Sha256: 48d6c3f754c0c9e9d3f8bbf6e6809b1eb146ead780d4485e477fa80a0bda7118
Contents?: true
Size: 1.71 KB
Versions: 2
Compression:
Stored size: 1.71 KB
Contents
require "yaml"
module Codebuild
class Role
include Codebuild::Dsl::Role
include Evaluate
include Variables
def initialize(options={})
@options = options
@role_path = options[:role_path] || get_role_path
@properties = default_properties
@iam_policy = {}
end
def run
load_variables
evaluate(@role_path) if File.exist?(@role_path)
@properties[:policies] = [{
policy_name: "CodeBuildAccess",
policy_document: {
version: "2012-10-17",
statement: derived_iam_statements
}
}]
@properties[:managed_policy_arns] = @managed_policy_arns if @managed_policy_arns && !@managed_policy_arns.empty?
resource = {
IamRole: {
type: "AWS::IAM::Role",
properties: @properties
}
}
CfnCamelizer.transform(resource)
end
private
def get_role_path
lookup_codebuild_file("role.rb")
end
def default_properties
{
assume_role_policy_document: {
statement: [{
action: ["sts:AssumeRole"],
effect: "Allow",
principal: {
service: ["codebuild.amazonaws.com"]
}
}],
version: "2012-10-17"
},
path: "/"
}
end
def derived_iam_statements
@iam_statements || default_iam_statements
end
def default_iam_statements
[{
action: [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"ssm:DescribeDocumentParameters",
"ssm:DescribeParameters",
"ssm:GetParameter*",
],
effect: "Allow",
resource: "*"
}]
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| codebuild-0.6.1 | lib/codebuild/role.rb |
| codebuild-0.6.0 | lib/codebuild/role.rb |