Merge pull request #17 from base2Services/hotfix/auto-route-22122021

hotfix/auto route 22122021
base2Services · Dec 22, 2021 · 4bd7cce · 4bd7cce
2 parents cf32920 + 0cd1001
commit 4bd7cce
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 3 deletions.
diff --git a/lib/cfnvpn/templates/lambdas/auto_route_populator/quotas.py b/lib/cfnvpn/templates/lambdas/auto_route_populator/quotas.py
@@ -19,7 +19,7 @@ def quota_request_open(quota_code) -> bool:
     QuotaCode=quota_code
   )
   # Status='PENDING'|'CASE_OPENED'|'APPROVED'|'DENIED'|'CASE_CLOSED'
-  return any(req['status'] in IN_PROGRESS for req in response['RequestedQuotas'])
+  return any(req['Status'] in IN_PROGRESS for req in response['RequestedQuotas'])
 
 def increase_quota(increase_value, quota_code, endpoint) -> str:
   if quota_request_open(quota_code):
@@ -34,4 +34,4 @@ def increase_quota(increase_value, quota_code, endpoint) -> str:
     QuotaCode=quota_code,
     DesiredValue=desired_value
   )
-  return response['CaseId']
+  return response['RequestedQuota']['CaseId']
diff --git a/lib/cfnvpn/templates/vpn.rb b/lib/cfnvpn/templates/vpn.rb
@@ -163,7 +163,7 @@ def render(name, config)
               Targets([
                 { 
                   Arn: FnGetAtt(:CfnVpnAutoRoutePopulator, :Arn),
-                  Id: "cfnvpnautoroutepopulator#{route[:dns].event_id_safe}",
+                  Id: "auto-route-populator",
                   Input: FnSub(input.to_json)
                 }
               ])
@@ -297,6 +297,31 @@ def auto_route_populator(name, config)
                   Resource: '*'
                 }]
               }
+            },
+            {
+              PolicyName: 'vpn-quotas',
+              PolicyDocument: {
+                Version: '2012-10-17',
+                Statement: [
+                  {
+                    Effect: 'Allow',
+                    Action: [
+                      'servicequotas:ListRequestedServiceQuotaChangeHistoryByQuota',
+                    ],
+                    Resource: '*'
+                  },
+                  {
+                    Effect: 'Allow',
+                    Action: [
+                      'servicequotas:RequestServiceQuotaIncrease'
+                    ],
+                    Resource: [
+                      FnSub('arn:aws:servicequotas:${AWS::Region}:${AWS::AccountId}:ec2/L-401D78F7'),
+                      FnSub('arn:aws:servicequotas:${AWS::Region}:${AWS::AccountId}:ec2/L-9A1BC94B')
+                    ]
+                  }
+                ]
+              }
             }
           ])
           Tags([