1# frozen_string_literal: true
2
3module Clusters
4  module Providers
5    class Aws < ApplicationRecord
6      include Gitlab::Utils::StrongMemoize
7      include Clusters::Concerns::ProviderStatus
8
9      self.table_name = 'cluster_providers_aws'
10
11      DEFAULT_REGION = 'us-east-1'
12
13      belongs_to :cluster, inverse_of: :provider_aws, class_name: 'Clusters::Cluster'
14
15      default_value_for :region, DEFAULT_REGION
16      default_value_for :num_nodes, 3
17      default_value_for :instance_type, 'm5.large'
18
19      attr_encrypted :secret_access_key,
20        mode: :per_attribute_iv,
21        key: Settings.attr_encrypted_db_key_base_32,
22        algorithm: 'aes-256-gcm'
23
24      validates :role_arn,
25        length: 1..2048,
26        format: {
27          with: Gitlab::Regex.aws_arn_regex,
28          message: Gitlab::Regex.aws_arn_regex_message
29        }
30
31      validates :num_nodes,
32        numericality: {
33          only_integer: true,
34          greater_than: 0
35        }
36
37      validates :kubernetes_version, :key_name, :region, :instance_type, :security_group_id, length: { in: 1..255 }
38      validates :subnet_ids, presence: true
39
40      def nullify_credentials
41        assign_attributes(
42          access_key_id: nil,
43          secret_access_key: nil,
44          session_token: nil
45        )
46      end
47
48      def api_client
49        strong_memoize(:api_client) do
50          ::Aws::CloudFormation::Client.new(credentials: credentials, region: region)
51        end
52      end
53
54      def credentials
55        strong_memoize(:credentials) do
56          ::Aws::Credentials.new(access_key_id, secret_access_key, session_token)
57        end
58      end
59
60      def has_rbac_enabled?
61        true
62      end
63
64      def knative_pre_installed?
65        false
66      end
67
68      def created_by_user
69        cluster.user
70      end
71    end
72  end
73end
74