RubygemsResearch

Sha256: e871021ea05b6c3c8e6a19fe8360d04bcf4062408b70d26c2702af178dd2ab0e

Contents?: true

Size: 1.82 KB

Versions: 14

Compression:

Stored size: 1.82 KB

describe Ufo::IamRole::Builder do
  let(:builder) { described_class.new(role_type) }
  let(:role_type) { "task_role" }

  before(:each) do
    Ufo::IamRole::Registry.register_policy("task_role",
      "AmazonS3ReadOnlyAccess",
      {:Action=>["s3:Get*", "s3:List*"], :Effect=>"Allow", :Resource=>"*"}
    )
    Ufo::IamRole::Registry.register_policy("task_role",
      "CloudwatchWrite",
      {:Action=>["cloudwatch:PutMetricData"], :Effect=>"Allow", :Resource=>"*"}
    )
    # Called twice on purpose to show that duplicated items in the set wont create doubles.
    # This allows the Dsl evaluate to be ran multiple times.
    Ufo::IamRole::Registry.register_policy("task_role",
      "CloudwatchWrite",
      {:Action=>["cloudwatch:PutMetricData"], :Effect=>"Allow", :Resource=>"*"}
    )


    Ufo::IamRole::Registry.register_managed_policy("task_role",
      "AmazonS3ReadOnlyAccess", "AmazonEC2ReadOnlyAccess"
    )
  end

  context "build" do
    it "builds role" do
      resource = builder.build
      expected = <<YAML
---
Type: AWS::IAM::Role
Properties:
  AssumeRolePolicyDocument:
    Version: '2012-10-17'
    Statement:
    - Effect: Allow
      Principal:
        Service: ecs-tasks.amazonaws.com
      Action: sts:AssumeRole
  Policies:
  - PolicyName: AmazonS3ReadOnlyAccess
    PolicyDocument:
      Version: '2012-10-17'
      Statement:
      - Action:
        - s3:Get*
        - s3:List*
        Effect: Allow
        Resource: "*"
  - PolicyName: CloudwatchWrite
    PolicyDocument:
      Version: '2012-10-17'
      Statement:
      - Action:
        - cloudwatch:PutMetricData
        Effect: Allow
        Resource: "*"
  ManagedPolicyArns:
  - arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
  - arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess
YAML
      yaml = YAML.dump(resource)
      expect(yaml).to eq(expected)
    end
  end
end

Version data entries

14 entries across 14 versions & 1 rubygems

Version	Path
ufo-6.3.13	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.12	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.11	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.10	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.9	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.8	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.7	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.6	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.5	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.4	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.3	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.2	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.1	spec/ufo/iam_role/builder_spec.rb
ufo-6.3.0	spec/ufo/iam_role/builder_spec.rb