Sha256: d5969285af787ae8de819b3b4ecbfab497e49fe2311956dde70ca5b94de935fc

Contents?: true

Size: 1.34 KB

Versions: 4

Compression:

Stored size: 1.34 KB

Contents

require 'docile'

module CferExt
  module AWS
    module IAM
      class PolicyGenerator < Cfer::BlockHash
        def initialize
          self[:Version] = '2012-10-17'
          self[:Statement] = []
        end

        def statement(options = {}, &block)
          statement = ::Cfer::BlockHash.new(&block)
          statement.merge! options
          statement.build_from_block(&block)
          self[:Statement].unshift statement
        end

        def allow(&block)
          statement Effect: :Allow, &block
        end

        def deny(&block)
          statement Effect: :Deny, &block
        end
      end

      module WithPolicyDocument
      end

      module WithPolicies
        def policy(name, doc = nil, &block)
          self[:Properties][:Policies] ||= []
          doc = CferExt::AWS::IAM.generate_policy(&block) if doc == nil
          get_property(:Policies) << {
            PolicyName: name,
            PolicyDocument: doc
          }
        end
      end

      def self.generate_policy(&block)
        policy = PolicyGenerator.new
        policy.build_from_block(&block)
        policy
      end

      EC2_ASSUME_ROLE_POLICY_DOCUMENT =
        CferExt::AWS::IAM.generate_policy do
          allow do
            principal Service: 'ec2.amazonaws.com'
            action 'sts:AssumeRole'
          end
        end.freeze
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
cfer-0.5.0.pre.rc4 lib/cferext/aws/iam/policy_generator.rb
cfer-0.5.0.pre.rc3 lib/cferext/aws/iam/policy_generator.rb
cfer-0.5.0.pre.rc2 lib/cferext/aws/iam/policy_generator.rb
cfer-0.5.0.pre.rc1 lib/cferext/aws/iam/policy_generator.rb