salt.states.boto_iot module¶

Manage IoT Objects¶

2016.3.0 新版功能.

Create and destroy IoT objects. Be aware that this interacts with Amazon's services, and so may incur charges.

This module uses boto3, which can be installed via package, or pip.

This module accepts explicit vpc credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More information available here.

If IAM roles are not used you need to specify them either in a pillar file or in the minion's config file:

vpc.keyid: GKTADJGHEIQSXMKKRBJ08H
vpc.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

It's also possible to specify key, keyid and region via a profile, either passed in as a dict, or as a string to pull from pillars or minion config:

myprofile:
    keyid: GKTADJGHEIQSXMKKRBJ08H
    key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
        region: us-east-1

Ensure policy exists:
    boto_iot.policy_present:
        - policyName: mypolicy
        - policyDocument:
            Version: "2012-10-17"
            Statement:
              Action:
                - iot:Publish
              Resource:
                - "*"
              Effect: "Allow"
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

Ensure topic rule exists:
    boto_iot.topic_rule_present:
        - ruleName: myrule
        - sql: "SELECT * FROM 'iot/test'"
        - description: 'test rule'
        - ruleDisabled: false
        - actions:
          - lambda:
              functionArn: "arn:aws:us-east-1:1234:function/functionname"
        - region: us-east-1
        - keyid: GKTADJGHEIQSXMKKRBJ08H
        - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

salt.states.boto_iot.policy_absent(name, policyName, region=None, key=None, keyid=None, profile=None)¶

Ensure policy with passed properties is absent.

name: The name of the state definition.
policyName: Name of the policy.
region: Region to connect to.
key: Secret key to be used.
keyid: Access key to be used.
profile: A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.

salt.states.boto_iot.policy_attached(name, policyName, principal, region=None, key=None, keyid=None, profile=None)¶

Ensure policy is attached to the given principal.

name: The name of the state definition
policyName: Name of the policy.
principal: The principal which can be a certificate ARN or a Cognito ID.
region: Region to connect to.
key: Secret key to be used.
keyid: Access key to be used.
profile: A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.

salt.states.boto_iot.policy_detached(name, policyName, principal, region=None, key=None, keyid=None, profile=None)¶

Ensure policy is attached to the given principal.

name: The name of the state definition.
policyName: Name of the policy.
principal: The principal which can be a certificate ARN or a Cognito ID.
region: Region to connect to.
key: Secret key to be used.
keyid: Access key to be used.
profile: A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.

salt.states.boto_iot.policy_present(name, policyName, policyDocument, region=None, key=None, keyid=None, profile=None)¶

Ensure policy exists.

name: The name of the state definition
policyName: Name of the policy.
policyDocument: The JSON document that describes the policy. The length of the policyDocument must be a minimum length of 1, with a maximum length of 2048, excluding whitespace.
region: Region to connect to.
key: Secret key to be used.
keyid: Access key to be used.
profile: A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.

salt.states.boto_iot.topic_rule_absent(name, ruleName, region=None, key=None, keyid=None, profile=None)¶

Ensure topic rule with passed properties is absent.

name: The name of the state definition.
ruleName: Name of the policy.
region: Region to connect to.
key: Secret key to be used.
keyid: Access key to be used.
profile: A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.

salt.states.boto_iot.topic_rule_present(name, ruleName, sql, actions, description='', ruleDisabled=False, region=None, key=None, keyid=None, profile=None)¶

Ensure topic rule exists.

name: The name of the state definition
ruleName: Name of the rule.
sql: The SQL statement used to query the topic.
actions: The actions associated with the rule.
description: The description of the rule.
ruleDisable: Specifies whether the rule is disabled.
region: Region to connect to.
key: Secret key to be used.
keyid: Access key to be used.
profile: A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.