@Override
 public boolean apply(Allocation allocInfo) throws MetadataException {
   if (allocInfo.getRequest().getKeyName() == null
       || "".equals(allocInfo.getRequest().getKeyName())) {
     allocInfo.setSshKeyPair(KeyPairs.noKey());
     return true;
   }
   UserFullName ownerFullName = allocInfo.getOwnerFullName();
   RunInstancesType request = allocInfo.getRequest();
   String keyName = request.getKeyName();
   SshKeyPair key = KeyPairs.lookup(ownerFullName.asAccountFullName(), keyName);
   if (!RestrictedTypes.filterPrivileged().apply(key)) {
     throw new IllegalMetadataAccessException(
         "Not authorized to use keypair " + keyName + " by " + ownerFullName.getUserName());
   }
   allocInfo.setSshKeyPair(key);
   return true;
 }
Example #2
0
    private Allocation(
        final String reservationId,
        final String instanceId,
        final String instanceUuid,
        final byte[] userData,
        final Date expiration,
        final Partition partition,
        final SshKeyPair sshKeyPair,
        final BootableSet bootSet,
        final VmType vmType,
        final Set<NetworkGroup> networkGroups,
        final boolean isUsePrivateAddressing,
        final boolean monitoring,
        final String clientToken,
        final String iamInstanceProfileArn,
        final String iamInstanceProfileId,
        final String iamRoleArn) {
      this.context = Contexts.lookup();
      this.minCount = 1;
      this.maxCount = 1;
      this.usePrivateAddressing = isUsePrivateAddressing;
      this.ownerFullName = context.getUserFullName();
      this.reservationId = reservationId;
      this.reservationIndex = UniqueIds.nextIndex(VmInstance.class, (long) this.maxCount);
      this.instanceIds = Maps.newHashMap();
      this.instanceIds.put(0, instanceId);
      this.instanceUuids = Maps.newHashMap();
      this.instanceUuids.put(0, instanceUuid);
      this.userData = userData;
      this.partition = partition;
      this.sshKeyPair = (sshKeyPair != null ? sshKeyPair : KeyPairs.noKey());
      this.bootSet = bootSet;
      this.expiration = expiration;
      this.vmType = vmType;
      this.monitoring = monitoring;
      this.clientToken = clientToken;
      this.iamInstanceProfileArn = iamInstanceProfileArn;
      this.iamInstanceProfileId = iamInstanceProfileId;
      this.iamRoleArn = iamRoleArn;
      this.credential = null;

      this.networkGroups =
          new HashMap<String, NetworkGroup>() {
            {
              for (NetworkGroup g : networkGroups) {
                if (Allocation.this.primaryNetwork == null) {
                  Allocation.this.primaryNetwork = g;
                }
                put(g.getDisplayName(), g);
              }
            }
          };
      this.request = inferRequest();
    }