modules/mu/providers/aws/group.rb in cloud-mu-3.4.0 vs modules/mu/providers/aws/group.rb in cloud-mu-3.5.0
- old
+ new
@@ -30,21 +30,21 @@
end
# Called automatically by {MU::Deploy#createResources}
def create
begin
- MU::Cloud::AWS.iam(credentials: @config['credentials']).get_group(
+ MU::Cloud::AWS.iam(credentials: @credentials).get_group(
group_name: @mu_name,
path: @config['path']
)
if !@config['use_if_exists']
raise MuError, "IAM group #{@mu_name} already exists and use_if_exists is false"
end
rescue Aws::IAM::Errors::NoSuchEntity
@config['path'] ||= "/"+@deploy.deploy_id+"/"
MU.log "Creating IAM group #{@config['path']}#{@mu_name}"
- MU::Cloud::AWS.iam(credentials: @config['credentials']).create_group(
+ MU::Cloud::AWS.iam(credentials: @credentials).create_group(
group_name: @mu_name,
path: @config['path']
)
end
end
@@ -62,11 +62,11 @@
userid = userdesc.cloud_id if userdesc
found = MU::Cloud.resourceClass("AWS", "User").find(cloud_id: userid)
if found.size == 1
userdesc = found.values.first
MU.log "Adding IAM user #{userdesc.path}#{userdesc.user_name} to group #{@mu_name}", MU::NOTICE
- MU::Cloud::AWS.iam(credentials: @config['credentials']).add_user_to_group(
+ MU::Cloud::AWS.iam(credentials: @credentials).add_user_to_group(
user_name: userid,
group_name: @mu_name
)
else
MU.log "IAM user #{userid} doesn't seem to exist, can't add to group #{@mu_name}", MU::ERR
@@ -75,11 +75,11 @@
if @config['purge_extra_members']
extras = cloud_desc.users.map { |u| u.user_name } - @config['members']
extras.each { |user_name|
MU.log "Purging user #{user_name} from IAM group #{@cloud_id}", MU::NOTICE
- MU::Cloud::AWS.iam(credentials: @config['credentials']).remove_user_from_group(
+ MU::Cloud::AWS.iam(credentials: @credentials).remove_user_from_group(
user_name: user_name,
group_name: @cloud_id
)
}
end
@@ -154,11 +154,11 @@
# Fetch the AWS API description of this group
# return [Struct]
def cloud_desc(use_cache: true)
return @cloud_desc_cache if @cloud_desc_cache and use_cache
return nil if !@mu_name
- @cloud_desc_cache = MU::Cloud::AWS.iam(credentials: @config['credentials']).get_group(
+ @cloud_desc_cache = MU::Cloud::AWS.iam(credentials: @credentials).get_group(
group_name: @mu_name
)
@cloud_desc_cache
end
@@ -265,11 +265,11 @@
# We assume that any values we have in +@config+ are placeholders, and
# calculate our own accordingly based on what's live in the cloud.
def toKitten(**_args)
bok = {
"cloud" => "AWS",
- "credentials" => @config['credentials'],
+ "credentials" => @credentials,
"cloud_id" => @cloud_id
}
if !cloud_desc
MU.log "toKitten failed to load a cloud_desc from #{@cloud_id}", MU::ERR, details: @config
@@ -290,10 +290,10 @@
# Grab and assimilate any inline policies attached to this group
resp = MU::Cloud::AWS.iam(credentials: @credentials).list_group_policies(group_name: @cloud_id)
if resp and resp.policy_names and resp.policy_names.size > 0
resp.policy_names.each { |pol_name|
pol = MU::Cloud::AWS.iam(credentials: @credentials).get_group_policy(group_name: @cloud_id, policy_name: pol_name)
- doc = JSON.parse(URI.decode(pol.policy_document))
+ doc = JSON.parse(CGI.unescape(pol.policy_document))
bok["inline_policies"] = MU::Cloud.resourceClass("AWS", "Role").doc2MuPolicies(pol.policy_name, doc, bok["inline_policies"])
}
end
# Grab and reference any managed policies attached to this group