From 8af2984b27dd50c5afad809ee2fbf8221b200cf9 Mon Sep 17 00:00:00 2001 From: "Michael, James" Date: Thu, 30 Mar 2017 14:53:05 -0700 Subject: [PATCH] cms and gateway to use cf signals and required policy changes --- smaas-cf/smaas/cms-cluster.py | 3 ++- smaas-cf/smaas/gateway-cluster.py | 3 ++- smaas-cf/smaas/vpc-and-base.py | 30 ++++++++++++++++++++++++++++++ 3 files changed, 34 insertions(+), 2 deletions(-) diff --git a/smaas-cf/smaas/cms-cluster.py b/smaas-cf/smaas/cms-cluster.py index 064c5f32..b1e950e4 100644 --- a/smaas-cf/smaas/cms-cluster.py +++ b/smaas-cf/smaas/cms-cluster.py @@ -238,7 +238,8 @@ AutoScalingRollingUpdate=AutoScalingRollingUpdate( MaxBatchSize=1, MinInstancesInService=2, - PauseTime="PT6M" + PauseTime="PT15M", + WaitOnResourceSignals=True ) ), VPCZoneIdentifier=subnet_id_refs, diff --git a/smaas-cf/smaas/gateway-cluster.py b/smaas-cf/smaas/gateway-cluster.py index d54afe5e..9121777e 100644 --- a/smaas-cf/smaas/gateway-cluster.py +++ b/smaas-cf/smaas/gateway-cluster.py @@ -293,7 +293,8 @@ AutoScalingRollingUpdate=AutoScalingRollingUpdate( MaxBatchSize=1, MinInstancesInService=2, - PauseTime="PT3M" + PauseTime="PT15M", + WaitOnResourceSignals=True ) ), VPCZoneIdentifier=subnet_id_refs, diff --git a/smaas-cf/smaas/vpc-and-base.py b/smaas-cf/smaas/vpc-and-base.py index 02728519..d86b5bf7 100644 --- a/smaas-cf/smaas/vpc-and-base.py +++ b/smaas-cf/smaas/vpc-and-base.py @@ -554,6 +554,21 @@ "Action": ["sts:AssumeRole"] }] }, + Policies=[ + Policy( + PolicyName="gatewayPolicy", + PolicyDocument={ + "Statement": [{ + "Effect": "Allow", + "Action": [ + "EC2:Describe*", + "cloudformation:SignalResource" + ], + "Resource": "*" + }], + } + ) + ], Path="/" )) @@ -569,6 +584,21 @@ "Action": ["sts:AssumeRole"] }] }, + Policies=[ + Policy( + PolicyName="cmsPolicy", + PolicyDocument={ + "Statement": [{ + "Effect": "Allow", + "Action": [ + "EC2:Describe*", + "cloudformation:SignalResource" + ], + "Resource": "*" + }], + } + ) + ], Path="/" ))