modules/mu/clouds/aws/role.rb in cloud-mu-3.1.1 vs modules/mu/clouds/aws/role.rb in cloud-mu-3.1.2beta2
- old
+ new
@@ -1124,10 +1124,11 @@
}
end
if policy["grant_to"] # XXX factor this with target, they're too similar
statement["Principal"] ||= []
policy["grant_to"].each { |grantee|
+ grantee["identifier"] ||= grantee["id"]
if grantee["type"] and deploy_obj
sibling = deploy_obj.findLitterMate(
name: grantee["identifier"],
type: grantee["type"]
)
@@ -1145,17 +1146,18 @@
statement["Principal"] = statement["Principal"].first
end
end
if policy["targets"]
policy["targets"].each { |target|
+ target["identifier"] ||= target["id"]
if target["type"] and deploy_obj
sibling = deploy_obj.findLitterMate(
name: target["identifier"],
type: target["type"]
)
if sibling
id = sibling.cloudobj.arn
- id.sub!(/:([^:]+)$/, ":"+target["path"]) if target["path"]
+ id.sub!(/:([^:]+)$/, ":"+'\1'+target["path"]) if target["path"]
statement["Resource"] << id
if id.match(/:log-group:/)
stream_id = id.sub(/:([^:]+)$/, ":log-stream:*")
# "arn:aws:logs:us-east-2:accountID:log-group:log_group_name:log-stream:CloudTrail_log_stream_name_prefix*"
statement["Resource"] << stream_id