in cli/src/pcluster/templates/slurm_builder.py [0:0]
def _add_private_hosted_zone(self):
if self._condition_custom_cluster_dns():
hosted_zone_id = self.config.scheduling.settings.dns.hosted_zone_id
cluster_hosted_zone = CustomDns(ref=hosted_zone_id, name=self.cluster_dns_domain.value_as_string)
else:
cluster_hosted_zone = route53.CfnHostedZone(
self.stack_scope,
"Route53HostedZone",
name=self.cluster_dns_domain.value_as_string,
vpcs=[route53.CfnHostedZone.VPCProperty(vpc_id=self.config.vpc_id, vpc_region=self._stack_region)],
)
# If Headnode InstanceRole is created by ParallelCluster, add Route53 policy for InstanceRole
if self.managed_head_node_instance_role:
iam.CfnPolicy(
self.stack_scope,
"ParallelClusterSlurmRoute53Policies",
policy_name="parallelcluster-slurm-route53",
policy_document=iam.PolicyDocument(
statements=[
iam.PolicyStatement(
sid="Route53Add",
effect=iam.Effect.ALLOW,
actions=["route53:ChangeResourceRecordSets"],
resources=[
self._format_arn(
service="route53",
region="",
account="",
resource=f"hostedzone/{cluster_hosted_zone.ref}",
),
],
),
]
),
roles=[self.managed_head_node_instance_role.ref],
)
cleanup_route53_lambda_execution_role = None
if self.cleanup_lambda_role:
cleanup_route53_lambda_execution_role = add_lambda_cfn_role(
scope=self.stack_scope,
function_id="CleanupRoute53",
statements=[
iam.PolicyStatement(
actions=["route53:ListResourceRecordSets", "route53:ChangeResourceRecordSets"],
effect=iam.Effect.ALLOW,
resources=[
self._format_arn(
service="route53",
region="",
account="",
resource=f"hostedzone/{cluster_hosted_zone.ref}",
),
],
sid="Route53DeletePolicy",
),
get_cloud_watch_logs_policy_statement(
resource=self._format_arn(service="logs", account="*", region="*", resource="*")
),
],
)
cleanup_route53_lambda = PclusterLambdaConstruct(
scope=self.stack_scope,
id="CleanupRoute53FunctionConstruct",
function_id="CleanupRoute53",
bucket=self.bucket,
config=self.config,
execution_role=cleanup_route53_lambda_execution_role.attr_arn
if cleanup_route53_lambda_execution_role
else self.config.iam.roles.lambda_functions_role,
handler_func="cleanup_resources",
).lambda_func
self.cleanup_route53_custom_resource = CfnCustomResource(
self.stack_scope,
"CleanupRoute53CustomResource",
service_token=cleanup_route53_lambda.attr_arn,
)
self.cleanup_route53_custom_resource.add_property_override("ClusterHostedZone", cluster_hosted_zone.ref)
self.cleanup_route53_custom_resource.add_property_override("Action", "DELETE_DNS_RECORDS")
self.cleanup_route53_custom_resource.add_property_override("ClusterDNSDomain", cluster_hosted_zone.name)
CfnOutput(
self.stack_scope,
"ClusterHostedZone",
description="Id of the private hosted zone created within the cluster",
value=cluster_hosted_zone.ref,
)
return cluster_hosted_zone