salt.states.boto_iot module

Manage IoT Objects

2016.3.0 新版功能.

Create and destroy IoT objects. Be aware that this interacts with Amazon's services, and so may incur charges.

This module uses boto3, which can be installed via package, or pip.

This module accepts explicit vpc credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More information available here.

If IAM roles are not used you need to specify them either in a pillar file or in the minion's config file:

vpc.keyid: GKTADJGHEIQSXMKKRBJ08H
vpc.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

It's also possible to specify key, keyid and region via a profile, either passed in as a dict, or as a string to pull from pillars or minion config:

myprofile:
    keyid: GKTADJGHEIQSXMKKRBJ08H
    key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
        region: us-east-1
Ensure policy exists:
    boto_iot.policy_present:
        - policyName: mypolicy
        - policyDocument:
            Version: "2012-10-17"
            Statement:
              Action:
                - iot:Publish
              Resource:
                - "*"
              Effect: "Allow"
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

Ensure topic rule exists:
    boto_iot.topic_rule_present:
        - ruleName: myrule
        - sql: "SELECT * FROM 'iot/test'"
        - description: 'test rule'
        - ruleDisabled: false
        - actions:
          - lambda:
              functionArn: "arn:aws:us-east-1:1234:function/functionname"
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
salt.states.boto_iot.policy_absent(name, policyName, region=None, key=None, keyid=None, profile=None)

Ensure policy with passed properties is absent.

name
The name of the state definition.
policyName
Name of the policy.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_iot.policy_attached(name, policyName, principal, region=None, key=None, keyid=None, profile=None)

Ensure policy is attached to the given principal.

name
The name of the state definition
policyName
Name of the policy.
principal
The principal which can be a certificate ARN or a Cognito ID.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_iot.policy_detached(name, policyName, principal, region=None, key=None, keyid=None, profile=None)

Ensure policy is attached to the given principal.

name
The name of the state definition.
policyName
Name of the policy.
principal
The principal which can be a certificate ARN or a Cognito ID.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_iot.policy_present(name, policyName, policyDocument, region=None, key=None, keyid=None, profile=None)

Ensure policy exists.

name
The name of the state definition
policyName
Name of the policy.
policyDocument
The JSON document that describes the policy. The length of the policyDocument must be a minimum length of 1, with a maximum length of 2048, excluding whitespace.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_iot.topic_rule_absent(name, ruleName, region=None, key=None, keyid=None, profile=None)

Ensure topic rule with passed properties is absent.

name
The name of the state definition.
ruleName
Name of the policy.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
salt.states.boto_iot.topic_rule_present(name, ruleName, sql, actions, description='', ruleDisabled=False, region=None, key=None, keyid=None, profile=None)

Ensure topic rule exists.

name
The name of the state definition
ruleName
Name of the rule.
sql
The SQL statement used to query the topic.
actions
The actions associated with the rule.
description
The description of the rule.
ruleDisable
Specifies whether the rule is disabled.
region
Region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.