Last active
August 29, 2015 14:18
-
-
Save joninvski/33f1dc02ff1d2f0d1e89 to your computer and use it in GitHub Desktop.
aws_boto_example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto.ec2 | |
| import boto.vpc | |
| import boto.rds2 | |
| ###### Configurations ###### | |
| PROJECT = "Testing" # This is the tag name for all resources | |
| ACCESS_KEY = "SECRET" | |
| SECRET_KEY = "SECRET" | |
| REGION_NAME = 'us-west-2' | |
| FIRST_AZ = REGION_NAME + 'a' | |
| SECOND_AZ = REGION_NAME + 'b' | |
| THIRD_AZ = REGION_NAME + 'c' | |
| AMI_IMAGE = "ami-e7527ed7" # For us-west | |
| DB_AVAILABILITY_ZONE = FIRST_AZ | |
| DB_AUTO_BACKUP_DAYS = 0 | |
| DB_PORT = 5432 | |
| DB_USER = "user" | |
| DB_PASSWORD = "SECRET" | |
| DB_NAME = "TestDB" | |
| DISK_TYPE = "gp2" | |
| MACHINE_SIZE = "t2.small" | |
| DB_STORAGE_GB = 10 | |
| DB_CLASS = "db.t2.small" | |
| def connect(): | |
| """ | |
| Create the ec2, vpc and rds connections | |
| """ | |
| e = boto.ec2.connect_to_region(REGION_NAME, | |
| aws_access_key_id=ACCESS_KEY, | |
| aws_secret_access_key=SECRET_KEY) | |
| v = boto.vpc.connect_to_region(REGION_NAME, | |
| aws_access_key_id=ACCESS_KEY, | |
| aws_secret_access_key=SECRET_KEY) | |
| r = boto.rds2.connect_to_region(REGION_NAME, | |
| aws_access_key_id=ACCESS_KEY, | |
| aws_secret_access_key=SECRET_KEY) | |
| return e, v, r | |
| e, v, r = connect() | |
| vpc = v.create_vpc('10.2.0.0/16') | |
| v.modify_vpc_attribute(vpc.id, enable_dns_support=True) | |
| v.modify_vpc_attribute(vpc.id, enable_dns_hostnames=True) | |
| # Create network acl | |
| network_acl = v.create_network_acl(vpc.id) | |
| # Create subnet | |
| subnet_first = v.create_subnet(vpc.id, '10.2.0.0/24', availability_zone=FIRST_AZ) | |
| subnet_second = v.create_subnet(vpc.id, '10.2.1.0/24', availability_zone=SECOND_AZ) | |
| subnet_third = v.create_subnet(vpc.id, '10.2.2.0/24', availability_zone=THIRD_AZ) | |
| # Create a Route Table | |
| route_table = v.create_route_table(vpc.id) | |
| # Create a internet gateway | |
| gateway = v.create_internet_gateway() | |
| v.attach_internet_gateway(gateway.id, vpc.id) | |
| # Connect the subnets to the gateway | |
| v.create_route(route_table.id, destination_cidr_block="0.0.0.0/0", gateway_id=gateway.id) | |
| v.associate_route_table(route_table.id, subnet_first.id) | |
| v.associate_route_table(route_table.id, subnet_second.id) | |
| v.associate_route_table(route_table.id, subnet_third.id) | |
| # Create a new VPC security group | |
| security_group = v.create_security_group(PROJECT+"SecurityGroup", | |
| 'Security group for ' + PROJECT, | |
| vpc.id) | |
| # Create new ssh keys | |
| keypair = e.create_key_pair(PROJECT+"Keypair") | |
| keypair.save('someDirectory') | |
| interface = boto.ec2.networkinterface.NetworkInterfaceSpecification(subnet_id=subnet_first.id, | |
| groups=[security_group.id,], | |
| associate_public_ip_address=True) | |
| interfaces = boto.ec2.networkinterface.NetworkInterfaceCollection(interface) | |
| reservation = e.run_instances(AMI_IMAGE, | |
| key_name=keypair.name, | |
| instance_type=MACHINE_SIZE, | |
| network_interfaces=interfaces) | |
| machine_A = reservation.instances[0] | |
| interface = boto.ec2.networkinterface.NetworkInterfaceSpecification(subnet_id=subnet_first.id, | |
| groups=[security_group.id,], | |
| associate_public_ip_address=True) | |
| interfaces = boto.ec2.networkinterface.NetworkInterfaceCollection(interface) | |
| reservation = e.run_instances(AMI_IMAGE, | |
| key_name=keypair.name, | |
| instance_type=MACHINE_SIZE, | |
| network_interfaces=interfaces) | |
| machine_B = reservation.instances[0] | |
| security_group.authorize(ip_protocol='tcp', from_port=22, to_port=22, cidr_ip='0.0.0.0/0') | |
| security_group.authorize(ip_protocol='tcp', from_port=21, to_port=21, src_group=security_group) | |
| def nTag(what): | |
| return {'Name': PROJECT + str(what), 'Project': PROJECT} | |
| vpc.add_tags(nTag("VPC")) | |
| network_acl.add_tags(nTag("Acl")) | |
| subnet_first.add_tags(nTag("SubnetFirst")) | |
| subnet_second.add_tags(nTag("SubnetSecond")) | |
| subnet_third.add_tags(nTag("SubnetThird")) | |
| route_table.add_tags(nTag("RouteTable")) | |
| gateway.add_tags(nTag("Gateway")) | |
| security_group.add_tags(nTag("SecurityGroup")) | |
| machine_A.add_tags(nTag("Machine_A")) | |
| machine_B.add_tags(nTag("Machine_B")) | |
| database_security_group = e.create_security_group(PROJECT+"DatabaseSecurityGroup", | |
| 'Database Security group for ' + PROJECT, | |
| vpc.id) | |
| database_security_group.add_tags(nTag("DatabaseSecurityGroup")) | |
| database_security_group.authorize(ip_protocol='tcp', from_port=5432, to_port=5432, src_group=security_group) | |
| # Create database subnet | |
| database_subnet_name = PROJECT + "DatabaseSubnetGroupName" | |
| database_subnet = r.create_db_subnet_group( | |
| db_subnet_group_name = database_subnet_name, | |
| db_subnet_group_description = "Database Subnet for " + PROJECT, | |
| subnet_ids = [subnet_first.id, subnet_second.id, subnet_third.id], | |
| tags=nTag("DatabaseSubnetGroupName")) | |
| elements['database_subnet_name'] = database_subnet_name | |
| # Create the database | |
| database_name = "db" + PROJECT | |
| database = r.create_db_instance( | |
| db_instance_identifier = "db" + FLAVOUR, | |
| allocated_storage = DB_STORAGE_GB, | |
| db_instance_class = DB_CLASS, | |
| engine = "postgres", | |
| master_username = DB_USER, | |
| master_user_password = DB_PASSWORD, | |
| db_name = DB_NAME, | |
| vpc_security_group_ids = [database_security_group.id,], | |
| availability_zone = DB_AVAILABILITY_ZONE, | |
| db_subnet_group_name = database_subnet_name, | |
| backup_retention_period = DB_AUTO_BACKUP_DAYS, | |
| port = 5432, | |
| multi_az = False, | |
| auto_minor_version_upgrade = True, | |
| publicly_accessible = False, | |
| tags = nTag("Database")) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment