Build better AWS infrastructure

Overview

Sceptre

CircleCI Docker Image Version (latest semver) PyPI PyPI - Status PyPI - Python Version PyPI - Downloads License

About

Sceptre is a tool to drive AWS CloudFormation. It automates the mundane, repetitive and error-prone tasks, enabling you to concentrate on building better infrastructure.

Features

  • Code reuse by separating a Stack's template and its configuration
  • Support for templates written in JSON, YAML, Jinja2 or Python DSLs such as Troposphere
  • Dependency resolution by passing of Stack outputs to parameters of dependent Stacks
  • Stack Group support by bundling related Stacks into logical groups (e.g. dev and prod)
  • Stack Group-level commands, such as creating multiple Stacks with a single command
  • Fast, highly parallelised builds
  • Built in support for working with Stacks in multiple AWS accounts and regions
  • Infrastructure visibility with meta-operations such as Stack querying protection
  • Support for inserting dynamic values in templates via customisable Resolvers
  • Support for running arbitrary code as Hooks before/after Stack builds

Benefits

  • Utilises cloud-native Infrastructure as Code engines (CloudFormation)
  • You do not need to manage state
  • Simple templates using popular templating syntax - Yaml & Jinja
  • Powerful flexibility using a mature programming language - Python
  • Easy to integrate as part of a CI/CD pipeline by using Hooks
  • Simple CLI and API
  • Unopinionated - Sceptre does not force a specific project structure

Install

Using pip

$ pip install sceptre

More information on installing sceptre can be found in our Installation Guide

Using Docker Image

View our Docker repository. Images available from version 2.0.0 onward.

To use our Docker image follow these instructions:

  1. Pull the image docker pull cloudreach/sceptre:[SCEPTRE_VERSION_NUMBER] e.g. docker pull cloudreach/sceptre:2.5.0. Leave out the version number if you wish to run latest or run docker pull cloudreach/sceptre:latest.

  2. Run the image. You will need to mount the working directory where your project resides to a directory called project. You will also need to mount a volume with your AWS config to your docker container. E.g.

docker run -v $(pwd):/project -v /Users/me/.aws/:/root/.aws/:ro cloudreach/sceptre:latest --help

If you want to use a custom ENTRYPOINT simply amend the Docker command:

docker run -ti --entrypoint='' cloudreach/sceptre:latest sh

The above command will enter you into the shell of the Docker container where you can execute sceptre commands - useful for development.

If you have any other environment variables in your non-docker shell you will need to pass these in on the Docker CLI using the -e flag. See Docker documentation on how to achieve this.

Example

Sceptre organises Stacks into "Stack Groups". Each Stack is represented by a YAML configuration file stored in a directory which represents the Stack Group. Here, we have two Stacks, vpc and subnets, in a Stack Group named dev:

$ tree
.
├── config
│   └── dev
│        ├── config.yaml
│        ├── subnets.yaml
│        └── vpc.yaml
└── templates
    ├── subnets.py
    └── vpc.py

We can create a Stack with the create command. This vpc Stack contains a VPC.

$ sceptre create dev/vpc.yaml

dev/vpc - Creating stack dev/vpc
VirtualPrivateCloud AWS::EC2::VPC CREATE_IN_PROGRESS
dev/vpc VirtualPrivateCloud AWS::EC2::VPC CREATE_COMPLETE
dev/vpc sceptre-demo-dev-vpc AWS::CloudFormation::Stack CREATE_COMPLETE

The subnets Stack contains a subnet which must be created in the VPC. To do this, we need to pass the VPC ID, which is exposed as a Stack output of the vpc Stack, to a parameter of the subnets Stack. Sceptre automatically resolves this dependency for us.

$ sceptre create dev/subnets.yaml
dev/subnets - Creating stack
dev/subnets Subnet AWS::EC2::Subnet CREATE_IN_PROGRESS
dev/subnets Subnet AWS::EC2::Subnet CREATE_COMPLETE
dev/subnets sceptre-demo-dev-subnets AWS::CloudFormation::Stack CREATE_COMPLETE

Sceptre implements meta-operations, which allow us to find out information about our Stacks:

$ sceptre list resources dev/subnets.yaml

- LogicalResourceId: Subnet
  PhysicalResourceId: subnet-445e6e32
  dev/vpc:
- LogicalResourceId: VirtualPrivateCloud
  PhysicalResourceId: vpc-c4715da0

Sceptre provides Stack Group level commands. This one deletes the whole dev Stack Group. The subnet exists within the vpc, so it must be deleted first. Sceptre handles this automatically:

$ sceptre delete dev

Deleting stack
dev/subnets Subnet AWS::EC2::Subnet DELETE_IN_PROGRESS
dev/subnets - Stack deleted
dev/vpc Deleting stack
dev/vpc VirtualPrivateCloud AWS::EC2::VPC DELETE_IN_PROGRESS
dev/vpc - Stack deleted

Note: Deleting Stacks will only delete a given Stack, or the Stacks that are directly in a given StackGroup. By default Stack dependencies that are external to the StackGroup are not deleted.

Sceptre can also handle cross Stack Group dependencies, take the following example project:

$ tree
.
├── config
│   ├── dev
│   │   ├── network
│   │   │   └── vpc.yaml
│   │   ├── users
│   │   │   └── iam.yaml
│   │   ├── compute
│   │   │   └── ec2.yaml
│   │   └── config.yaml
│   └── staging
│       └── eu
│           ├── config.yaml
│           └── stack.yaml
├── hooks
│   └── stack.py
├── templates
│   ├── network.json
│   ├── iam.json
│   ├── ec2.json
│   └── stack.json
└── vars
    ├── dev.yaml
    └── staging.yaml

In this project staging/eu/stack.yaml has a dependency on the output of dev/users/iam.yaml. If you wanted to create the Stack staging/eu/stack.yaml, Sceptre will resolve all of it's dependencies, including dev/users/iam.yaml, before attempting to create the Stack.

Usage

Sceptre can be used from the CLI, or imported as a Python package.

CLI

Usage: sceptre [OPTIONS] COMMAND [ARGS]...

  Sceptre is a tool to manage your cloud native infrastructure deployments.

Options:
  --version                  Show the version and exit.
  --debug                    Turn on debug logging.
  --dir TEXT                 Specify sceptre directory.
  --output [text|yaml|json]  The formatting style for command output.
  --no-colour                Turn off output colouring.
  --var TEXT                 A variable to replace the value of an item in
                             config file.
  --var-file FILENAME        A YAML file of variables to replace the values
                             of items in config files.
  --ignore-dependencies      Ignore dependencies when executing command.
  --merge-vars               Merge variables from successive --vars and var
                             files.
  --help                     Show this message and exit.

Commands:
  create         Creates a stack or a change set.
  delete         Deletes a stack or a change set.
  describe       Commands for describing attributes of stacks.
  estimate-cost  Estimates the cost of the template.
  execute        Executes a Change Set.
  generate       Prints the template.
  launch         Launch a Stack or StackGroup.
  list           Commands for listing attributes of stacks.
  new            Commands for initialising Sceptre projects.
  set-policy     Sets Stack policy.
  status         Print status of stack or stack_group.
  update         Update a stack.
  validate       Validates the template.

Python

Using Sceptre as a Python module is very straightforward. You need to create a SceptreContext, which tells Sceptre where your project path is and which path you want to execute on, we call this the "command path".

After you have created a SceptreContext you need to pass this into a SceptrePlan. On instantiation the SceptrePlan will handle all the required steps to make sure the action you wish to take on the command path are resolved.

After you have instantiated a SceptrePlan you can access all the actions you can take on a Stack, such as validate(), launch(), list() and delete().

from sceptre.context import SceptreContext
from sceptre.plan.plan import SceptrePlan

context = SceptreContext("/path/to/project", "command_path")
plan = SceptrePlan(context)
plan.launch()

Full API reference documentation can be found in the Documentation

Tutorial and Documentation

Communication

The Sceptre community uses a Slack channel #sceptre on the og-aws Slack for discussion. To join use this link http://slackhatesthe.cloud/ to create an account and join the #sceptre channel.

Contributing

See our Contributing Guide

Comments
  • [Resolves #70] Support resolvers in template_path

    [Resolves #70] Support resolvers in template_path

    Allows resolvers in the template_path property of a stack config. This is done by extending the ConfigReader a little so it knows that it is dealing with a resolver. A temporary path to store the remote contents will be created and when the Stack is created, it writes the content there. After the plan has executed the local directory (currently .sceptre in the CWD) will be removed.

    A new resolver was added that allows support for a config like this:

    template_path: !s3 my-bucket/my-template.yaml
    parameters:
        ....
    

    This also resolves issue #213

    PR Checklist

    • [x] Wrote a good commit message & description [see guide below].
    • [x] Commit message starts with [Resolve #issue-number].
    • [x] Added/Updated unit tests.
    • [x] Added/Updated integration tests (if applicable).
    • [x] All unit tests (make test) are passing.
    • [x] Used the same coding conventions as the rest of the project.
    • [x] The new code passes flake8 (make lint) checks.
    • [x] The PR relates to only one subject with a clear title. and description in grammatically correct, complete sentences.

    Approver/Reviewer Checklist

    • [ ] Before merge squash related commits.

    Other Information

    Guide to writing a good commit

    opened by leonrodenburg 22
  • Setup to build docs on readthedocs.org

    Setup to build docs on readthedocs.org

    This is to partially resolve issue #1098.

    We plan to move sceptre docs away from hosting on a cloudreach domain to https://readthedocs.org/project/sceptre

    This PR adds the file to build the sphinx docs on readthedocs.org

    opened by zaro0508 18
  • Auto create or update stacks with changesets

    Auto create or update stacks with changesets

    Resolves #198

    Change sets are typically used for reviewing changes to an existing stack before execution. However, they also support creating new stacks via the --change-set-type=CREATE argument (which defaults to --change-set-type=UPDATE). Sceptre does not support this parameter and relies on the default.

    There may be other compelling use cases for this, but a necessary one is to be able to deploy SAM (Serverless Application Model) templates via Sceptre. SAM templates are a great way to configure Lambda+API Gateway services. For some reason, create-stack cannot be used with templates that have a Transform directive; the workaround is to create a change set and execute it with --change-set-type=CREATE to create the stack, which works with SAM-transformed templates.

    This commit automatically determines which change set type to use when creating a change set.

    The stack_exists method is a fork from awscli's has_stack method, from https://github.com/aws/aws-cli/blob/bb92a4040900939e8d535923fe8bf3684c574a85/awscli/customizations/cloudformation/deployer.py#L36-L70


    • [x] Wrote good commit messages.
    • [x] Squashed related commits together after the changes have been approved.
    • [x] Commit message starts with [Resolve #issue-number] (if a related issue exists).
    • [x] Added unit tests.
    • [x] Added integration tests (if applicable).
    • [x] All unit tests (make test) are passing.
    • [x] Used the same coding conventions as the rest of the project.
    • [x] The new code doesn't generate flake8 (make lint) offenses.
    • [x] The PR relates to only one subject with a clear title and description in grammatically correct, complete sentences.
    opened by aehlke 18
  • Stop hiding critical debug info in helpers (#988)

    Stop hiding critical debug info in helpers (#988)

    Before this, the catch_exceptions (decorator) function would catch a range of exceptions and then hide all but the error message from the caller.

    Over the years, this has caused some of us a lot of lost time, as it is consequently not always clear what actually caused Sceptre to fail.

    Simply re-raising the original exception provides valuable information to allow users of Sceptre to debug their failing code.

    This changes the function to re-raise in debug mode only.

    PR Checklist

    • [X] Wrote a good commit message & description [see guide below].
    • [X] Commit message starts with [Resolve #issue-number].
    • [X] Added/Updated unit tests.
    • [ ] Added/Updated integration tests (if applicable).
    • [X] All unit tests (make test) are passing.
    • [X] Used the same coding conventions as the rest of the project.
    • [X] The new code passes flake8 (make lint) checks.
    • [X] The PR relates to only one subject with a clear title. and description in grammatically correct, complete sentences.

    Approver/Reviewer Checklist

    • [ ] Before merge squash related commits.

    Other Information

    Guide to writing a good commit

    opened by alexharv074 17
  • KeyError on dependency that doesn't exist

    KeyError on dependency that doesn't exist

    Traceback (most recent call last):
      File "/home/jae/scratch/venv-work-tools/bin/sceptre", line 11, in <module>
        sys.exit(cli())
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/click/core.py", line 722, in __call__
        return self.main(*args, **kwargs)
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/click/core.py", line 697, in main
        rv = self.invoke(ctx)
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/click/core.py", line 1066, in invoke
        return _process_result(sub_ctx.command.invoke(sub_ctx))
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/click/core.py", line 895, in invoke
        return ctx.invoke(self.callback, **ctx.params)
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/click/core.py", line 535, in invoke
        return callback(*args, **kwargs)
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/click/decorators.py", line 17, in new_func
        return f(get_current_context(), *args, **kwargs)
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/sceptre/cli/helpers.py", line 37, in decorated
        return func(*args, **kwargs)
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/sceptre/cli/launch.py", line 36, in launch_command
        plan = SceptrePlan(context)
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/sceptre/plan/plan.py", line 31, in __init__
        all_stacks, command_stacks = config_reader.construct_stacks()
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/sceptre/config/reader.py", line 213, in construct_stacks
        stack.dependencies = [stack_map[dep] for dep in stack.dependencies]
      File "/home/jae/scratch/venv-work-tools/lib/python3.5/site-packages/sceptre/config/reader.py", line 213, in <listcomp>
        stack.dependencies = [stack_map[dep] for dep in stack.dependencies]
    KeyError: 'csorca/eu-central-1.1/roles.yaml'
    

    The config 'csorca/eu-central-1.1/roles.yaml' does not exist and is not referenced. In 'csorca/eu-central-1.1/' there is a 'config.yaml' and a vpc.nodep.yaml file. The latter has no dependencies. In 'csorca/eu-central-1/' there is a different 'config.yaml' and a 'vpc.yaml' and that vpc.yaml file does have the dependency {{'/'.join(command_path)}}/roles.yaml.

    Note that the vpc.yaml, vpc.nodep.yaml and roles.yaml are all sym-links to a common set of stack configs.

    Happy to provide more details or help with testing. Pleaes just let me know.

    opened by eikenb 17
  • Improve v2  Error Message

    Improve v2 Error Message "ValueError: max() arg is an empty sequence"

    We've been using sceptre v 1.x and it's been working great. I tried testing v 2.0.1 and I'm getting "ValueError: max() arg is an empty sequence" when running any command. I've tried running sceptre on python 2.7 and 3.6 getting that error in both versions. I also tried running from master and from 2.0.1 release tag and still getting the same error.

    My sceptre test project: scpester-infra.zip

    Install and run log: sceptre2_run.log

    (py36-sceptredev) ~/w/scpester-infra ❯❯❯ sceptre --var "profile=sandbox.cfservice" validate config/test/noop.yaml
    Traceback (most recent call last): File "/Users/zaro0508/.virtualenvs/py36-sceptredev/bin/sceptre", line 11, in load_entry_point('sceptre', 'console_scripts', 'sceptre')() File "/Users/zaro0508/.virtualenvs/py36-sceptredev/lib/python3.6/site-packages/click/core.py", line 722, in call return self.main(*args, **kwargs) File "/Users/zaro0508/.virtualenvs/py36-sceptredev/lib/python3.6/site-packages/click/core.py", line 697, in main rv = self.invoke(ctx) File "/Users/zaro0508/.virtualenvs/py36-sceptredev/lib/python3.6/site-packages/click/core.py", line 1066, in invoke return _process_result(sub_ctx.command.invoke(sub_ctx)) File "/Users/zaro0508/.virtualenvs/py36-sceptredev/lib/python3.6/site-packages/click/core.py", line 895, in invoke return ctx.invoke(self.callback, **ctx.params) File "/Users/zaro0508/.virtualenvs/py36-sceptredev/lib/python3.6/site-packages/click/core.py", line 535, in invoke return callback(*args, **kwargs) File "/Users/zaro0508/.virtualenvs/py36-sceptredev/lib/python3.6/site-packages/click/decorators.py", line 17, in new_func return f(get_current_context(), *args, **kwargs) File "/Users/zaro0508/work-sage/sceptre/sceptre/cli/helpers.py", line 37, in decorated return func(*args, **kwargs) File "/Users/zaro0508/work-sage/sceptre/sceptre/cli/template.py", line 35, in validate_command responses = plan.validate() File "/Users/zaro0508/work-sage/sceptre/sceptre/plan/plan.py", line 318, in validate return self._execute(*args) File "/Users/zaro0508/work-sage/sceptre/sceptre/plan/plan.py", line 36, in _execute executor = SceptrePlanExecutor(self.command, self.launch_order) File "/Users/zaro0508/work-sage/sceptre/sceptre/plan/executor.py", line 35, in init self.num_threads = len(max(launch_order, key=len)) ValueError: max() arg is an empty sequence

    type: improvement 
    opened by zaro0508 17
  •  [Resolves #1087] Add YAML document markers to template body

    [Resolves #1087] Add YAML document markers to template body

    This changes adds the --- document marker to the beginning of each template body if it doesn't already exist. In the template tests json.loads is replaced with yaml.safe_loads as they now always return yaml

    The reasoning behind this change can be found here https://github.com/Sceptre/sceptre/issues/1087

    PR Checklist

    • [x] Wrote a good commit message & description [see guide below].
    • [x] Commit message starts with [Resolve #issue-number].
    • [x] Added/Updated unit tests.
    • [x] Added/Updated integration tests (if applicable).
    • [x] All unit tests (make test) are passing.
    • [x] Used the same coding conventions as the rest of the project.
    • [x] The new code passes pre-commit validations (pre-commit run --all-files).
    • [x] The PR relates to only one subject with a clear title. and description in grammatically correct, complete sentences.

    Approver/Reviewer Checklist

    • [ ] Before merge squash related commits.

    Other Information

    Guide to writing a good commit

    opened by mrowlingfox 16
  • recommended way for cross account usage?

    recommended way for cross account usage?

    Hi, what is the sceptre maintainers recommendation for cross account usage wit sceptre v2? It worked very well with iam_roles but it was deprecated. using the migration guide role_arn does not work, the profile used is always the default one. A previous issue spoke about using a workaround script. Cross account usage is a bedrock feature and on our side we have been delaying our sceptre migration due to the lack of this feature. Many thanks

    opened by tiagoasousa 16
  • Problem when launching a subset of an environment and using resolvers across profiles

    Problem when launching a subset of an environment and using resolvers across profiles

    This problem arose after playing around with the implementation of #395. It concerns sceptre v2 (I am using the master branch).

    Consider the following sceptre environment:

    ├── config
    │   ├── dev
    │   │   ├── A.yaml
    │   │   └── config.yaml
    │   └── prod
    │       ├── B.yaml
    │       └── config.yaml
    └── templates
        ├── template_a.yaml
        └── template_b.yaml
    

    The dev and prod environments live in different accounts, so in config/dev/config.yaml we set profile: aws_test_account and in config/prod/config.yaml we use profile: aws_prod_account. Both these profiles work as intended, as you will see in a minute.

    In template config/prod/B.yaml we use a resolver to an output of template config/dev/A.yaml, so for instance test_parameter: !stack_output dev/A::testOutput.

    If we now run sceptre launch . everything works fine, so the setup looks good (as in; there is no problem with the profiles or AWS credentials).

    However, if we now run sceptre launch prod to only launch a subset of the environment, we get an error. My whole setup is a bit more complex, but for reference this is my complete stack trace:

    Traceback (most recent call last):
      File "/path/to/stack/bida_infrastructure/sceptre/venv/bin/sceptre", line 11, in <module>
        sys.exit(cli())
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/click/core.py", line 716, in __call__
        return self.main(*args, **kwargs)
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/click/core.py", line 696, in main
        rv = self.invoke(ctx)
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/click/core.py", line 1060, in invoke
        return _process_result(sub_ctx.command.invoke(sub_ctx))
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/click/core.py", line 889, in invoke
        return ctx.invoke(self.callback, **ctx.params)
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/click/core.py", line 534, in invoke
        return callback(*args, **kwargs)
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/click/decorators.py", line 17, in new_func
        return f(get_current_context(), *args, **kwargs)
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/sceptre/cli/helpers.py", line 39, in decorated
        return func(*args, **kwargs)
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/sceptre/cli/launch.py", line 32, in launch_command
        response = stack_group.launch()
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/sceptre/stack_group.py", line 71, in launch
        self._check_for_circular_dependencies()
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/sceptre/stack_group.py", line 297, in _check_for_circular_dependencies
        [stack.name]
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/sceptre/helpers.py", line 214, in _detect_cycles
        path
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/sceptre/helpers.py", line 214, in _detect_cycles
        path
      File "/path/to/stack/bida_infrastructure/sceptre/venv/lib/python3.6/site-packages/sceptre/helpers.py", line 197, in _detect_cycles
        dependency = available_nodes[dependency_name]
    KeyError: 'xxx'
    

    Here, xxx is the name of the stack that the resolver points to, so in the example this would be dev/A.

    So it looks that the resolvers don't use the profiles properly when only a subset of the stack is deployed. The workaround is simple; just launch the whole stack. But it would be nice if in this setup launching a subset of the stack would be supported as well.

    type: bug priority: important 
    opened by basvank 16
  • add bash completion script

    add bash completion script

    Bash script providing command completion for Sceptre. The command options are not handled.


    • [ ] Wrote good commit messages.
    • [ ] Squashed related commits together after the changes have been approved.
    • [ ] Commit message starts with [Resolve #issue-number] (if a related issue exists).
    • [ ] Added unit tests.
    • [ ] Added integration tests (if applicable).
    • [ ] All unit tests (make test) are passing.
    • [ ] Used the same coding conventions as the rest of the project.
    • [ ] The new code doesn't generate flake8 (make lint) offenses.
    • [ ] The PR relates to only one subject with a clear title and description in grammatically correct, complete sentences.
    opened by kifbv 16
  • [Resolve #1169] Add detect-stack-drift command

    [Resolve #1169] Add detect-stack-drift command

    Add a detect-stack-drift command and tests.

    The detect-stack-drift command calls the detect_stack_drift Boto3 call, takes the Detector Id returned, then waits for describe_stack_drift_detection_status(StackDriftDetectionId=detector_id) to complete, and then finally returns describe_stack_resource_drifts as a JSON document.

    If --debug is passed, sceptre also will provide feedback on the detection progress.

    PR Checklist

    • [X] Wrote a good commit message & description [see guide below].
    • [X] Commit message starts with [Resolve #issue-number].
    • [X] Added/Updated unit tests.
    • [ ] Added/Updated integration tests (if applicable).
    • [X] All unit tests (make test) are passing.
    • [X] Used the same coding conventions as the rest of the project.
    • [X] The new code passes pre-commit validations (pre-commit run --all-files).
    • [X] The PR relates to only one subject with a clear title. and description in grammatically correct, complete sentences.

    Approver/Reviewer Checklist

    • [ ] Before merge squash related commits.

    Other Information

    Guide to writing a good commit

    opened by alexharv074 15
  • Update sceptre-circleci docker image

    Update sceptre-circleci docker image

    Update to build and test with an image that's based on the official circleci python docker image.

    depends on https://github.com/Sceptre/sceptre-circleci/pull/18

    opened by zaro0508 0
  • iam_role and role_arn are confusing names that are easily confused.

    iam_role and role_arn are confusing names that are easily confused.

    Subject of the issue

    Right now, Sceptre has two very confusingly named StackConfigs that are easy to mistake for each other, despite operating very differently:

    • role_arn is the ARN of the CloudFormation Service Role attached to a stack (permanently) and is assumed by CloudFormation to perform all stack actions.
    • iam_role is the ARN of the role Sceptre assumes and uses to perform all stack actions.

    **I believe we should deprecate these names and issue deprecation warnings when these configurations are used. Instead, we should transition to using much clearer names. I propose:

    • cloudformation_service_role
    • sceptre_deployment_role

    Ideally, we'd deprecate the old configs (probably along with template_path), issue a warning, and then assign those values to the new fields. We could remove the deprecated fields on the next major version.

    opened by jfalkenstein 1
  • Bump setuptools from 63.2.0 to 65.5.1 in /requirements

    Bump setuptools from 63.2.0 to 65.5.1 in /requirements

    Bumps setuptools from 63.2.0 to 65.5.1.

    Changelog

    Sourced from setuptools's changelog.

    v65.5.1

    Misc ^^^^

    • #3638: Drop a test dependency on the mock package, always use :external+python:py:mod:unittest.mock -- by :user:hroncok
    • #3659: Fixed REDoS vector in package_index.

    v65.5.0

    Changes ^^^^^^^

    • #3624: Fixed editable install for multi-module/no-package src-layout projects.
    • #3626: Minor refactorings to support distutils using stdlib logging module.

    Documentation changes ^^^^^^^^^^^^^^^^^^^^^

    • #3419: Updated the example version numbers to be compliant with PEP-440 on the "Specifying Your Project’s Version" page of the user guide.

    Misc ^^^^

    • #3569: Improved information about conflicting entries in the current working directory and editable install (in documentation and as an informational warning).
    • #3576: Updated version of validate_pyproject.

    v65.4.1

    Misc ^^^^

    • #3613: Fixed encoding errors in expand.StaticModule when system default encoding doesn't match expectations for source files.
    • #3617: Merge with pypa/distutils@6852b20 including fix for pypa/distutils#181.

    v65.4.0

    Changes ^^^^^^^

    v65.3.0

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump wheel from 0.32.3 to 0.38.1 in /requirements

    Bump wheel from 0.32.3 to 0.38.1 in /requirements

    Bumps wheel from 0.32.3 to 0.38.1.

    Changelog

    Sourced from wheel's changelog.

    Release Notes

    UNRELEASED

    • Updated vendored packaging to 22.0

    0.38.4 (2022-11-09)

    • Fixed PKG-INFO conversion in bdist_wheel mangling UTF-8 header values in METADATA (PR by Anderson Bravalheri)

    0.38.3 (2022-11-08)

    • Fixed install failure when used with --no-binary, reported on Ubuntu 20.04, by removing setup_requires from setup.cfg

    0.38.2 (2022-11-05)

    • Fixed regression introduced in v0.38.1 which broke parsing of wheel file names with multiple platform tags

    0.38.1 (2022-11-04)

    • Removed install dependency on setuptools
    • The future-proof fix in 0.36.0 for converting PyPy's SOABI into a abi tag was faulty. Fixed so that future changes in the SOABI will not change the tag.

    0.38.0 (2022-10-21)

    • Dropped support for Python < 3.7
    • Updated vendored packaging to 21.3
    • Replaced all uses of distutils with setuptools
    • The handling of license_files (including glob patterns and default values) is now delegated to setuptools>=57.0.0 (#466). The package dependencies were updated to reflect this change.
    • Fixed potential DoS attack via the WHEEL_INFO_RE regular expression
    • Fixed ValueError: ZIP does not support timestamps before 1980 when using SOURCE_DATE_EPOCH=0 or when on-disk timestamps are earlier than 1980-01-01. Such timestamps are now changed to the minimum value before packaging.

    0.37.1 (2021-12-22)

    • Fixed wheel pack duplicating the WHEEL contents when the build number has changed (#415)
    • Fixed parsing of file names containing commas in RECORD (PR by Hood Chatham)

    0.37.0 (2021-08-09)

    • Added official Python 3.10 support
    • Updated vendored packaging library to v20.9

    ... (truncated)

    Commits
    • 6f1608d Created a new release
    • cf8f5ef Moved news item from PR #484 to its proper place
    • 9ec2016 Removed install dependency on setuptools (#483)
    • 747e1f6 Fixed PyPy SOABI parsing (#484)
    • 7627548 [pre-commit.ci] pre-commit autoupdate (#480)
    • 7b9e8e1 Test on Python 3.11 final
    • a04dfef Updated the pypi-publish action
    • 94bb62c Fixed docs not building due to code style changes
    • d635664 Updated the codecov action to the latest version
    • fcb94cd Updated version to match the release
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Packaged Template Management

    Packaged Template Management

    Packaged Template Management

    Managing shared templates for multiple sites I've found that it's critical that a change implemented for one stack at one site not propagate unintentionally to another. I'd previously handled this with careful use of git sub-repos but that was very unwieldy. To deal with this I created a template handler which fetches and version-pins templates published to a repository. This has been working very well for months so I thought I'd mention it here in case it could be useful to others.

    https://github.com/sigdba/sceptre_package_template_handler

    opened by dboitnot 6
Owner
sceptre
A tool to drive cloud-native Infrastructure-as-Code deployments. Community Welcome! Please raise an issue to join our team.
sceptre
Automated AWS account hardening with AWS Control Tower and AWS Step Functions

Automate activities in Control Tower provisioned AWS accounts Table of contents Introduction Architecture Prerequisites Tools and services Usage Clean

AWS Samples 20 Dec 7, 2022
Implement backup and recovery with AWS Backup across your AWS Organizations using a CI/CD pipeline (AWS CodePipeline).

Backup and Recovery with AWS Backup This repository provides you with a management and deployment solution for implementing Backup and Recovery with A

AWS Samples 8 Nov 22, 2022
Ubuntu env build; Nginx build; DB build;

Deploy 介绍 Deploy related scripts bitnami Dependencies Ubuntu openssl envsubst docker v18.06.3 docker-compose init base env upload https://gitlab-runn

Colin(liuji) 10 Dec 1, 2021
This solution helps you deploy Data Lake Infrastructure on AWS using CDK Pipelines.

CDK Pipelines for Data Lake Infrastructure Deployment This solution helps you deploy data lake infrastructure on AWS using CDK Pipelines. This is base

AWS Samples 66 Nov 23, 2022
Troposphere and shellscript based AWS infrastructure automation creates an awsapigateway lambda with a go backend

Automated-cloudformation-infra Troposphere and shellscript based AWS infrastructure automation. Feel free to clone and edit for personal usage. The en

null 1 Jan 3, 2022
Infrastructure template and Jupyter notebooks for running RoseTTAFold on AWS Batch.

AWS RoseTTAFold Infrastructure template and Jupyter notebooks for running RoseTTAFold on AWS Batch. Overview Proteins are large biomolecules that play

AWS Samples 20 May 10, 2022
Build a better understanding of your data in PostgreSQL.

Data Fluent for PostgreSQL Build a better understanding of your data in PostgreSQL. The following shows an example report generated by this tool. It g

Mark Litwintschik 28 Aug 30, 2022
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

aws-allowlister Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance fr

Salesforce 189 Dec 8, 2022
SSH-Restricted deploys an SSH compliance rule (AWS Config) with auto-remediation via AWS Lambda if SSH access is public.

SSH-Restricted SSH-Restricted deploys an SSH compliance rule with auto-remediation via AWS Lambda if SSH access is public. SSH-Auto-Restricted checks

Adrian Hornsby 30 Nov 8, 2022
AWS Auto Inventory allows you to quickly and easily generate inventory reports of your AWS resources.

Photo by Denny Müller on Unsplash AWS Automated Inventory ( aws-auto-inventory ) Automates creation of detailed inventories from AWS resources. Table

AWS Samples 123 Dec 26, 2022
A suite of utilities for AWS Lambda Functions that makes tracing with AWS X-Ray, structured logging and creating custom metrics asynchronously easier

A suite of utilities for AWS Lambda Functions that makes tracing with AWS X-Ray, structured logging and creating custom metrics asynchronously easier

Amazon Web Services - Labs 1.9k Jan 7, 2023
aws-lambda-scheduler lets you call any existing AWS Lambda Function you have in a future time.

aws-lambda-scheduler aws-lambda-scheduler lets you call any existing AWS Lambda Function you have in the future. This functionality is achieved by dyn

Oğuzhan Yılmaz 57 Dec 17, 2022
Project template for using aws-cdk, Chalice and React in concert, including RDS Postgresql and AWS Cognito

What is This? This repository is an opinonated project template for using aws-cdk, Chalice and React in concert. Where aws-cdk and Chalice are in Pyth

Rasmus Jones 4 Nov 7, 2022
POC de uma AWS lambda que executa a consulta de preços de criptomoedas, e é implantada na AWS usando Github actions.

Cryptocurrency Prices Overview Instalação Repositório Configuração CI/CD Roadmap Testes Overview A ideia deste projeto é aplicar o conteúdo estudado s

Gustavo Santos 3 Aug 31, 2022
Python + AWS Lambda Hands OnPython + AWS Lambda Hands On

Python + AWS Lambda Hands On Python Criada em 1990, por Guido Van Rossum. "Bala de prata" (quase). Muito utilizado em: Automatizações - Selenium, Beau

Marcelo Ortiz de Santana 8 Sep 9, 2022
Unauthenticated enumeration of services, roles, and users in an AWS account or in every AWS account in existence.

Quiet Riot ?? C'mon, Feel The Noise ?? An enumeration tool for scalable, unauthenticated validation of AWS principals; including AWS Acccount IDs, roo

Wes Ladd 89 Jan 5, 2023
AWS Blog post code for running feature-extraction on images using AWS Batch and Cloud Development Kit (CDK).

Batch processing with AWS Batch and CDK Welcome This repository demostrates provisioning the necessary infrastructure for running a job on AWS Batch u

AWS Samples 7 Oct 18, 2022
Aws-lambda-requests-wrapper - Request/Response wrapper for AWS Lambda with API Gateway

AWS Lambda Requests Wrapper Request/Response wrapper for AWS Lambda with API Gat

null 1 May 20, 2022