Skip to content

Commit

Permalink
wip: create and delete custom SSM document during tests
Browse files Browse the repository at this point in the history
  • Loading branch information
Sébastien Brochet committed Feb 7, 2022
1 parent b363912 commit c2792e4
Show file tree
Hide file tree
Showing 6 changed files with 41 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,5 @@ windows_ami_name: Windows_Server-2019-English-Full-Base-*
# - https://github.com/mattclay/aws-terminator/pull/181
# - https://github.com/ansible-collections/community.aws/pull/763
s3_bucket_name: ssm-encrypted-test-bucket

ssm_document_name: ansible-custom-document
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{
"schemaVersion": "1.0",
"description": "Custom SSM document",
"sessionType": "Standard_Stream",
"inputs": {
"s3EncryptionEnabled": false,
"cloudWatchLogGroupName": "",
"cloudWatchEncryptionEnabled": false,
"idleSessionTimeout": "20",
"cloudWatchStreamingEnabled": false,
"kmsKeyId": "",
"runAsEnabled": false,
"runAsDefaultUser": ""
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,9 @@
pause:
seconds: 10

- name: Create custom SSM document
command: "aws ssm create-document --content {{ lookup('file', 'ssm-document.json') }} --name {{ ssm_document_name }} --document-type Session"

- name: Create Windows EC2 instance
ec2_instance:
instance_type: "{{instance_type}}"
Expand Down Expand Up @@ -149,3 +152,9 @@
dest: "{{playbook_dir}}/iam_role_vars_to_delete.yml"
src: iam_role_vars_to_delete.yml.j2
ignore_errors: yes

- name: Create SSM vars_to_delete.yml
template:
dest: "{{playbook_dir}}/ssm_vars_to_delete.yml"
src: ssm_vars_to_delete.yml.j2
ignore_errors: yes
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ ansible_python_interpreter=/usr/bin/env python
local_tmp=/tmp/ansible-local-
ansible_aws_ssm_bucket_sse_mode='aws:kms'
ansible_aws_ssm_bucket_sse_kms_key_id=alias/{{ resource_prefix }}-kms
ansible_aws_ssm_document=SSM-SessionManagerRunShell
ansible_aws_ssm_document={{ ssm_document_name }}

# support tests that target testhost
[testhost:children]
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
ssm_document_name: {{ssm_document_name}}
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,15 @@
include_vars: "{{playbook_dir}}/iam_role_vars_to_delete.yml"
when: iam_role_vars_file.stat.exists == true

- name: Check if ssm_vars_to_delete.yml is present
stat:
path: "{{playbook_dir}}/ssm_vars_to_delete.yml"
register: ssm_vars_file

- name: Include variable file to delete SSM infra
include_vars: "{{playbook_dir}}/ssm_vars_to_delete.yml"
when: ssm_vars_file.stat.exists == true

- name: Terminate Windows EC2 instances that were previously launched
ec2_instance:
instance_ids:
Expand Down Expand Up @@ -83,6 +92,9 @@
state: absent
alias: '{{ resource_prefix }}-kms'

- name: Delete SSM document
command: "aws ssm delete-document --name {{ ssm_document_name }}"

- name: Delete AWS keys environement
file:
path: "{{playbook_dir}}/aws-env-vars.sh"
Expand Down

0 comments on commit c2792e4

Please sign in to comment.