From 08f93158c1cc9a11bf7d61fe39140156b3072e71 Mon Sep 17 00:00:00 2001
From: Mark Chappell <mchappel@redhat.com>
Date: Fri, 11 Dec 2020 18:55:40 +0100
Subject: [PATCH 1/2] Support LaunchTemplates in CI

---
 aws/policy/compute.yaml                       | 8 ++++++++
 hacking/aws_config/test_policies/compute.yaml | 3 ---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/aws/policy/compute.yaml b/aws/policy/compute.yaml
index bb6c7757..5ea75fbd 100644
--- a/aws/policy/compute.yaml
+++ b/aws/policy/compute.yaml
@@ -56,10 +56,14 @@ Statement:
       - ec2:AttachVolume
       - ec2:CreateImage
       - ec2:CreateKeyPair
+      - ec2:CreateLaunchTemplate
+      - ec2:CreateLaunchTemplateVersion
       - ec2:CreateSnapshot
       - ec2:CreateTags
       - ec2:CreateTransitGateway
       - ec2:DeleteKeyPair
+      - ec2:DeleteLaunchTemplate
+      - ec2:DeleteLaunchTemplateVersions
       - ec2:DeleteSnapshot
       - ec2:DeleteTags
       - ec2:DeleteTransitGateway
@@ -72,15 +76,19 @@ Statement:
       - ec2:DescribeInstances
       - ec2:DescribeInstanceStatus
       - ec2:DescribeKeyPairs
+      - ec2:DescribeLaunchTemplates
+      - ec2:DescribeLaunchTemplateVersions
       - ec2:DescribeRegions
       - ec2:DescribeSnapshots
       - ec2:DescribeTags
       - ec2:DescribeVolumes
       - ec2:DetachVolume
       - ec2:DisassociateIamInstanceProfile
+      - ec2:GetLaunchTemplateData
       - ec2:ImportKeyPair
       - ec2:ModifyImageAttribute
       - ec2:ModifyInstanceAttribute
+      - ec2:ModifyLaunchTemplate
       - ec2:RegisterImage
       - ec2:ReplaceIamInstanceProfileAssociation
       - ec2:StopInstances
diff --git a/hacking/aws_config/test_policies/compute.yaml b/hacking/aws_config/test_policies/compute.yaml
index 5133da3f..6b0ad5e7 100644
--- a/hacking/aws_config/test_policies/compute.yaml
+++ b/hacking/aws_config/test_policies/compute.yaml
@@ -19,9 +19,6 @@ Statement:
   - Sid: AllowGlobalUnrestrictedResourceActionsWhichIncurFees
     Effect: Allow
     Action:
-      - ec2:*LaunchTemplate
-      - ec2:*LaunchTemplateVersion
-      - ec2:*LaunchTemplateVersions
       - ec2:ReportInstanceStatus
       - SNS:ListSubscriptions
       - SNS:SetTopicAttributes

From ce6643b711f1ed9342fc469dc3efc955ac7b8926 Mon Sep 17 00:00:00 2001
From: Mark Chappell <mchappel@redhat.com>
Date: Fri, 11 Dec 2020 18:55:59 +0100
Subject: [PATCH 2/2] Add terminator support for launch templates

---
 aws/terminator/compute.py | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/aws/terminator/compute.py b/aws/terminator/compute.py
index de4c591b..1d0d273e 100644
--- a/aws/terminator/compute.py
+++ b/aws/terminator/compute.py
@@ -462,3 +462,29 @@ def terminate(self):
         except botocore.exceptions.ClientError as ex:
             if not ex.response['Error']['Code'] == 'ResourceInUseFault':
                 raise
+
+
+class LaunchTemplate(Terminator):
+    @staticmethod
+    def create(credentials):
+        return Terminator._create(
+            credentials,
+            LaunchTemplate,
+            'ec2',
+            lambda client: client.describe_launch_templates()['LaunchTemplates']
+        )
+
+    @property
+    def id(self):
+        return self.instance['LaunchTemplateId']
+
+    @property
+    def name(self):
+        return self.instance['LaunchTemplateName']
+
+    @property
+    def created_time(self):
+        return self.instance['CreateTime']
+
+    def terminate(self):
+        self.client.delete_launch_template(LaunchTemplateId=self.id)