets)
template = self.response_template(DEREGISTER_TARGETS_TEMPLATE)
return template.render()
@amzn_request_id
def describe_target_health(self) -> str:
target_group_arn = self._get_param("TargetGroupArn")
targets = self._get_list_prefix("Targets.member")
target_health_descriptions = self.elbv2_backend.describe_target_health(
target_group_arn, targets
)
template = self.response_template(DESCRIBE_TARGET_HEALTH_TEMPLATE)
return template.render(target_health_descriptions=target_health_descriptions)
@amzn_request_id
def set_rule_priorities(self) -> str:
rule_priorities = self._get_list_prefix("RulePriorities.member")
for rule_priority in rule_priorities:
rule_priority["priority"] = int(rule_priority["priority"])
rules = self.elbv2_backend.set_rule_priorities(rule_priorities)
template = self.response_template(SET_RULE_PRIORITIES_TEMPLATE)
return template.render(rules=rules)
@amzn_request_id
def add_tags(self) -> str:
resource_arns = self._get_multi_param("ResourceArns.member")
tags = self._get_params().get("Tags")
self.elbv2_backend.add_tags(resource_arns, tags) # type: ignore
template = self.response_template(ADD_TAGS_TEMPLATE)
return template.render()
@amzn_request_id
def remove_tags(self) -> str:
resource_arns = self._get_multi_param("ResourceArns.member")
tag_keys = self._get_multi_param("TagKeys.member")
self.elbv2_backend.remove_tags(resource_arns, tag_keys)
template = self.response_template(REMOVE_TAGS_TEMPLATE)
return template.render()
@amzn_request_id
def describe_tags(self) -> str:
resource_arns = self._get_multi_param("ResourceArns.member")
resource_tags = self.elbv2_backend.describe_tags(resource_arns)
template = self.response_template(DESCRIBE_TAGS_TEMPLATE)
return template.render(resource_tags=resource_tags)
@amzn_request_id
def describe_account_limits(self) -> str:
# Supports paging but not worth implementing yet
# marker = self._get_param('Marker')
# page_size = self._get_int_param('PageSize')
limits = {
"application-load-balancers": 20,
"target-groups": 3000,
"targets-per-application-load-balancer": 30,
"listeners-per-application-load-balancer": 50,
"rules-per-application-load-balancer": 100,
"network-load-balancers": 20,
"targets-per-network-load-balancer": 200,
"listeners-per-network-load-balancer": 50,
}
template = self.response_template(DESCRIBE_LIMITS_TEMPLATE)
return template.render(limits=limits)
@amzn_request_id
def describe_ssl_policies(self) -> str:
names = self._get_multi_param("Names.member.")
# Supports paging but not worth implementing yet
# marker = self._get_param('Marker')
# page_size = self._get_int_param('PageSize')
policies = SSL_POLICIES
if names:
policies = filter(lambda policy: policy["name"] in names, policies) # type: ignore
template = self.response_template(DESCRIBE_SSL_POLICIES_TEMPLATE)
return template.render(policies=policies)
@amzn_request_id
def set_ip_address_type(self) -> str:
arn = self._get_param("LoadBalancerArn")
ip_type = self._get_param("IpAddressType")
self.elbv2_backend.set_ip_address_type(arn, ip_type)
template = self.response_template(SET_IP_ADDRESS_TYPE_TEMPLATE)
return template.render(ip_type=ip_type)
@amzn_request_id
def set_security_groups(self) -> str:
arn = self._get_param("LoadBalancerArn")
sec_groups = self._get_multi_param("SecurityGroups.member.")
self.elbv2_backend.set_security_groups(arn, sec_groups)
template = self.response_template(SET_SECURITY_GROUPS_TEMPLATE)
return template.render(sec_groups=sec_groups)
@amzn_request_id
def set_subnets(self) -> str:
arn = self._get_param("LoadBalancerArn")
subnets = self._get_multi_param("Subnets.member.")
subnet_mappings = self._get_params().get("SubnetMappings", [])
subnet_zone_list = self.elbv2_backend.set_subnets(arn, subnets, subnet_mappings)
template = self.response_template(SET_SUBNETS_TEMPLATE)
return template.render(subnets=subnet_zone_list)
@amzn_request_id
def modify_load_balancer_attributes(self) -> str:
arn = self._get_param("LoadBalancerArn")
attrs = self._get_map_prefix(
"Attributes.member", key_end="Key", value_end="Value"
)
all_attrs = self.elbv2_backend.modify_load_balancer_attributes(arn, attrs)
template = self.response_template(MODIFY_LOADBALANCER_ATTRS_TEMPLATE)
return template.render(attrs=all_attrs)
@amzn_request_id
def describe_load_balancer_attributes(self) -> str:
arn = self._get_param("LoadBalancerArn")
attrs = self.elbv2_backend.describe_load_balancer_attributes(arn)
template = self.response_template(DESCRIBE_LOADBALANCER_ATTRS_TEMPLATE)
return template.render(attrs=attrs)
@amzn_request_id
def modify_target_group(self) -> str:
arn = self._get_param("TargetGroupArn")
health_check_proto = self._get_param(
"HealthCheckProtocol"
) # 'HTTP' | 'HTTPS' | 'TCP',
health_check_port = self._get_param("HealthCheckPort")
health_check_path = self._get_param("HealthCheckPath")
health_check_interval = self._get_param("HealthCheckIntervalSeconds")
health_check_timeout = self._get_param("HealthCheckTimeoutSeconds")
health_check_enabled = self._get_param("HealthCheckEnabled")
healthy_threshold_count = self._get_param("HealthyThresholdCount")
unhealthy_threshold_count = self._get_param("UnhealthyThresholdCount")
http_codes = self._get_param("Matcher.HttpCode")
target_group = self.elbv2_backend.modify_target_group(
arn,
health_check_proto,
health_check_port,
health_check_path,
health_check_interval,
health_check_timeout,
healthy_threshold_count,
unhealthy_threshold_count,
http_codes,
health_check_enabled=health_check_enabled,
)
template = self.response_template(MODIFY_TARGET_GROUP_TEMPLATE)
return template.render(target_group=target_group)
@amzn_request_id
def modify_listener(self) -> str:
arn = self._get_param("ListenerArn")
port = self._get_param("Port")
protocol = self._get_param("Protocol")
ssl_policy = self._get_param("SslPolicy")
certificates = self._get_list_prefix("Certificates.member")
default_actions = self._get_params().get("DefaultActions", [])
# Should really move SSL Policies to models
if ssl_policy is not None and ssl_policy not in [
item["name"] for item in SSL_POLICIES
]:
raise RESTError("SSLPolicyNotFound", f"Policy {ssl_policy} not found")
listener = self.elbv2_backend.modify_listener(
arn, port, protocol, ssl_policy, certificates, default_actions
)
template = self.response_template(MODIFY_LISTENER_TEMPLATE)
return template.render(listener=listener)
@amzn_request_id
def add_listener_certificates(self) -> str:
arn = self._get_param("ListenerArn")
certificates = self._get_list_prefix("Certificates.member")
certificate_arns = self.elbv2_backend.add_listener_certificates(
arn, certificates
)
template = self.response_template(ADD_LISTENER_CERTIFICATES_TEMPLATE)
return template.render(certificates=certificate_arns)
@amzn_request_id
def describe_listener_certificates(self) -> str:
arn = self._get_param("ListenerArn")
certificates = self.elbv2_backend.describe_listener_certificates(arn)
template = self.response_template(DESCRIBE_LISTENER_CERTIFICATES_TEMPLATE)
return template.render(certificates=certificates)
@amzn_request_id
def remove_listener_certificates(self) -> str:
arn = self._get_param("ListenerArn")
certificates = self._get_list_prefix("Certificates.member")
self.elbv2_backend.remove_listener_certificates(arn, certificates)
template = self.response_template(REMOVE_LISTENER_CERTIFICATES_TEMPLATE)
return template.render()
ADD_TAGS_TEMPLATE = """
{{ request_id }}
"""
REMOVE_TAGS_TEMPLATE = """
{{ request_id }}
"""
DESCRIBE_TAGS_TEMPLATE = """
{% for resource_arn, tags in resource_tags.items() %}
{{ resource_arn }}
{% for key, value in tags.items() %}
{{ value }}
{{ key }}
{% endfor %}
{% endfor %}
{{ request_id }}
"""
CREATE_LOAD_BALANCER_TEMPLATE = """
{{ load_balancer.arn }}
{{ load_balancer.scheme }}
{{ load_balancer.name }}
{{ load_balancer.vpc_id }}
Z2P70J7EXAMPLE
{{ load_balancer.created_time }}
{% for subnet in load_balancer.subnets %}
{{ subnet.id }}
{{ subnet.availability_zone }}
{% endfor %}
{% for security_group in load_balancer.security_groups %}
{{ security_group }}
{% endfor %}
{{ load_balancer.dns_name }}
{{ load_balancer.state }}
{{ load_balancer.loadbalancer_type }}
{{ request_id }}
"""
CREATE_RULE_TEMPLATE = """
{{ "true" if rules.is_default else "false" }}
{% for condition in rules.conditions %}
{{ condition["Field"] }}
{% if "Values" in condition %}
{% for value in condition["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HttpHeaderConfig" in condition %}
{{ condition["HttpHeaderConfig"]["HttpHeaderName"] }}
{% for value in condition["HttpHeaderConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HttpRequestMethodConfig" in condition %}
{% for value in condition["HttpRequestMethodConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "QueryStringConfig" in condition %}
{% for value in condition["QueryStringConfig"]["Values"] %}
{{ value["Key"] }}
{{ value["Value"] }}
{% endfor %}
{% endif %}
{% if "SourceIpConfig" in condition %}
{% for value in condition["SourceIpConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "PathPatternConfig" in condition %}
{% for value in condition["PathPatternConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HostHeaderConfig" in condition %}
{% for value in condition["HostHeaderConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% endfor %}
{{ rules.priority }}
{{ rules.arn }}
{% for action in rules.actions %}
{{ action.to_xml() }}
{% endfor %}
{{ request_id }}
"""
CREATE_TARGET_GROUP_TEMPLATE = """
{{ target_group.arn }}
{{ target_group.name }}
{% if target_group.protocol %}
{{ target_group.protocol }}
{% endif %}
{% if target_group.port %}
{{ target_group.port }}
{% endif %}
{% if target_group.vpc_id %}
{{ target_group.vpc_id }}
{% endif %}
{{ target_group.healthcheck_protocol }}
{% if target_group.healthcheck_port %}{{ target_group.healthcheck_port }}{% endif %}
{{ target_group.healthcheck_path or '' }}
{{ target_group.healthcheck_interval_seconds }}
{{ target_group.healthcheck_timeout_seconds }}
{{ target_group.healthcheck_enabled and 'true' or 'false' }}
{{ target_group.healthy_threshold_count }}
{{ target_group.unhealthy_threshold_count }}
{% if target_group.matcher %}
{{ target_group.matcher['HttpCode'] }}
{% endif %}
{% if target_group.target_type %}
{{ target_group.target_type }}
{% endif %}
{{ request_id }}
"""
CREATE_LISTENER_TEMPLATE = """
{{ listener.load_balancer_arn }}
{{ listener.protocol }}
{% if listener.certificates %}
{% for cert in listener.certificates %}
{{ cert }}
{% endfor %}
{% endif %}
{% if listener.port %}
{{ listener.port }}
{% endif %}
{{ listener.ssl_policy }}
{{ listener.arn }}
{% for action in listener.default_actions %}
{{ action.to_xml() }}
{% endfor %}
{% for policy in listener.alpn_policy %}
{{ policy }}
{% endfor %}
{{ request_id }}
"""
DELETE_LOAD_BALANCER_TEMPLATE = """
{{ request_id }}
"""
DELETE_RULE_TEMPLATE = """
{{ request_id }}
"""
DELETE_TARGET_GROUP_TEMPLATE = """
{{ request_id }}
"""
DELETE_LISTENER_TEMPLATE = """
{{ request_id }}
"""
DESCRIBE_LOAD_BALANCERS_TEMPLATE = """
{% for load_balancer in load_balancers %}
{{ load_balancer.arn }}
{{ load_balancer.scheme }}
{{ load_balancer.name }}
{{ load_balancer.vpc_id }}
Z2P70J7EXAMPLE
{{ load_balancer.created_time }}
{% for subnet in load_balancer.subnets %}
{{ subnet.id }}
{{ subnet.availability_zone }}
{% endfor %}
{% for security_group in load_balancer.security_groups %}
{{ security_group }}
{% endfor %}
{{ load_balancer.dns_name }}
{{ load_balancer.state }}
{{ load_balancer.loadbalancer_type }}
ipv4
{% endfor %}
{% if marker %}
{{ marker }}
{% endif %}
{{ request_id }}
"""
DESCRIBE_RULES_TEMPLATE = """
{% for rule in rules %}
{{ "true" if rule.is_default else "false" }}
{% for condition in rule.conditions %}
{{ condition["Field"] }}
{% if "HttpHeaderConfig" in condition %}
{{ condition["HttpHeaderConfig"]["HttpHeaderName"] }}
{% for value in condition["HttpHeaderConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HttpRequestMethodConfig" in condition %}
{% for value in condition["HttpRequestMethodConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "QueryStringConfig" in condition %}
{% for value in condition["QueryStringConfig"]["Values"] %}
{{ value["Key"] }}
{{ value["Value"] }}
{% endfor %}
{% endif %}
{% if "SourceIpConfig" in condition %}
{% for value in condition["SourceIpConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "PathPatternConfig" in condition %}
{% for value in condition["PathPatternConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HostHeaderConfig" in condition %}
{% for value in condition["HostHeaderConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "Values" in condition %}
{% for value in condition["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% endfor %}
{{ rule.priority }}
{{ rule.arn }}
{% for action in rule.actions %}
{{ action.to_xml() }}
{% endfor %}
{% endfor %}
{% if marker %}
{{ marker }}
{% endif %}
{{ request_id }}
"""
DESCRIBE_TARGET_GROUPS_TEMPLATE = """
{% for target_group in target_groups %}
{{ target_group.arn }}
{{ target_group.name }}
{% if target_group.protocol %}
{{ target_group.protocol }}
{{ target_group.protocol_version }}
{% endif %}
{% if target_group.port %}
{{ target_group.port }}
{% endif %}
{% if target_group.vpc_id %}
{{ target_group.vpc_id }}
{% endif %}
{{ target_group.healthcheck_protocol }}
{% if target_group.healthcheck_port %}{{ target_group.healthcheck_port }}{% endif %}
{{ target_group.healthcheck_path or '' }}
{{ target_group.healthcheck_interval_seconds }}
{{ target_group.healthcheck_timeout_seconds }}
{{ target_group.healthcheck_enabled and 'true' or 'false' }}
{{ target_group.healthy_threshold_count }}
{{ target_group.unhealthy_threshold_count }}
{% if target_group.matcher %}
{{ target_group.matcher['HttpCode'] }}
{% endif %}
{% if target_group.target_type %}
{{ target_group.target_type }}
{% endif %}
{% for load_balancer_arn in target_group.load_balancer_arns %}
{{ load_balancer_arn }}
{% endfor %}
{% endfor %}
{{ request_id }}
"""
DESCRIBE_TARGET_GROUP_ATTRIBUTES_TEMPLATE = """
{% for key, value in attributes.items() %}
{{ key }}
{{ value }}
{% endfor %}
{{ request_id }}
"""
DESCRIBE_LISTENERS_TEMPLATE = """
{% for listener in listeners %}
{{ listener.load_balancer_arn }}
{{ listener.protocol }}
{% if listener.certificate %}
{{ listener.certificate }}
{% endif %}
{% if listener.port %}{{ listener.port }}{% endif %}
{{ listener.ssl_policy }}
{{ listener.arn }}
{% for action in listener.default_actions %}
{{ action.to_xml() }}
{% endfor %}
{% for policy in listener.alpn_policy %}
{{ policy }}
{% endfor %}
{% endfor %}
{{ request_id }}
"""
CONFIGURE_HEALTH_CHECK_TEMPLATE = """
{{ check.interval }}
{{ check.target }}
{{ check.healthy_threshold }}
{{ check.timeout }}
{{ check.unhealthy_threshold }}
{{ request_id }}
"""
MODIFY_RULE_TEMPLATE = """
{{ "true" if rules.is_default else "false" }}
{% for condition in rules.conditions %}
{{ condition["Field"] }}
{% if "PathPatternConfig" in condition %}
{% for value in condition["PathPatternConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HostHeaderConfig" in condition %}
{% for value in condition["HostHeaderConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HttpHeaderConfig" in condition %}
{{ condition["HttpHeaderConfig"]["HttpHeaderName"] }}
{% for value in condition["HttpHeaderConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HttpRequestMethodConfig" in condition %}
{% for value in condition["HttpRequestMethodConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "QueryStringConfig" in condition %}
{% for value in condition["QueryStringConfig"]["Values"] %}
{{ value["Key"] }}
{{ value["Value"] }}
{% endfor %}
{% endif %}
{% if "SourceIpConfig" in condition %}
{% for value in condition["SourceIpConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "Values" in condition %}
{% for value in condition["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% endfor %}
{{ rules.priority }}
{{ rules.arn }}
{% for action in rules.actions %}
{{ action.to_xml() }}
{% endfor %}
{{ request_id }}
"""
MODIFY_TARGET_GROUP_ATTRIBUTES_TEMPLATE = """
{% for key, value in attributes.items() %}
{{ key }}
{{ value }}
{% endfor %}
{{ request_id }}
"""
REGISTER_TARGETS_TEMPLATE = """
{{ request_id }}
"""
DEREGISTER_TARGETS_TEMPLATE = """
{{ request_id }}
"""
SET_LOAD_BALANCER_SSL_CERTIFICATE = """
{{ request_id }}
"""
DELETE_LOAD_BALANCER_LISTENERS = """
{{ request_id }}
"""
DESCRIBE_ATTRIBUTES_TEMPLATE = """
{{ attributes.access_log.enabled }}
{% if attributes.access_log.enabled %}
{{ attributes.access_log.s3_bucket_name }}
{{ attributes.access_log.s3_bucket_prefix }}
{{ attributes.access_log.emit_interval }}
{% endif %}
{{ attributes.connecting_settings.idle_timeout }}
{{ attributes.cross_zone_load_balancing.enabled }}
{% if attributes.connection_draining.enabled %}
true
{{ attributes.connection_draining.timeout }}
{% else %}
false
{% endif %}
{{ request_id }}
"""
MODIFY_ATTRIBUTES_TEMPLATE = """
{{ load_balancer.name }}
{{ attributes.access_log.enabled }}
{% if attributes.access_log.enabled %}
{{ attributes.access_log.s3_bucket_name }}
{{ attributes.access_log.s3_bucket_prefix }}
{{ attributes.access_log.emit_interval }}
{% endif %}
{{ attributes.connecting_settings.idle_timeout }}
{{ attributes.cross_zone_load_balancing.enabled }}
{% if attributes.connection_draining.enabled %}
true
{{ attributes.connection_draining.timeout }}
{% else %}
false
{% endif %}
{{ request_id }}
"""
CREATE_LOAD_BALANCER_POLICY_TEMPLATE = """
{{ request_id }}
"""
SET_LOAD_BALANCER_POLICIES_OF_LISTENER_TEMPLATE = """
{{ request_id }}
"""
SET_LOAD_BALANCER_POLICIES_FOR_BACKEND_SERVER_TEMPLATE = """
{{ request_id }}
"""
DESCRIBE_TARGET_HEALTH_TEMPLATE = """
{% for target_health in target_health_descriptions %}
{% if target_health.health_port %}{{ target_health.health_port }}{% endif %}
{{ target_health.status }}
{% if target_health.reason %}
{{ target_health.reason }}
{% endif %}
{% if target_health.description %}
{{ target_health.description }}
{% endif %}
{% if target_health.port %}
{{ target_health.port }}
{% endif %}
{{ target_health.instance_id }}
{% endfor %}
{{ request_id }}
"""
SET_RULE_PRIORITIES_TEMPLATE = """
{% for rule in rules %}
{{ "true" if rule.is_default else "false" }}
{% for condition in rule.conditions %}
{{ condition["Field"] }}
{% if "Values" in condition %}
{% for value in condition["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HttpHeaderConfig" in condition %}
{{ condition["HttpHeaderConfig"]["HttpHeaderName"] }}
{% for value in condition["HttpHeaderConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HttpRequestMethodConfig" in condition %}
{% for value in condition["HttpRequestMethodConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "QueryStringConfig" in condition %}
{% for value in condition["QueryStringConfig"]["Values"] %}
{{ value["Key"] }}
{{ value["Value"] }}
{% endfor %}
{% endif %}
{% if "SourceIpConfig" in condition %}
{% for value in condition["SourceIpConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "PathPatternConfig" in condition %}
{% for value in condition["PathPatternConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% if "HostHeaderConfig" in condition %}
{% for value in condition["HostHeaderConfig"]["Values"] %}
{{ value }}
{% endfor %}
{% endif %}
{% endfor %}
{{ rule.priority }}
{{ rule.arn }}
{% for action in rule.actions %}
{{ action.to_xml() }}
{% endfor %}
{% endfor %}
{{ request_id }}
"""
DESCRIBE_LIMITS_TEMPLATE = """
{% for key, value in limits.items() %}
{{ key }}
{{ value }}
{% endfor %}
{{ request_id }}
"""
DESCRIBE_SSL_POLICIES_TEMPLATE = """
{% for policy in policies %}
{{ policy['name'] }}
{% for cipher in policy['ciphers'] %}
{{ cipher['name'] }}
{{ cipher['priority'] }}
{% endfor %}
{% for proto in policy['ssl_protocols'] %}
{{ proto }}
{% endfor %}
{% endfor %}
{{ request_id }}
"""
SET_IP_ADDRESS_TYPE_TEMPLATE = """
{{ ip_type }}
{{ request_id }}
"""
SET_SECURITY_GROUPS_TEMPLATE = """
{% for group in sec_groups %}
{{ group }}
{% endfor %}
{{ request_id }}
"""
SET_SUBNETS_TEMPLATE = """
{% for zone_id, subnet_id in subnets.items() %}
{{ subnet_id }}
{{ zone_id }}
{% endfor %}
{{ request_id }}
"""
MODIFY_LOADBALANCER_ATTRS_TEMPLATE = """
{% for key, value in attrs.items() %}
{% if value == None %}{% else %}{{ value }}{% endif %}
{{ key }}
{% endfor %}
{{ request_id }}
"""
DESCRIBE_LOADBALANCER_ATTRS_TEMPLATE = """
{% for key, value in attrs.items() %}
{% if value == None %}{% else %}{{ value }}{% endif %}
{{ key }}
{% endfor %}
{{ request_id }}
"""
MODIFY_TARGET_GROUP_TEMPLATE = """
{{ target_group.arn }}
{{ target_group.name }}
{{ target_group.protocol }}
{% if target_group.port %}{{ target_group.port }}{% endif %}
{{ target_group.vpc_id }}
{{ target_group.healthcheck_protocol }}
{% if target_group.healthcheck_port %}{{ target_group.healthcheck_port }}{% endif %}
{{ target_group.healthcheck_path }}
{{ target_group.healthcheck_interval_seconds }}
{{ target_group.healthcheck_timeout_seconds }}
{{ target_group.healthy_threshold_count }}
{{ target_group.unhealthy_threshold_count }}
{% if target_group.protocol in ["HTTP", "HTTPS"] %}
{{ target_group.matcher['HttpCode'] }}
{% endif %}
{% for load_balancer_arn in target_group.load_balancer_arns %}
{{ load_balancer_arn }}
{% endfor %}
{{ request_id }}
"""
MODIFY_LISTENER_TEMPLATE = """
{{ listener.load_balancer_arn }}
{{ listener.protocol }}
{% if listener.certificates %}
{% for cert in listener.certificates %}
{{ cert["certificate_arn"] }}
{% endfor %}
{% endif %}
{{ listener.port }}
{{ listener.ssl_policy }}
{{ listener.arn }}
{% for action in listener.default_actions %}
{{ action.to_xml() }}
{% endfor %}
{{ request_id }}
"""
ADD_LISTENER_CERTIFICATES_TEMPLATE = """
{% for cert in certificates %}
{{ cert }}
{% endfor %}
{{ request_id }}
"""
DESCRIBE_LISTENER_CERTIFICATES_TEMPLATE = """
{% for cert in certificates %}
{{ cert }}
{% endfor %}
{{ request_id }}
"""
REMOVE_LISTENER_CERTIFICATES_TEMPLATE = """
{{ request_id }}
"""