salt.modules.boto_iot module

Connection module for Amazon IoT

2016.3.0 新版功能.

configuration:

This module accepts explicit Lambda credentials but can also utilize IAM roles assigned to the instance trough Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More Information available at:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

If IAM roles are not used you need to specify them either in a pillar or in the minion's config file:

iot.keyid: GKTADJGHEIQSXMKKRBJ08H
iot.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

A region may also be specified in the configuration:

iot.region: us-east-1

If a region is not specified, the default is us-east-1.

It's also possible to specify key, keyid and region via a profile, either as a passed in dict, or as a string to pull from pillars or minion config:

myprofile:
    keyid: GKTADJGHEIQSXMKKRBJ08H
    key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
    region: us-east-1
depends:

boto3

salt.modules.boto_iot.attach_principal_policy(policyName, principal, region=None, key=None, keyid=None, profile=None)

Attach the specified policy to the specified principal (certificate or other credential.)

Returns {attached: true} if the policy was attached {attached: False} if the policy was not attached.

CLI Example:

salt myminion boto_iot.attach_principal_policy mypolicy mycognitoID
salt.modules.boto_iot.create_policy(policyName, policyDocument, region=None, key=None, keyid=None, profile=None)

Given a valid config, create a policy.

Returns {created: true} if the policy was created and returns {created: False} if the policy was not created.

CLI Example:

salt myminion boto_iot.create_policy my_policy \
      '{"Version":"2015-12-12",\
      "Statement":[{"Effect":"Allow",\
                    "Action":["iot:Publish"],\
                    "Resource":["arn:::::topic/foo/bar"]}]}'
salt.modules.boto_iot.create_policy_version(policyName, policyDocument, setAsDefault=False, region=None, key=None, keyid=None, profile=None)

Given a valid config, create a new version of a policy.

Returns {created: true} if the policy version was created and returns {created: False} if the policy version was not created.

CLI Example:

salt myminion boto_iot.create_policy_version my_policy \
       '{"Statement":[{"Effect":"Allow","Action":["iot:Publish"],"Resource":["arn:::::topic/foo/bar"]}]}'
salt.modules.boto_iot.create_topic_rule(ruleName, sql, actions, description, ruleDisabled=False, region=None, key=None, keyid=None, profile=None)

Given a valid config, create a topic rule.

Returns {created: true} if the rule was created and returns {created: False} if the rule was not created.

CLI Example:

salt myminion boto_iot.create_topic_rule my_rule "SELECT * FROM 'some/thing'" \
    '[{"lambda":{"functionArn":"arn:::::something"}},{"sns":{\
    "targetArn":"arn:::::something","roleArn":"arn:::::something"}}]'
salt.modules.boto_iot.delete_policy(policyName, region=None, key=None, keyid=None, profile=None)

Given a policy name, delete it.

Returns {deleted: true} if the policy was deleted and returns {deleted: false} if the policy was not deleted.

CLI Example:

salt myminion boto_iot.delete_policy mypolicy
salt.modules.boto_iot.delete_policy_version(policyName, policyVersionId, region=None, key=None, keyid=None, profile=None)

Given a policy name and version, delete it.

Returns {deleted: true} if the policy version was deleted and returns {deleted: false} if the policy version was not deleted.

CLI Example:

salt myminion boto_iot.delete_policy_version mypolicy version
salt.modules.boto_iot.delete_topic_rule(ruleName, region=None, key=None, keyid=None, profile=None)

Given a rule name, delete it.

Returns {deleted: true} if the rule was deleted and returns {deleted: false} if the rule was not deleted.

CLI Example:

salt myminion boto_iot.delete_rule myrule
salt.modules.boto_iot.describe_policy(policyName, region=None, key=None, keyid=None, profile=None)

Given a policy name describe its properties.

Returns a dictionary of interesting properties.

CLI Example:

salt myminion boto_iot.describe_policy mypolicy
salt.modules.boto_iot.describe_policy_version(policyName, policyVersionId, region=None, key=None, keyid=None, profile=None)

Given a policy name and version describe its properties.

Returns a dictionary of interesting properties.

CLI Example:

salt myminion boto_iot.describe_policy_version mypolicy version
salt.modules.boto_iot.describe_topic_rule(ruleName, region=None, key=None, keyid=None, profile=None)

Given a topic rule name describe its properties.

Returns a dictionary of interesting properties.

CLI Example:

salt myminion boto_iot.describe_topic_rule myrule
salt.modules.boto_iot.detach_principal_policy(policyName, principal, region=None, key=None, keyid=None, profile=None)

Detach the specified policy from the specified principal (certificate or other credential.)

Returns {detached: true} if the policy was detached {detached: False} if the policy was not detached.

CLI Example:

salt myminion boto_iot.detach_principal_policy mypolicy mycognitoID
salt.modules.boto_iot.list_policies(region=None, key=None, keyid=None, profile=None)

List all policies

Returns list of policies

CLI Example:

policies:
  - {...}
  - {...}
salt.modules.boto_iot.list_policy_versions(policyName, region=None, key=None, keyid=None, profile=None)

List the versions available for the given policy.

CLI Example

policyVersions:
  - {...}
  - {...}
salt.modules.boto_iot.list_principal_policies(principal, region=None, key=None, keyid=None, profile=None)

List the policies attached to the given principal.

CLI Example

policies:
  - {...}
  - {...}
salt.modules.boto_iot.list_topic_rules(topic=None, ruleDisabled=None, region=None, key=None, keyid=None, profile=None)

List all rules (for a given topic, if specified)

Returns list of rules

CLI Example:

rules:
  - {...}
  - {...}
salt.modules.boto_iot.policy_exists(policyName, region=None, key=None, keyid=None, profile=None)

Given a policy name, check to see if the given policy exists.

Returns True if the given policy exists and returns False if the given policy does not exist.

CLI Example:

salt myminion boto_iot.policy_exists mypolicy
salt.modules.boto_iot.policy_version_exists(policyName, policyVersionId, region=None, key=None, keyid=None, profile=None)

Given a policy name and version ID, check to see if the given policy version exists.

Returns True if the given policy version exists and returns False if the given policy version does not exist.

CLI Example:

salt myminion boto_iot.policy_version_exists mypolicy versionid
salt.modules.boto_iot.replace_topic_rule(ruleName, sql, actions, description, ruleDisabled=False, region=None, key=None, keyid=None, profile=None)

Given a valid config, replace a topic rule with the new values.

Returns {created: true} if the rule was created and returns {created: False} if the rule was not created.

CLI Example:

salt myminion boto_iot.replace_topic_rule my_rule 'SELECT * FROM some.thing' \
    '[{"lambda":{"functionArn":"arn:::::something"}},{"sns":{\
    "targetArn":"arn:::::something","roleArn":"arn:::::something"}}]'
salt.modules.boto_iot.set_default_policy_version(policyName, policyVersionId, region=None, key=None, keyid=None, profile=None)

Sets the specified version of the specified policy as the policy's default (operative) version. This action affects all certificates that the policy is attached to.

Returns {changed: true} if the policy version was set {changed: False} if the policy version was not set.

CLI Example:

salt myminion boto_iot.set_default_policy_version mypolicy versionid
salt.modules.boto_iot.topic_rule_exists(ruleName, region=None, key=None, keyid=None, profile=None)

Given a rule name, check to see if the given rule exists.

Returns True if the given rule exists and returns False if the given rule does not exist.

CLI Example:

salt myminion boto_iot.topic_rule_exists myrule