-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeploy.sh
executable file
·141 lines (119 loc) · 3.93 KB
/
deploy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
#!/usr/bin/env bash
BUCKET_NAME="okta-access-manager"
ManagedResourcePrefix="okta-access-manager"
removetemp()
{
echo 'Removing temporary files'
rm -rf build/
rm lambda.zip
}
lambda()
{
echo 'Starting build:' && date
mkdir build
pip3 install -t ./build pyyaml requests charset-normalizer > /dev/null
cd build; rm -rf *.dist-info; rm -rf _*;
zip -r ../lambda.zip .; cd .. ;
zip -U lambda.zip --output-file manageGroups.zip > /dev/null
zip -U lambda.zip --output-file manageMemberships.zip > /dev/null
cd script/;
zip -g ../manageGroups.zip okta.py > /dev/null
zip -g ../manageGroups.zip manageGroups.py > /dev/null
zip -g ../manageMemberships.zip okta.py > /dev/null
zip -g ../manageMemberships.zip manageMembership.py > /dev/null
cd ..
}
create()
{
echo "Input your Okta Domain - "
read -r domain
echo "Input your Okta Token - "
read -r token
aws ssm put-parameter --name "okta-host" --value "${domain}" --type "SecureString"
aws ssm put-parameter --name "okta-token" --value "${token}" --type "SecureString"
aws cloudformation deploy --template-file cloudformation/infra.yaml --stack-name "${ManagedResourcePrefix}" --capabilities CAPABILITY_NAMED_IAM --parameter-overrides ParameterKey=BucketName,ParameterValue="${BUCKET_NAME}",ParameterKey=ManagedResourcePrefix,ParameterValue="${ManagedResourcePrefix}"
aws lambda update-function-code --function-name accesss-manager-manageGroups --zip-file fileb://manageGroups.zip
aws lambda update-function-code --function-name accesss-manager-manageMemberships --zip-file fileb://manageMemberships.zip
aws s3 cp manageGroups.zip s3://$BUCKET_NAME/lambda/manageGroups.zip --sse aws:kms
aws s3 cp manageMemberships.zip s3://$BUCKET_NAME/lambda/manageMemberships.zip --sse aws:kms
aws s3 cp files/ s3://$BUCKET_NAME/files/ --recursive --sse aws:kms
}
update()
{
aws cloudformation deploy --template-file cloudformation/infra.yaml --stack-name "${ManagedResourcePrefix}" --capabilities CAPABILITY_NAMED_IAM --parameter-overrides ParameterKey=BucketName,ParameterValue="${BUCKET_NAME}",ParameterKey=ManagedResourcePrefix,ParameterValue="${ManagedResourcePrefix}"
aws lambda update-function-code --function-name accesss-manager-manageGroups --zip-file fileb://manageGroups.zip
aws lambda update-function-code --function-name accesss-manager-manageMemberships --zip-file fileb://manageMemberships.zip
aws s3 cp manageGroups.zip s3://$BUCKET_NAME/lambda/manageGroups.zip --sse aws:kms
aws s3 cp manageMemberships.zip s3://$BUCKET_NAME/lambda/manageMemberships.zip --sse aws:kms
}
delete()
{
echo "Inside delete"
aws s3 rm s3://$BUCKET_NAME --recursive
aws ssm delete-parameter --name "okta-host"
aws ssm delete-parameter --name "okta-token"
aws cloudformation delete-stack --stack-name "${ManagedResourcePrefix}"
if [[ "$?" -eq 0 ]]; then
echo "Stack deleted scuessfully"
else
echo "There was an issue(s) while deleting the CloudFormation stack."
fi
}
showUsage()
{
echo "Usage - $0 [options [paramters]]"
echo ""
echo "--profile or -p for the AWS Profile that is to be used to run this script"
echo "--action or -a for action that is going to be performed. Valid actions - create, update, delete."
}
dir=$(pwd)
echo "Running from Directory: $dir"
# Actions - update-lambda, create, delete.
while [ -n "$1" ]; do
case "$1" in
--profile|-p)
shift
echo "Profile Entered: $1"
PROFILE=$1
;;
--action|-a)
shift
echo "Action Entered: $1"
ACTION=$1
;;
*)
showUsage
exit 1
;;
esac
shift
done
if [ -z "$PROFILE" ]; then
echo "AWS Profile is a required option."
showUsage
exit 1
fi
if [ -z "$ACTION" ]; then
echo "action is a required option."
showUsage
exit 1
fi
case $ACTION in
create)
lambda
create
removetemp
;;
update)
lambda
update
removetemp
;;
delete)
delete
;;
*)
showUsage
exit 1
;;
esac