boto3_iot¶
Manage IoT Objects using boto3.¶
Renamed from
boto_iottoboto3_iotand updated to call the refactoredboto3_iotexecution module.
Create and destroy IoT objects. Be aware that this interacts with Amazon’s services, and so may incur charges.
- depends:
boto3 >= 1.28.0
botocore >= 1.31.0
This module uses boto3, which can be installed via package, or pip.
This module accepts explicit IoT credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More Information available at:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
If IAM roles are not used you need to specify them either in the minion’s config file or as a profile. For example, to specify them in the minion’s config file:
iot.keyid: GKTADJGHEIQSXMKKRBJ08H
iot.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
It’s also possible to specify key, keyid and region via a profile, either as a passed in dict, or as a string to pull from pillars or minion config:
myprofile:
keyid: GKTADJGHEIQSXMKKRBJ08H
key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
region: us-east-1
Ensure policy exists:
boto3_iot.policy_present:
- policyName: mypolicy
- policyDocument:
Version: "2012-10-17"
Statement:
Action:
- iot:Publish
Resource:
- "*"
Effect: "Allow"
Ensure topic rule exists:
boto3_iot.topic_rule_present:
- ruleName: myrule
- sql: "SELECT * FROM 'iot/test'"
- description: 'test rule'
- ruleDisabled: false
- actions:
- lambda:
functionArn: "arn:aws:us-east-1:1234:function/functionname"
Added in version 1.0.0.
- saltext.boto3.states.boto3_iot.__virtual__()[source]¶
Only load if the boto3_iot execution module is available.
- saltext.boto3.states.boto3_iot.thing_type_present(name, thingTypeName, thingTypeDescription, searchableAttributesList, region=None, key=None, keyid=None, profile=None)[source]¶
Ensure thing type exists.
Example:
ensure-thing-type-present: boto3_iot.thing_type_present: - name: example
- saltext.boto3.states.boto3_iot.thing_type_absent(name, thingTypeName, region=None, key=None, keyid=None, profile=None)[source]¶
Ensure thing type with passed properties is absent.
Example:
ensure-thing-type-absent: boto3_iot.thing_type_absent: - name: example
- saltext.boto3.states.boto3_iot.policy_present(name, policyName, policyDocument, region=None, key=None, keyid=None, profile=None)[source]¶
Ensure policy exists.
Example:
ensure-policy-present: boto3_iot.policy_present: - name: example
- saltext.boto3.states.boto3_iot.policy_absent(name, policyName, region=None, key=None, keyid=None, profile=None)[source]¶
Ensure policy with passed properties is absent.
Example:
ensure-policy-absent: boto3_iot.policy_absent: - name: example
- saltext.boto3.states.boto3_iot.policy_attached(name, policyName, principal, region=None, key=None, keyid=None, profile=None)[source]¶
Ensure policy is attached to the given principal.
Example:
ensure-policy-attached: boto3_iot.policy_attached: - name: example
- saltext.boto3.states.boto3_iot.policy_detached(name, policyName, principal, region=None, key=None, keyid=None, profile=None)[source]¶
Ensure policy is detached from the given principal.
Example:
ensure-policy-detached: boto3_iot.policy_detached: - name: example