From c16a16be928e641ca0822881de5c36d342906d7e Mon Sep 17 00:00:00 2001 From: Vincent Kramar Date: Tue, 1 Dec 2015 05:29:14 +0100 Subject: [PATCH 1/8] S3 storage type template IAM Profile support --- templates/job/s3.erb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/templates/job/s3.erb b/templates/job/s3.erb index 8d843b4..45f9bbc 100644 --- a/templates/job/s3.erb +++ b/templates/job/s3.erb @@ -2,8 +2,12 @@ # Amazon Simple Storage Service [Storage] # store_with S3 do |s3| +<% if @use_iam_profile -%> + s3.use_iam_profile = "<%= @use_iam_profile -%>" +<% else -%> s3.access_key_id = "<%= @aws_access_key -%>" s3.secret_access_key = "<%= @aws_secret_key -%>" +<% end -%> s3.path = "<%= @_path -%>" s3.bucket = "<%= @bucket -%>" <% if @aws_region -%> From 9b786d954e0ddd9005fbcf5abdc06be20bccdec5 Mon Sep 17 00:00:00 2001 From: Vincent Kramar Date: Tue, 1 Dec 2015 05:36:15 +0100 Subject: [PATCH 2/8] S3 IAM Profile boolean taken from params --- manifests/init.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/init.pp b/manifests/init.pp index 239f96f..9dbbeb4 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -28,6 +28,7 @@ # S3 $aws_access_key = $::backup::params::aws_access_key, $aws_secret_key = $::backup::params::aws_secret_key, + $use_iam_profile = $::backup::params::use_iam_profile, $bucket = $::backup::params::bucket, $aws_region = $::backup::params::aws_region, # Remote storage common From 837f8b4f4a061c04aa1d7a1f6daed919457e172e Mon Sep 17 00:00:00 2001 From: Vincent Kramar Date: Tue, 1 Dec 2015 05:37:51 +0100 Subject: [PATCH 3/8] S3 IAM Profile boolean support --- manifests/params.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/params.pp b/manifests/params.pp index c2d6761..c04db0d 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -43,6 +43,7 @@ # S3 $aws_access_key = undef $aws_secret_key = undef + $use_iam_profile = undef $bucket = undef $aws_region = undef $reduced_redundancy = false From e7ef49951cd513dcc8b7a1025abd50cb460efb57 Mon Sep 17 00:00:00 2001 From: Vincent Kramar Date: Tue, 1 Dec 2015 05:39:36 +0100 Subject: [PATCH 4/8] S3 Storage use_iam_profile now simply true --- templates/job/s3.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/job/s3.erb b/templates/job/s3.erb index 45f9bbc..7b7df8f 100644 --- a/templates/job/s3.erb +++ b/templates/job/s3.erb @@ -3,7 +3,7 @@ # store_with S3 do |s3| <% if @use_iam_profile -%> - s3.use_iam_profile = "<%= @use_iam_profile -%>" + s3.use_iam_profile = true <% else -%> s3.access_key_id = "<%= @aws_access_key -%>" s3.secret_access_key = "<%= @aws_secret_key -%>" From 8893f4334e4a76a1bcb99d6cd88dd3714bdcecc7 Mon Sep 17 00:00:00 2001 From: Vincent Kramar Date: Tue, 1 Dec 2015 05:42:31 +0100 Subject: [PATCH 5/8] S3 use_iam_profile now a bool --- manifests/params.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manifests/params.pp b/manifests/params.pp index c04db0d..d1a5408 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -43,7 +43,7 @@ # S3 $aws_access_key = undef $aws_secret_key = undef - $use_iam_profile = undef + $use_iam_profile = false $bucket = undef $aws_region = undef $reduced_redundancy = false From 409bbb11cc135f6d51ec48eeb3453a800f429d96 Mon Sep 17 00:00:00 2001 From: Vincent Kramar Date: Tue, 1 Dec 2015 05:45:01 +0100 Subject: [PATCH 6/8] Job S3 storage use_iam_profile bool support --- manifests/job.pp | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/manifests/job.pp b/manifests/job.pp index d103c8a..b4b230a 100644 --- a/manifests/job.pp +++ b/manifests/job.pp @@ -47,6 +47,7 @@ # S3 $aws_access_key = $::backup::aws_access_key, $aws_secret_key = $::backup::aws_secret_key, + $use_iam_profile = $::backup::use_iam_profile, $bucket = $::backup::bucket, $aws_region = $::backup::aws_region, $reduced_redundancy = $::backup::reduced_redundancy, @@ -195,13 +196,16 @@ # S3 if $storage_type == 's3' { validate_bool($reduced_redundancy) - - if !$aws_access_key or !is_string($aws_access_key) { - fail("[Backup::Job::${name}]: Parameter aws_access_key is required for S3 storage") - } - - if !$aws_secret_key or !is_string($aws_secret_key) { - fail("[Backup::Job::${name}]: Parameter aws_secret_key is required for S3 storage") + validate_bool($use_iam_profile) + + if !$use_iam_profile { + if !$aws_access_key or !is_string($aws_access_key) { + fail("[Backup::Job::${name}]: Parameter aws_access_key is required for S3 storage") + } + + if !$aws_secret_key or !is_string($aws_secret_key) { + fail("[Backup::Job::${name}]: Parameter aws_secret_key is required for S3 storage") + } } if !$bucket or !is_string($bucket) { From 34221688d20dbfe90162a63de0845872505f1f6d Mon Sep 17 00:00:00 2001 From: Vincent Kramar Date: Tue, 1 Dec 2015 05:58:35 +0100 Subject: [PATCH 7/8] Job S3 template usage doc updated --- manifests/job.pp | 1 + 1 file changed, 1 insertion(+) diff --git a/manifests/job.pp b/manifests/job.pp index b4b230a..9c8c52e 100644 --- a/manifests/job.pp +++ b/manifests/job.pp @@ -460,6 +460,7 @@ # Template uses # - $aws_access_key # - $aws_secret_key + # - $use_iam_profile # - $path # - $aws_region # - $bucket From 344f56ca0866a1dbdd76bae8eda057ccd9d0c980 Mon Sep 17 00:00:00 2001 From: Vincent Kramar Date: Tue, 1 Dec 2015 07:14:53 +0100 Subject: [PATCH 8/8] S3 newline before last end was missing --- templates/job/s3.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/job/s3.erb b/templates/job/s3.erb index 7b7df8f..34a2963 100644 --- a/templates/job/s3.erb +++ b/templates/job/s3.erb @@ -18,5 +18,5 @@ <% end -%> <% if @reduced_redundancy -%> s3.storage_class = :reduced_redundancy -<% end -%> +<% end %> end