Contents

describe Ufo::IamRole::Builder do
  let(:builder) { described_class.new(role_type) }
  let(:role_type) { "task_role" }

  before(:each) do
    Ufo::IamRole::Registry.register_policy("task_role",
      "AmazonS3ReadOnlyAccess",
      {:Action=>["s3:Get*", "s3:List*"], :Effect=>"Allow", :Resource=>"*"}
    )
    Ufo::IamRole::Registry.register_policy("task_role",
      "CloudwatchWrite",
      {:Action=>["cloudwatch:PutMetricData"], :Effect=>"Allow", :Resource=>"*"}
    )
    # Called twice on purpose to show that duplicated items in the set wont create doubles.
    # This allows the DSL evaluate to be ran multiple times.
    Ufo::IamRole::Registry.register_policy("task_role",
      "CloudwatchWrite",
      {:Action=>["cloudwatch:PutMetricData"], :Effect=>"Allow", :Resource=>"*"}
    )


    Ufo::IamRole::Registry.register_managed_policy("task_role",
      "AmazonS3ReadOnlyAccess", "AmazonEC2ReadOnlyAccess"
    )
  end

  context "build" do
    it "builds role" do
      resource = builder.build
      expected = <<YAML
---
Type: AWS::IAM::Role
Properties:
  AssumeRolePolicyDocument:
    Version: '2012-10-17'
    Statement:
    - Effect: Allow
      Principal:
        Service: ecs-tasks.amazonaws.com
      Action: sts:AssumeRole
  Policies:
  - PolicyName: AmazonS3ReadOnlyAccess
    PolicyDocument:
      Version: '2012-10-17'
      Statement:
      - Action:
        - s3:Get*
        - s3:List*
        Effect: Allow
        Resource: "*"
  - PolicyName: CloudwatchWrite
    PolicyDocument:
      Version: '2012-10-17'
      Statement:
      - Action:
        - cloudwatch:PutMetricData
        Effect: Allow
        Resource: "*"
  ManagedPolicyArns:
  - arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
  - arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess
YAML
      yaml = YAML.dump(resource)
      expect(yaml).to eq(expected)
    end
  end
end

Version data entries

22 entries across 22 versions & 1 rubygems

Version	Path
ufo-6.2.5	spec/ufo/iam_role/builder_spec.rb
ufo-6.2.4	spec/ufo/iam_role/builder_spec.rb
ufo-6.2.3	spec/ufo/iam_role/builder_spec.rb
ufo-6.2.2	spec/ufo/iam_role/builder_spec.rb
ufo-6.2.1	spec/ufo/iam_role/builder_spec.rb
ufo-6.2.0	spec/ufo/iam_role/builder_spec.rb
ufo-6.1.5	spec/ufo/iam_role/builder_spec.rb
ufo-6.1.4	spec/ufo/iam_role/builder_spec.rb
ufo-6.1.3	spec/ufo/iam_role/builder_spec.rb
ufo-6.1.2	spec/ufo/iam_role/builder_spec.rb
ufo-6.1.1	spec/ufo/iam_role/builder_spec.rb
ufo-6.1.0	spec/ufo/iam_role/builder_spec.rb
ufo-6.0.9	spec/ufo/iam_role/builder_spec.rb
ufo-6.0.8	spec/ufo/iam_role/builder_spec.rb
ufo-6.0.7	spec/ufo/iam_role/builder_spec.rb
ufo-6.0.6	spec/ufo/iam_role/builder_spec.rb
ufo-6.0.5	spec/ufo/iam_role/builder_spec.rb
ufo-6.0.4	spec/ufo/iam_role/builder_spec.rb
ufo-6.0.3	spec/ufo/iam_role/builder_spec.rb
ufo-6.0.2	spec/ufo/iam_role/builder_spec.rb