ecs_composex package

Subpackages

Submodules

ecs_composex.cli module

Console script for ecs_composex.

class ecs_composex.cli. ArgparseHelper ( option_strings , dest = '==SUPPRESS==' , default = '==SUPPRESS==' , help = None ) [source]

Bases: argparse._HelpAction

Used to help print top level ‘–help’ arguments from argparse when used with subparsers

ecs_composex.cli. main ( ) [source]

Main entry point for CLI :return: status code

ecs_composex.cli. main_parser ( ) [source]

Console script for ecs_composex.

ecs_composex.ecs_composex module

Main module to generate a full stack with VPC, Cluster, Compute, Services and all X- AWS resources.

ecs_composex.ecs_composex. add_compute ( root_template , settings , vpc_stack ) [source]

Function to add Cluster stack to root one. If any of the options related to compute resources are set in the CLI then this function will generate and add the compute template to the root stack template

Parameters
  • root_template ( troposphere.Template ) – the root template

  • vpc_stack ( ComposeXStack ) – the VPC stack if any to pull the attributes from

  • settings ( ComposeXSettings ) – The settings for execution

Returns

compute_stack, the Compute stack

Return type

ComposeXStack

ecs_composex.ecs_composex. add_x_resources ( root_template , settings , services_stack , vpc_stack = None ) [source]

Function to add each X resource from the compose file

ecs_composex.ecs_composex. apply_x_configs_to_ecs ( settings , root_stack ) [source]

Function that evaluates only the x- resources of the root template and iterates over the resources. If there is an implemented module in ECS ComposeX for that resource to map to the ECS Services, it will execute the function available in the module to apply defined settings to the services stack.

Parameters
ecs_composex.ecs_composex. apply_x_to_x_configs ( root_stack , settings ) [source]

Function to iterate over each XStack and trigger cross-x resources configurations functions

Parameters
Returns

ecs_composex.ecs_composex. generate_full_template ( settings ) [source]

Function to generate the root root_template

Parameters

settings ( ecs_composex.common.settings.ComposeXSettings ) – The settings for the execution

Return root_template

Template, params

Return type

root_template, list

ecs_composex.ecs_composex. get_mod_class ( module_name ) [source]

Function to get the XModule class for a specific ecs_composex module

Parameters

module_name ( str ) – Name of the x-module we are looking for.

Returns

the_class, maps to the main class for the given x-module

ecs_composex.ecs_composex. get_mod_function ( module_name , function_name ) [source]

Function to get function in a given module name from function_name

Parameters
  • module_name ( str ) – the name of the module in ecs_composex to find and try to import

  • function_name ( str ) – name of the function to try to get

Returns

function, if found, from the module

Return type

function

ecs_composex.ecs_composex. get_vpc_id ( vpc_stack ) [source]

Function to add CloudMap to VPC

Parameters

vpc_stack ( ComposeXStack ) – VpcStack

ecs_composex.ecs_composex. handle_new_xstack ( key , res_type , settings , services_stack , vpc_stack , root_template , xstack ) [source]

Function to create the root stack of the x-resource and assign it to its root stack

Parameters
  • key ( str ) –

  • res_type ( str ) –

  • settings ( ecs_composex.common.settings.ComposeXSettings ) –

  • services_stack ( ecs_composex.ecs.ServicesStack ) –

  • ComposeXStack vpc_stack ( ecs_composex.common.stacks ) –

  • root_template ( troposphere.Template ) –

  • ComposeXStack xstack ( ecs_composex.common.stacks ) –

ecs_composex.ecs_composex. init_root_template ( settings ) [source]

Function to initialize the root template

Returns

template

Return type

troposphere.Template

ecs_composex.ecs_composex. invoke_x_to_ecs ( module_name , settings , services_stack , resource ) [source]

Function to associate X resources to Services

Parameters
Returns

ecs_composex.ingress_settings module

Module to help with defining the network settings for the ECS Service based on the family services definitions.

class ecs_composex.ingress_settings. Ingress ( definition , ports ) [source]

Bases: object

Class to group the configuration for Service network settings

associate_aws_igress_rules ( template ) [source]

Method to associate AWS ingress rules to a specific template

Parameters

template ( troposphere.Template ) –

Returns

associate_ext_igress_rules ( template ) [source]

Method to associate External ingress rules to a specific template

Parameters

template ( troposphere.Template ) –

Returns

aws_sources_key = 'AwsSources'
create_ext_sources_ingress_rule ( destination_tile , allowed_source , security_group , ** props ) [source]
defined = True
ext_sources_key = 'ExtSources'
ipv4_key = 'IPv4'
ipv6_key = 'IPv6'
master_key = 'Ingress'
network_settings = ['Ingress', 'UseCloudmap', 'IsPublic']
services_key = 'Services'
set_aws_sources ( settings , destination_title , sg_ref ) [source]

Method to define AWS Sources ingresses

Parameters
  • destination_title

  • sg_ref

Returns

set_ext_sources_ingress ( destination_tile , security_group ) [source]

Method to add ingress rules from external sources to a given Security Group (ie. ALB Security Group). If a list of IPs is found in the config[‘ext_sources’] part of the network section of configs for the service, then it will use that. If no IPv4 source is indicated, it will by default allow traffic from 0.0.0.0/0

Parameters
  • destination_tile ( str ) – The name of the destination for description

  • security_group ( str or troposphere.ec2.SecurityGroup or troposphere.Ref or Troposphere.GetAtt ) – security group (object or title string) to add the rules to

validate_aws_sources ( ) [source]
ecs_composex.ingress_settings. define_protocol ( port_string ) [source]

Function to define the port protocol. Defaults to TCP if not specified otherwise

Parameters

port_string ( str ) – the port string to parse from the ports list in the compose file

Returns

protocol, ie. udp or tcp

Return type

str

ecs_composex.ingress_settings. flatten_ip ( ip_str ) [source]

Function to remove all non alphanum characters from IP CIDR notation

Parameters

ip_str

Return type

str

ecs_composex.ingress_settings. generate_security_group_props ( allowed_source ) [source]

Function to parse the allowed source and create the SG Opening options accordingly.

Parameters

allowed_source ( dict ) – The allowed source defined in configs

Returns

security group ingress properties

Return type

dict

ecs_composex.ingress_settings. lookup_security_group ( settings , lookup ) [source]

Function to fetch the security group ID based on lookup details

Parameters
Returns

ecs_composex.ingress_settings. set_service_ports ( ports ) [source]

Function to define common structure to ports

Returns

list of ports the ecs_service uses formatted according to dict

Return type

list

ecs_composex.macro module

Main module. Implements all the logic of the macro event parsing and generating. Passes all the arguments to ECS ComposeX to render the CFN templates for the docker-compose file.

ecs_composex.macro. define_s3_bucket_upload ( settings , params ) [source]

Function to override the buckets settings before rendering Priority goes to BucketName if defined in the CFN template in the macro Parameters Fall back to env var UPLOAD_BUCKET_NAME if set, else, sticks to default behaviour

ecs_composex.macro. init_settings_params ( settings_params , fragment , request_id , folder ) [source]

Function to define the parameters to send to ECS ComposeX Settings

Parameters
  • settings_params ( dict ) –

  • fragment

  • request_id ( str ) –

  • folder – Temporary folder to store all the files into.

Returns

ecs_composex.macro. lambda_handler ( event , context ) [source]

Lambda function entrypoint.

ecs_composex.macro. set_settings_from_remote_files ( files , settings_params , folder , session = None ) [source]
ecs_composex.macro. settings_from_raw_content ( settings , content , folder ) [source]

Function to define the ComposeX Settings from RAW Content

ecs_composex.resource_settings module

Module to handle resource settings definition to containers.

ecs_composex.resource_settings. add_iam_policy_to_service_task_role ( service_template , resource , perms , access_type , services ) [source]

Function to expand the ECS Task Role policy with the permissions for the resource :param troposphere.Template service_template: :param resource: :param perms: :param access_type: :param list services: :return:

ecs_composex.resource_settings. assign_new_resource_to_service ( resource , res_root_stack , arn_parameter , parameters = None ) [source]

Function to assign the new resource to the service/family using it.

Parameters
Param

The parameter mapping to the ARN attribute of the resource

ecs_composex.resource_settings. generate_resource_permissions ( resource_name , policies , arn ) [source]

Function to generate IAM permissions for a given x-resource. Returns the mapping of these for the given resource.

Parameters
  • resource_name ( str ) – The name of the resource

  • policies ( dict ) – the policies associated with the x-resource type.

  • arn ( str , AWSHelper ) – The ARN of the resource if already looked up.

Returns

dict of the IAM policies associated with the resource.

Rtype dict

ecs_composex.resource_settings. get_selected_services ( resource , target ) [source]

Function to get the selected services

Parameters
  • resource – The resource linking to services

  • target – the service/family target definition

Returns

ecs_composex.resource_settings. handle_kms_access ( mapping_family , resource , target , selected_services ) [source]

Function to map KMS permissions for the services which need access to a resource using a KMS Key :param str mapping_family: :param resource: :param tuple target: :param list selected_services:

ecs_composex.resource_settings. handle_lookup_resource ( mapping , mapping_family , resource , arn_parameter , parameters = None ) [source]
Parameters
Returns

ecs_composex.resource_settings. handle_resource_to_services ( xresource , services_stack , res_root_stack , settings , arn_parameter , parameters = None , nested = False ) [source]

Function to evaluate the type of resource coming in and pass on the settings and parameters for IAM and otherwise assignment

Parameters
Returns

ecs_composex.resource_settings. map_service_perms_to_resource ( resource , family , services , access_type , arn_value , attributes = None ) [source]

Function to :param resource: :param family: :param services: :param str access_type: :param value: The value for main attribute, used for env vars :param arn: The ARN to use for permissions, allows remote override :return:

ecs_composex.resources_import module

Module to import CFN Resources defined by their properties

ecs_composex.resources_import. handle_list ( properties , property_class ) [source]

Function to handle list properties

Parameters
  • property_class

  • properties

Returns

ecs_composex.resources_import. import_non_functions ( props , prop_name , top_class , properties , set_to_novalue ) [source]

Function to set property for flat object or recursive to sub properties

Parameters
  • props ( dict ) –

  • prop_name ( str ) –

  • top_class

  • properties ( dict ) –

  • set_to_novalue ( bool ) –

ecs_composex.resources_import. import_record_properties ( properties , top_class , set_to_novalue = False , ignore_missing_required = True ) [source]

Generic function importing the RecordSet properties. If the property was not defined, it is either left empty or set to AWS::NoValue For inner recursive, we enforce check on required properties.

Parameters
  • properties ( dict ) –

  • top_class – The class we are going to import properties for

  • set_to_novalue ( bool ) – Instead of skipping the property, actively set to AWS::NoValue

  • ignore_missing_required ( bool ) – Whether or not raise an error when missing an essential key.

Returns

The properties for the RecordSet

Return type

dict

ecs_composex.tcp_resources_settings module

Module of functions factorizing common patterns for TCP based access such as RDS, DocumentDB

ecs_composex.tcp_resources_settings. add_secret_to_container ( db , secret_import , service , target_definition ) [source]

Function to add DB secret to container

Parameters
  • db ( ecs_composex.common.compose_resources.Rds ) – the RDS DB object

  • service – The target service definition

  • secret_import ( str , AWSHelper ) – secret arn

  • target_definition

ecs_composex.tcp_resources_settings. add_secrets_access_policy ( service_template , secret_import , db_name , use_task_role = False ) [source]

Function to add or append policy to access DB Secret for the Execution Role

Parameters
  • service_template

  • secret_import

Returns

ecs_composex.tcp_resources_settings. add_security_group_ingress ( service_stack , db_name , sg_id , port ) [source]

Function to add a SecurityGroupIngress rule into the ECS Service template

Parameters
  • service_stack ( ecs_composex.ecs.ServicesStack ) – The root stack for the services

  • db_name ( str ) – the name of the database to use for imports

  • sg_id – The security group Id to use for ingress. DB Security group, not service’s

  • port – The port for Ingress to the DB.

ecs_composex.tcp_resources_settings. define_db_prefix ( db , mappings_definition ) [source]
ecs_composex.tcp_resources_settings. define_db_secrets ( db , secret_import , target_definition ) [source]

Function to return the list of env vars set for the DB to use as env vars for the Secret.

Returns

list of names to use.

Return type

list

ecs_composex.tcp_resources_settings. define_secrets_keys_mappings ( mappings_definition ) [source]

Function to analyze the secrets mapping provided

Parameters

mappings_definition

Returns

ecs_composex.tcp_resources_settings. generate_rds_secrets_permissions ( resources , db_name ) [source]

Function to generate the IAM policy to use for the ECS Execution role to get access to the RDS secrets :return:

ecs_composex.tcp_resources_settings. generate_secrets_from_secrets_mappings ( db , secrets_list , secret_definition , mappings_definition ) [source]

Function to generate a list of EcsSecrets

Parameters
  • db ( ecs_composex.common.compose_resources.Rds ) – the RDS DB object

  • secrets_list ( list ) –

  • secret_definition

  • mappings_definition

Returns

ecs_composex.tcp_resources_settings. handle_db_secret_to_services ( db , secret_import , target ) [source]
ecs_composex.tcp_resources_settings. handle_new_dbs_to_services ( db , sg_import , target , port = None ) [source]
ecs_composex.tcp_resources_settings. handle_new_tcp_resource ( resource , res_root_stack , port_parameter , sg_parameter , secret_parameter = None ) [source]

Funnction to standardize TCP services access from services.

Parameters
  • resource

  • res_root_stack

  • port_parameter

  • sg_parameter

  • secret_parameter

Returns

Module contents

Top-level package for ECS ComposeX.