This repository has been archived by the owner on Apr 22, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 50
/
Copy pathvolume_testing.sh
executable file
·109 lines (94 loc) · 3.47 KB
/
volume_testing.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
#!/bin/bash
RANDOM_SUFFIX="$RANDOM$RANDOM"
TEST_ROLE="test-role-$AMI_ID-$RANDOM_SUFFIX"
TEST_PERMISSIONS="test-permissions-$AMI_ID-$RANDOM_SUFFIX"
INSTANCE_PROFILE="test-profile-$AMI_ID-$RANDOM_SUFFIX"
TEST_VOLUMES="test-volumes-$AMI_ID-$RANDOM_SUFFIX"
create_profile_for_volume_attachment()
{
echo "Creating test instance profile $INSTANCE_PROFILE ..."
TRUST_POLICY="trustpolicy-$AMI_ID"
cat << EOF > "$TRUST_POLICY"
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Principal": {"Service": "ec2.amazonaws.com"},
"Action": "sts:AssumeRole"
}
}
EOF
PERMISSIONS_POLICY="permissionspolicy-$AMI_ID"
cat << EOF > "$PERMISSIONS_POLICY"
{
"Version": "2012-10-17",
"Statement": {
"Effect": "Allow",
"Action": [
"ec2:DescribeVolumes",
"ec2:AttachVolume",
"ec2:DetachVolume"
],
"Resource": "*"
}
}
EOF
aws iam create-role --role-name "$TEST_ROLE" \
--assume-role-policy-document "file://$TRUST_POLICY" > /dev/null
aws iam put-role-policy --role-name "$TEST_ROLE" \
--policy-name "$TEST_PERMISSIONS" --policy-document "file://$PERMISSIONS_POLICY" > /dev/null
aws iam create-instance-profile --instance-profile-name "$INSTANCE_PROFILE" > /dev/null
aws iam add-role-to-instance-profile --instance-profile-name "$INSTANCE_PROFILE" \
--role-name "$TEST_ROLE"
aws iam get-instance-profile --instance-profile-name "$INSTANCE_PROFILE" > /dev/null
rm -f "$TRUST_POLICY" "$PERMISSIONS_POLICY"
}
delete_profile_for_volume_attachment()
{
echo "Deleting test instance profile $INSTANCE_PROFILE ..."
aws iam remove-role-from-instance-profile --instance-profile-name "$INSTANCE_PROFILE" --role-name "$TEST_ROLE"
aws iam delete-instance-profile --instance-profile-name "$INSTANCE_PROFILE"
aws iam delete-role-policy --role-name "$TEST_ROLE" --policy-name "$TEST_PERMISSIONS"
aws iam delete-role --role-name "$TEST_ROLE"
}
create_test_volumes()
{
echo "Creating test EBS volumes ..."
SUBNET_DESCRIPTION=$(aws ec2 describe-subnets --output json --region ${region} --subnet-id ${subnet})
AVAILABILITY_ZONE=$(echo ${SUBNET_DESCRIPTION} | jq .Subnets\[0\].AvailabilityZone | sed 's/"//g')
for i in `seq 1 4`;
do
result=$(aws ec2 create-volume \
--size 2 \
--output json \
--region ${region} \
--availability-zone ${AVAILABILITY_ZONE} \
--tag-specifications 'ResourceType=volume,Tags=[{Key=Taupage,Value=TestVolume}]' \
--volume-type gp2)
volumeid=$(echo ${result} | jq .VolumeId | sed 's/"//g')
aws ec2 create-tags --region ${region} --resources ${volumeid} --tags "Key=Name,Value=taupage-ami-test-vol$i"
echo ${volumeid} >> "${TEST_VOLUMES}"
done
}
delete_test_volumes()
{
echo "Deleting test EBS volumes ..."
for volumeid in $(cat "${TEST_VOLUMES}") ;
do
while [ true ]; do
result=$(aws ec2 describe-volumes --output json --region ${region} --volume-id $volumeid --output json)
state=$(echo $result | jq .Volumes\[0\].State | sed 's/"//g')
if [ ! -z "$state" ] && [ "$state" = "available" ];
then
break
else
echo "Waiting for volume $volumeid to detach...";
sleep 2;
fi
done
#debug
echo "delete ${volumeid}";
aws ec2 delete-volume --region ${region} --volume-id ${volumeid}
done
rm -f "$TEST_VOLUMES"
}