diff options
Diffstat (limited to 'azure/aria/aria-extension-cloudify/plugins/aws/plugin.yaml')
| -rw-r--r-- | azure/aria/aria-extension-cloudify/plugins/aws/plugin.yaml | 1754 |
1 files changed, 1754 insertions, 0 deletions
diff --git a/azure/aria/aria-extension-cloudify/plugins/aws/plugin.yaml b/azure/aria/aria-extension-cloudify/plugins/aws/plugin.yaml new file mode 100644 index 0000000..5912d23 --- /dev/null +++ b/azure/aria/aria-extension-cloudify/plugins/aws/plugin.yaml @@ -0,0 +1,1754 @@ +# +# Copyright (c) 2017 GigaSpaces Technologies Ltd. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +tosca_definitions_version: tosca_simple_yaml_1_0 + +topology_template: + policies: + cloudify-aws-plugin: + description: >- + aws plugin executes operations. + type: aria.Plugin + properties: + version: 1.4.10 + + +data_types: + aria.aws.datatypes.Config: + properties: + # Partially based on: http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html + aws_access_key_id: + description: > + The ID of your AWS ACCESS KEY. + type: string + required: false + aws_secret_access_key: + description: > + The ID of your AWS SECRET KEY. + type: string + required: false + region: + description: > + This is for backward compatibility with version 1.2. + type: string + required: false + ec2_region_name: + description: > + The EC2 Region RegionName, such as us-east-1. + (Not us-east-1b, which is an availability zone, or US East, which is a Region.) + type: string + required: false + ec2_region_endpoint: + description: > + The endpoint for the given region. + type: string + required: false + elb_region_name: + description: > + The ELB Region RegionName, such as us-east-1. + (Not us-east-1b, which is an availability zone, or US East, which is a Region.) + Required for aws_config for node type aria.aws.nodes.ElasticLoadBalancer. + type: string + required: false + elb_region_endpoint: + description: > + The endpoint for the given ELB region. + type: string + required: false + + aria.aws.datatypes.Route: + properties: + # Based on: http://docs.aws.amazon.com/cli/latest/reference/ec2/create-route.html + route_table_id: + description: > + In most cases, leave this blank, because the route table is implicit from the node or + relationship that is creating the route. + type: string + required: false + destination_cidr_block: + description: > + This is the cidr_block that you want to route traffic for to the device. + type: string + gateway_id: + description: > + The id of the gateway (either internet gateway, customer gateway, or vpn gateway). + type: string + required: false + instance_id: + description: > + The id of the instance (if you are routing to a NAT instance). + type: string + required: false + interface_id: + description: > + The id of an attached network interface. + type: string + required: false + vpc_peering_connection_id: + description: > + The id of a VPC peering connection. + type: string + required: false + + aria.aws.datatypes.NetworkAclEntry: + # Based on: http://docs.aws.amazon.com/cli/latest/reference/ec2/create-network-acl-entry.html + properties: + rule_number: + description: > + Some number to identify this rule. Cannot duplicate an existing rule number. + type: integer + protocol: + description: > + The Assigned Internet Protocol Number for the protocol (e.g. 1 is ICMP, 6 is TCP, and 17 is UDP). + type: integer + rule_action: + description: Either ALLOW or DENY. + type: string + constraints: + - valid_values: [ ALLOW, DENY ] + cidr_block: + description: > + The cidr_block. + type: string + egress: + description: > + Whether the rule applies to egress traffic from the subnet. + type: boolean + default: false + required: false + icmp_type: + description: > + If in protocol you chose 1 for ICMP, the ICMP type, -1 for all ICMP types. + type: integer + required: false + icmp_code: + description: > + If in protocol you chose 1 for ICMP, the ICMP code, -1 for all ICMP codes. + type: integer + required: false + port_range_from: + description: > + The first port in the range. + type: integer + constraints: + - in_range: [ 1, 65535 ] + port_range_to: + description: > + The last port in the range. + type: integer + constraints: + - in_range: [ 1, 65535 ] + + aria.aws.datatypes.SecurityGroupRule: + # Based on: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-rule.html + properties: + egress: + description: > + Whether the rule applies to egress traffic. + type: boolean + default: false + required: false + ip_protocol: + description: > + The Assigned Internet Protocol Number for the protocol. + type: string + required: false + from_port: + description: > + The first port in the range. + type: integer + required: false + constraints: + - in_range: [ 1, 65535 ] + to_port: + description: > + The last port in the range. + type: integer + required: false + constraints: + - in_range: [ 1, 65535 ] + cidr_ip: + description: > + The cidr_block. + type: string + required: false + src_group_id: + description: > + The security group ID. + type: string + required: false + + aria.aws.datatypes.BlockDeviceMapping: + derived_from: tosca.datatypes.Root + properties: + # Based on: http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html#options + virtual_name: + type: string + required: false + device_name: + type: string + required: false + ebs: + type: aria.aws.datatypes.Ebs + required: false + no_device: + type: string + required: false + + aria.aws.datatypes.Ebs: + derived_from: tosca.datatypes.Root + properties: + # Based on: http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html#options + snapshot_id: + type: string + required: false + volume_size: + type: integer + required: false + delete_on_termination: + type: boolean + required: false + volume_type: + type: string + required: false + constraints: + - valid_values: [ standard, io1, gp2, sc1, st1] + required: false + iops: + type: integer + required: false + encrypted: + type: boolean + required: false + + aria.aws.datatypes.NetworkInterfacePrivateIPAddress: + # Based on: http://docs.aws.amazon.com/cli/latest/reference/ec2/create-network-interface.html + # Specifically, look under --private-ip-addresses, and notice the differences from + # --private-ip-address. + derived_from: tosca.datatypes.Root + properties: + private_ip_address: + type: string + required: false + primary: + type: boolean + required: false + + aria.aws.datatypes.NetworkInterface: + # Based on: http://docs.aws.amazon.com/cli/latest/reference/ec2/create-network-interface.html + derived_from: tosca.datatypes.Root + properties: + description: + type: string + required: false + dry_run: + type: boolean + required: false + groups: + type: list + entry_schema: + type: string + required: false + ipv6_address_count: + type: integer + required: false + ipv6_addresses: + type: map + entry_schema: + type: string + required: false + private_ip_address: + type: string + required: false + private_ip_addresses: + type: map + entry_schema: + type: aria.aws.datatypes.NetworkInterfacePrivateIPAddress + required: false + secondary_private_ip_address_count: + type: integer + required: false + subnet_id: + type: string + required: false + cli_input_json: + type: string + required: false + generate_cli_skeleton: + type: string + required: false + + aria.aws.datatypes.RunInstancesParameters: + derived_from: tosca.datatypes.Root + properties: + # These properties were derived from the parameters of boto.e2c.connection.run_instances: + # https://github.com/boto/boto/blob/master/boto/ec2/connection.py#L738 + # In the corresponding aws documentation, + # http://docs.aws.amazon.com/cli/latest/reference/ec2/run-instances.html, + # The properties 'placement', 'placement_group' and 'tenancy' of the boto api are part of a + # structure called 'placement', in addition to 'affinity' and 'host_id' which do not exist + # in the boto api. + image_id: + type: string + required: false + min_count: + type: integer + required: false + max_count: + type: integer + required: false + key_name: + type: string + required: false + security_groups: + type: list + entry_schema: + type: string + required: false + user_data: + type: string + required: false + addressing_type: + type: string + required: false + instance_type: + type: string + required: false + placement: + type: string + required: false + kernel_id: + type: string + required: false + ramdisk_id: + type: string + required: false + monitoring_enabled: + type: boolean + required: false + subnet_id: + type: string + required: false + block_device_map: + type: list + entry_schema: + type: aria.aws.datatypes.BlockDeviceMapping + required: false + disable_api_termination: + type: boolean + required: false + instance_initiated_shutdown_behavior: + type: string + constraints: + - valid_values: [ stop, terminate ] + required: false + private_id_address: + type: string + required: false + placement_group: + type: string + required: false + client_token: + type: string + required: false + security_group_ids: + type: list + entry_schema: + type: string + required: false + additional_info: + type: string + required: false + instance_profile_name: + type: string + required: false + instance_profile_arn: + type: string + required: false + tenancy: + type: string + required: false + constraints: + - valid_values: [ default, dedicated] + ebs_optimized: + type: boolean + required: false + network_interfaces: + type: list + entry_schema: + type: aria.aws.datatypes.NetworkInterface + required: false + dry_run: + type: boolean + required: false + + aria.aws.datatypes.LoadBalancerListener: + # According to the description of the 'listeners' property of aria.aws.node.LoadBalancer + derived_from: tosca.datatypes.Root + properties: + LoadBalancerPortNumber: + type: integer + constraints: + - in_range: [ 1, 65535 ] + InstancePortNumber: + type: integer + constraints: + - in_range: [ 1, 65535 ] + protocol: + type: string + constraints: + - valid_values: [ tcp, ssl, http, https ] + SSLCertificateID: + type: string + required: false + + aria.aws.datatypes.LoadBalancerComplexListener: + # According to the description of the 'complex_listeners' property of aria.aws.node.LoadBalancer + derived_from: aria.aws.datatypes.LoadBalancerListener + properties: + InstanceProtocol: + type: integer + constraints: + - in_range: [ 1, 65535 ] + + aria.aws.datatypes.LoadBalancerHealthCheck: + # Based on: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb-health-check.html + derived_from: tosca.datatypes.Root + properties: + healthy_threshold: + type: string + required: false + interval: + type: string + required: false + target: + type: string + required: false + timeout: + type: string + required: false + unhealthy_threshold: + type: string + required: false + + aria.aws.datatypes.NetworkInterfaceCreateParameters: + # These properties were derived from the parameters of boto.e2c.connection.create_network_interface + # https://github.com/boto/boto/blob/master/boto/ec2/connection.py#L4286, that are based on: + # http://docs.aws.amazon.com/cli/latest/reference/ec2/create-network-interface.html + derived_from: tosca.datatypes.Root + properties: + subnet_id: + type: string + required: false + private_ip_address: + type: string + required: false + description: + type: string + required: false + groups: + type: list + entry_schema: + type: string + required: false + dry_run: + type: boolean + required: false + + aria.aws.datatypes.VolumeCreateParameters: + # Based on http://docs.aws.amazon.com/cli/latest/reference/ec2/create-volume.html#synopsis + derived_from: tosca.datatypes.Root + properties: + size: + type: integer + required: false + zone: + type: string + required: false + snapshot: + type: string + required: false + volume_type: + type: string + required: false + iops: + type: integer + required: false + encrypted: + type: boolean + required: false + kms_key_id: + type: string + required: false + dry_run: + type: boolean + required: false + + aria.aws.datatypes.VolumeDeleteParameters: + # Based on: http://docs.aws.amazon.com/cli/latest/reference/ec2/delete-volume.html + derived_from: tosca.datatypes.Root + properties: + volume_id: + type: string + required: false + dry_run: + type: boolean + required: false + +interface_types: + aria.aws.interfaces.Validation: + derived_from: tosca.interfaces.Root + creation: + description: > + creation operation for the aws validation interface + aria.aws.interfaces.Snapshot: + derived_from: tosca.interfaces.Root + create: + description: > + creation operation for the aws snapshot interface + + +node_types: + aria.aws.nodes.Instance: + derived_from: tosca.nodes.Compute + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + name: + description: > + Optional field if you want to add a specific name to the instance. + type: string + default: '' + required: false + image_id: + description: > + The ID of the AMI image in your Amazon account. + type: string + instance_type: + description: > + The instance's size. + type: string + use_password: + type: boolean + default: false + parameters: + description: > + The key value pair parameters allowed by Amazon API to the + ec2.connection.EC2Connection.run_instances command. It should be mentioned that + although this field is listed as optional, A non-trivial use case requires + that both the key_name parameter and the security_groups parameter be specified. + type: aria.aws.datatypes.RunInstancesParameters + default: {} + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + attributes: + public_ip_address: + type: string + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.instance.create + start: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.instance.start + inputs: + start_retry_interval: + description: Polling interval until the server is active in seconds + type: integer + default: 30 + private_key_path: + description: > + Path to private key which matches the server's + public key. Will be used to decrypt password in case + the "use_password" property is set to "true" + type: string + default: '' + stop: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.instance.stop + delete: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.instance.delete + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.instance.creation_validation + requirements: + - elastic_ip: + capability: tosca.capabilities.Node + node: aria.aws.nodes.ElasticIP + relationship: aria.aws.relationships.InstanceConnectedToElasticIP + occurrences: [ 0, UNBOUNDED ] + - keypair: + capability: tosca.capabilities.Node + node: aria.aws.nodes.KeyPair + relationship: aria.aws.relationships.InstanceConnectedToKeypair + occurrences: [ 0, UNBOUNDED ] + - security_group: + capability: tosca.capabilities.Node + node: aria.aws.nodes.SecurityGroup + relationship: aria.aws.relationships.instance_connected_to_security_group + occurrences: [ 0, UNBOUNDED ] + - load_balancer: + capability: tosca.capabilities.Node + node: aria.aws.nodes.ElasticLoadBalancer + relationship: aria.aws.relationships.InstanceConnectedToLoadBalancer + occurrences: [ 0, UNBOUNDED ] + - subnet_to_be_contained_in: + capability: tosca.capabilities.Node + node: aria.aws.nodes.Subnet + relationship: aria.aws.relationships.InstanceContainedInSubnet + occurrences: [ 0, UNBOUNDED ] + - subnet_to_connect_to: + capability: tosca.capabilities.Node + node: aria.aws.nodes.Subnet + relationship: aria.aws.relationships.InstanceConnectedToSubnet + occurrences: [ 0, UNBOUNDED ] + - eni: + capability: tosca.capabilities.Root + node: aria.aws.nodes.Interface + relationship: aria.aws.relationships.InstanceConnectedToENI + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.WindowsInstance: + derived_from: aria.aws.nodes.Instance + properties: + use_password: + type: boolean + default: true + os_family: + type: string + default: windows + + aria.aws.nodes.ElasticIP: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + domain: + description: > + Set this to 'vpc' if you want to use VPC. + type: string + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticip.create + delete: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticip.delete + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticip.creation_validation + + aria.aws.nodes.SecurityGroup: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + description: + description: > + The description field that is required for every security group that you create + in Amazon. + type: string + rules: + description: > + You need to pass in either src_group_id (security group ID) OR cidr_ip, + and then the following three: ip_protocol, from_port and to_port. + type: list + entry_schema: + type: aria.aws.datatypes.SecurityGroupRule + default: [] + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.securitygroup.create + start: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.securitygroup.start + delete: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.securitygroup.delete + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.securitygroup.creation_validation + requirements: + - vpc: + capability: tosca.capabilities.Node + node: aria.aws.nodes.VPC + relationship: aria.aws.relationships.SecurityGroupContainedInVPC + occurrences: [ 0, UNBOUNDED ] + - security_group_rule: + capability: tosca.capabilities.Node + node: aria.aws.nodes.SecurityGroupRule + relationship: aria.aws.relationships.SecurityGroupUsesRule + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.Volume: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + size: + description: > + The size of the volume in GB. + type: string + zone: + description: > + A string representing the AWS availability zone. + type: string + device: + description: > + The device on the instance + type: string + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.ebs.create + inputs: + args: + type: map + entry_schema: + type: aria.aws.datatypes.VolumeCreateParameters + default: {} + start: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.ebs.start + delete: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.ebs.delete + inputs: + args: + type: map + entry_schema: + type: aria.aws.datatypes.VolumeDeleteParameters + default: {} + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.ebs.creation_validation + Snapshot: + type: aria.aws.interfaces.Snapshot + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.ebs.create_snapshot + inputs: + args: + type: map + entry_schema: + type: string + default: {} + requirements: + - instance: + capability: tosca.capabilities.Node + node: aria.aws.nodes.Instance + relationship: aria.aws.relationships.VolumeConnectedToInstance + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.KeyPair: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or if the resource should be created. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + If use_external_resource is false, this will be the keys name and ID in AWS. + If left blank, the plugin will set a name for you. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + private_key_path: + description: > + The path where the key should be saved on the machine. If this is a bootstrap + process, this refers to the local computer. If this will run on the manager, + this will be saved on the manager. + type: string + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + attributes: + aws_resource_id: + type: string + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.keypair.create + delete: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.keypair.delete + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.keypair.creation_validation + + aria.aws.nodes.ElasticLoadBalancer: + derived_from: tosca.nodes.LoadBalancer + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + elb_name: + description: > + The mnemonic name associated with the new load balancer + type: string + zones: + description: > + zones (List of strings) - The names of the availability zone(s) to add. + example: ['us-east-1b','us-east-1b'] + type: string + security_groups: + description: > + security_groups (list of strings) - The security groups assigned to your LoadBalancer + within your VPC. + example: ['sg-123456','sg-7891011'] + FYI: security groups only supported with vpc + type: list + entry_schema: + type: string + default: [] + required: false + listeners: + description: > + listeners (List of tuples) - Each tuple contains three or four values, (LoadBalancerPortNumber, + InstancePortNumber, Protocol, [SSLCertificateId]) where LoadBalancerPortNumber and + InstancePortNumber are integer values between 1 and 65535, Protocol is a string containing + either 'TCP', 'SSL', 'HTTP', or 'HTTPS'; SSLCertificateID is the ARN of a AWS IAM certificate, + and must be specified when doing HTTPS. + example: [[80, 8080, 'http'], [443, 8443, 'tcp']] + type: list + entry_schema: + type: aria.aws.datatypes.LoadBalancerListener + health_checks: + description: > + list of healthchecks (dicts) to use as criteria for instance health + example: [{'target': 'HTTP:8080/health'}, {'target': 'HTTP:80/alive'}] + type: list + entry_schema: + type: aria.aws.datatypes.LoadBalancerHealthCheck + default: [] + required: false + scheme: + description: > + The type of a LoadBalancer. By default, Elastic Load Balancing creates an internet-facing + LoadBalancer with a publicly resolvable DNS name, which resolves to public IP addresses. + Specify the value internal for this option to create an internal LoadBalancer with a DNS + name that resolves to private IP addresses. + This option is only available for LoadBalancers attached to an Amazon VPC. + type: string + default: '' + required: false + subnets: + description: > + list of strings - A list of subnet IDs in your VPC to attach to your LoadBalancer. + example: + type: list + entry_schema: + type: string + default: [] + required: false + complex_listeners: + description: > + List of tuples - Each tuple contains four or five values, (LoadBalancerPortNumber, + InstancePortNumber, Protocol, InstanceProtocol, SSLCertificateId). + Where: + LoadBalancerPortNumber and InstancePortNumber are integer values between 1 and 65535 + Protocol and InstanceProtocol is a string containing either 'TCP', 'SSL', 'HTTP', or 'HTTPS' + SSLCertificateId is the ARN of an SSL certificate loaded into AWS IAM + type: list + entry_schema: + type: aria.aws.datatypes.LoadBalancerComplexListener + default: [] + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticloadbalancer.create + start: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticloadbalancer.start + delete: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticloadbalancer.delete + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticloadbalancer.creation_validation + + aria.aws.nodes.VPC: + derived_from: tosca.nodes.network.Network + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + cidr_block: + description: > + The CIDR Block that you will split this VPCs subnets across. + type: string + instance_tenancy: + description: > + Default or dedicated. + type: string + default: default + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.vpc.create_vpc + start: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.vpc.start + delete: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.vpc.delete + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.vpc.creation_validation + requirements: + - vpc: + capability: tosca.capabilities.Node + node: aria.aws.nodes.VPC + relationship: aria.aws.relationships.RouteTableOfSourceVPCConnectedToTargetPeerVPC + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.Subnet: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + cidr_block: + description: > + The CIDR Block that instances will be on. + type: string + availability_zone: + description: > + The availability zone that you want your subnet in. + type: string + default: '' + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.subnet.create_subnet + start: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.subnet.start_subnet + delete: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.subnet.delete_subnet + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.subnet.creation_validation + requirements: + - vpc: + capability: tosca.capabilities.Node + node: aria.aws.nodes.VPC + relationship: aria.aws.relationships.SubnetContainedInVPC + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.Gateway: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.creation_validation + requirements: + - vpc: + capability: tosca.capabilities.Node + node: aria.aws.nodes.VPC + relationship: aria.aws.relationships.GatewayConnectedToVPC + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.InternetGateway: + derived_from: aria.aws.nodes.Gateway + properties: + cidr_block: + description: > + The cidr_block that you want this internet gateway to service. Default is for all internet + traffic. + type: string + default: '0.0.0.0/0' + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.create_internet_gateway + start: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.start_internet_gateway + delete: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.delete_internet_gateway + + aria.aws.nodes.VPNGateway: + derived_from: aria.aws.nodes.Gateway + properties: + type: + description: > + Type of VPN Connection. Only valid value currently is ipsec.1 + type: string + default: ipsec.1 + availability_zone: + description: > + The Availability Zone where you want the VPN gateway. + type: string + default: '' + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.create_vpn_gateway + start: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.start_vpn_gateway + delete: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.delete_vpn_gateway + + aria.aws.nodes.CustomerGateway: + derived_from: aria.aws.nodes.Gateway + properties: + type: + description: > + Type of VPN Connection. Only valid value currently is ipsec.1 + type: string + default: ipsec.1 + ip_address: + description: > + Internet-routable IP address for customers gateway. Must be a static address + type: string + bgp_asn: + description: > + Customer gateways Border Gateway Protocol (BGP) Autonomous System Number (ASN) + type: integer + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.create_customer_gateway + start: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.start_customer_gateway + delete: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.delete_customer_gateway + requirements: + - vpn_gateway: + capability: tosca.capabilities.Node + node: aria.aws.nodes.VPNGateway + relationship: aria.aws.relationships.CustomerGatewayConnectedToVPNGateway + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.ACL: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + acl_network_entries: + description: > + A list of rules of data type aria.datatypes.aws.NetworkAclEntry (see above). + type: list + entry_schema: + type: aria.aws.datatypes.NetworkAclEntry + default: [] + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.networkacl.create_network_acl + start: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.networkacl.start_network_acl + delete: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.networkacl.delete_network_acl + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.networkacl.creation_validation + requirements: + - vpc: + capability: tosca.capabilities.Node + node: aria.aws.nodes.VPC + relationship: aria.aws.relationships.NetworkACLContainedInVPC + occurrences: [ 0, UNBOUNDED ] + - subnet: + capability: tosca.capabilities.Node + node: aria.aws.nodes.Subnet + relationship: aria.aws.relationships.NetworkACLAssociatedWithSubnet + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.DHCPOptions: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + domain_name: + description: > + A domain name. + type: string + required: false + domain_name_servers: + description: > + A list of up to four DNS servers. + type: list + entry_schema: + type: string + default: [] + required: false + ntp_servers: + description: > + A list of up to four NTP servers. + type: list + entry_schema: + type: string + default: [] + required: false + netbios_name_servers: + description: > + A list of up to four netbios servers. + type: list + entry_schema: + type: string + default: [] + required: false + netbios_node_type: + description: > + netbios type. recommended two. + type: string + default: '' + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.dhcp.create_dhcp_options + start: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.dhcp.start_dhcp_options + delete: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.dhcp.delete_dhcp_options + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.dhcp.creation_validation + requirements: + - vpc: + capability: tosca.capabilities.Node + node: aria.aws.nodes.VPC + relationship: aria.aws.relationships.DHCPOptionsAssociatedWithVPC + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.RouteTable: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + required: true + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify_aws.vpc.routetable.create_route_table + inputs: + routes: + description: > + A list of aria.aws.datatypes.Route. + type: list + entry_schema: + type: aria.aws.datatypes.Route + default: [] + start: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.routetable.start_route_table + delete: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.routetable.delete_route_table + Validation: + type: aria.aws.interfaces.Validation + creation: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.routetable.creation_validation + requirements: + - vpc: + capability: tosca.capabilities.Node + node: aria.aws.nodes.VPC + relationship: aria.aws.relationships.SubnetContainedInVPC + occurrences: [ 0, UNBOUNDED ] + - subnet: + capability: tosca.capabilities.Node + node: aria.aws.nodes.Subnet + relationship: aria.aws.relationships.RoutetableAssociatedWithSubnet + occurrences: [ 0, UNBOUNDED ] + - gateway: + capability: tosca.capabilities.Node + node: aria.aws.nodes.Gateway + relationship: aria.aws.relationships.RouteTableToGateway + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.Interface: + derived_from: tosca.nodes.network.Port + properties: + use_external_resource: + description: > + Indicate whether the resource exists or it should be created, + true if you are bringing an existing resource, false if you want to create it. + type: boolean + default: false + resource_id: + description: > + The AWS resource ID of the external resource, if use_external_resource is true. + Otherwise it is an empty string. + type: string + default: '' + tags: + description: > + A dictionary of key/value pairs of tags you want to add. + type: map + default: {} + entry_schema: + type: string # http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html + parameters: + description: > + Any parameters accepted by the create_network_interface operation. + type: aria.aws.datatypes.NetworkInterfaceCreateParameters + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + required: false + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.eni.create + inputs: + args: + type: aria.aws.datatypes.NetworkInterfaceCreateParameters + default: {} + start: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.eni.start + delete: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.eni.delete + inputs: + args: + type: map + entry_schema: + type: string + default: {} + requirements: + - instance: + capability: tosca.capabilities.Node + node: aria.aws.nodes.Instance + relationship: aria.aws.relationships.ENIConnectedToInstance + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.SecurityGroupRule: + derived_from: tosca.nodes.Root + properties: + use_external_resource: + type: boolean + default: False + resource_id: + description: > + The resource ID. + type: string + default: '' + required: false + rule: + description: > + A list of rules of data type aria.aws.datatypes.SecurityGroupRule (see above). + type: list + entry_schema: + type: aria.aws.datatypes.SecurityGroupRule + default: [] + required: false + aws_config: + description: > + A dictionary of values to pass to authenticate with the AWS API. + type: aria.aws.datatypes.Config + requirements: + - security_group_to_depend_on: + capability: tosca.capabilities.Node + node: aria.aws.nodes.SecurityGroup + relationship: aria.aws.relationships.RuleDependsOnSecurityGroup + occurrences: [ 0, UNBOUNDED ] + - security_group_to_be_contained_in: + capability: tosca.capabilities.Node + node: aria.aws.nodes.SecurityGroup + relationship: aria.aws.relationships.RuleContainedInSecurityGroup + occurrences: [ 0, UNBOUNDED ] + + aria.aws.nodes.SecurityGroupRule.Multi: + derived_from: aria.aws.nodes.SecurityGroupRule + interfaces: + Standard: + create: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.securitygroup.create_rule + inputs: + args: + type: map + entry_schema: + type: aria.aws.datatypes.SecurityGroupRule + default: {} + delete: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.securitygroup.delete_rule + inputs: + args: + type: map + entry_schema: + type: aria.aws.datatypes.SecurityGroupRule + default: {} + + +relationship_types: + aria.aws.relationships.ConnectedToElasticIP: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_source: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticip.associate + remove_source: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticip.disassociate + + aria.aws.relationships.InstanceConnectedToElasticIP: + derived_from: aria.aws.relationships.ConnectedToElasticIP + + aria.aws.relationships.InstanceConnectedToKeypair: + derived_from: tosca.relationships.ConnectsTo + + aria.aws.relationships.ConnectedToSecurityGroup: + derived_from: tosca.relationships.ConnectsTo + + # The name of this relationship is not in CamelCase since in order to attach security group to an + # instance using the Cloudify AWS plugin, the relationship between the instance and the security + # group must be include the string 'instance_connected_to_security_group' in its name. + aria.aws.relationships.instance_connected_to_security_group: + derived_from: aria.aws.relationships.ConnectedToSecurityGroup + + aria.aws.relationships.InstanceConnectedToLoadBalancer: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_source: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticloadbalancer.associate + remove_source: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.elasticloadbalancer.disassociate + + aria.aws.relationships.VolumeConnectedToInstance: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_source: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.ebs.associate + inputs: + args: + type: map + entry_schema: + type: string + default: {} + force: + type: boolean + default: False + remove_source: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.ebs.disassociate + inputs: + args: + type: map + entry_schema: + type: string + default: {} + force: + type: boolean + default: False + + aria.aws.relationships.SubnetContainedInVPC: + derived_from: tosca.relationships.HostedOn + + aria.aws.relationships.RoutetableContainedInVPC: + derived_from: tosca.relationships.HostedOn + + aria.aws.relationships.RoutetableAssociatedWithSubnet: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.routetable.associate_route_table + remove_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.routetable.disassociate_route_table + + aria.aws.relationships.RouteTableToGateway: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.routetable.create_route_to_gateway + inputs: + destination_cidr_block: + description: > + Provide a specific value for the destination cidr block. + If the target is an internet gateway, then this is not necessary. + It will resolve to the cidr_block node property. + Otherwise, you need to provide this value. + type: string + default: '' + remove_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.routetable.delete_route_from_gateway + + aria.aws.relationships.GatewayConnectedToVPC: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.attach_gateway + remove_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.detach_gateway + + aria.aws.relationships.NetworkACLContainedInVPC: + derived_from: tosca.relationships.HostedOn + + aria.aws.relationships.NetworkACLAssociatedWithSubnet: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.networkacl.associate_network_acl + remove_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.networkacl.disassociate_network_acl + + aria.aws.relationships.RouteTableOfSourceVPCConnectedToTargetPeerVPC: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + pre_configure_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.vpc.create_vpc_peering_connection + inputs: + target_account_id: + description: > + The 12 digit account ID that the target VPC belongs to. + type: string + default: '' + routes: + description: > + A list of aria.aws.datatypes.Route for assignment to the source Route Table. + type: list + entry_schema: + type: aria.aws.datatypes.Route + default: [] + post_configure_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.vpc.accept_vpc_peering_connection + remove_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.vpc.delete_vpc_peering_connection + + aria.aws.relationships.DHCPOptionsAssociatedWithVPC: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.dhcp.associate_dhcp_options + remove_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.dhcp.restore_dhcp_options + + aria.aws.relationships.CustomerGatewayConnectedToVPNGateway: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.create_vpn_connection + inputs: + routes: + description: > + A list of static routes to add to this vpn_connection. + The routes will be of type aria.aws.datatypes.Route. + However, you can only provide the destination_cidr_block and a vpn_connection_id. + type: list + entry_schema: + type: aria.aws.datatypes.Route + default: [] + remove_target: + implementation: cloudify-aws-plugin > cloudify_aws.vpc.gateway.delete_vpn_connection + + aria.aws.relationships.InstanceContainedInSubnet: + derived_from: tosca.relationships.HostedOn + + aria.aws.relationships.InstanceConnectedToSubnet: + derived_from: tosca.relationships.ConnectsTo + + aria.aws.relationships.SecurityGroupContainedInVPC: + derived_from: tosca.relationships.HostedOn + + aria.aws.relationships.ConnectedToSubnet: # ARIA NOTE: I don't see a use for this relationship + derived_from: tosca.relationships.ConnectsTo + + aria.aws.relationships.ENIConnectedToInstance: + derived_from: tosca.relationships.ConnectsTo + interfaces: + Configure: + add_source: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.eni.associate + inputs: + args: + type: map + entry_schema: + type: string + default: {} + remove_source: + implementation: cloudify-aws-plugin > cloudify_aws.ec2.eni.disassociate + inputs: + args: + type: map + entry_schema: + type: string + default: {} + + aria.aws.relationships.InstanceConnectedToENI: + derived_from: tosca.relationships.ConnectsTo + + aria.aws.relationships.SecurityGroupUsesRule: + derived_from: tosca.relationships.DependsOn + + aria.aws.relationships.RuleDependsOnSecurityGroup: + derived_from: tosca.relationships.DependsOn + + aria.aws.relationships.RuleContainedInSecurityGroup: + derived_from: tosca.relationships.HostedOn |