From 5482bbf4bd4e8079281885249c5f9d745e976098 Mon Sep 17 00:00:00 2001 From: kevgliss Date: Thu, 7 Jan 2016 13:42:46 -0800 Subject: [PATCH] Fixing issue where we were seeing AWS API errors due to certificates not having private keys and could not be uploaded or 'synced' --- lemur/plugins/lemur_aws/plugin.py | 19 +++++++++++-------- lemur/sources/service.py | 2 +- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/lemur/plugins/lemur_aws/plugin.py b/lemur/plugins/lemur_aws/plugin.py index fe45d8b1..2cf00978 100644 --- a/lemur/plugins/lemur_aws/plugin.py +++ b/lemur/plugins/lemur_aws/plugin.py @@ -43,15 +43,18 @@ class AWSDestinationPlugin(DestinationPlugin): # } def upload(self, name, body, private_key, cert_chain, options, **kwargs): - try: - iam.upload_cert(find_value('accountNumber', options), name, body, private_key, cert_chain=cert_chain) - except BotoServerError as e: - if e.error_code != 'EntityAlreadyExists': - raise Exception(e) + if private_key: + try: + iam.upload_cert(find_value('accountNumber', options), name, body, private_key, cert_chain=cert_chain) + except BotoServerError as e: + if e.error_code != 'EntityAlreadyExists': + raise Exception(e) - e = find_value('elb', options) - if e: - elb.attach_certificate(kwargs['accountNumber'], ['region'], e['name'], e['port'], e['certificateId']) + e = find_value('elb', options) + if e: + elb.attach_certificate(kwargs['accountNumber'], ['region'], e['name'], e['port'], e['certificateId']) + else: + raise Exception("Unable to upload to AWS, private key is required") class AWSSourcePlugin(SourcePlugin): diff --git a/lemur/sources/service.py b/lemur/sources/service.py index b1370867..d108f0ae 100644 --- a/lemur/sources/service.py +++ b/lemur/sources/service.py @@ -76,7 +76,7 @@ def sync(labels=None): if source.label not in labels: continue - current_app.logger.error("Retrieving certificates from {0}".format(source.label)) + current_app.logger.debug("Retrieving certificates from {0}".format(source.label)) s = plugins.get(source.plugin_name) certificates = s.get_certificates(source.options)