lib/miam/exporter.rb in miam-0.2.2 vs lib/miam/exporter.rb in miam-0.2.3.beta

@@ -1,7 +1,9 @@
 # coding: utf-8
 class Miam::Exporter
+  AWS_MANAGED_POLICY_PREFIX = 'arn:aws:iam::aws:'
+
   def self.export(iam, options = {})
     self.new(iam, options).export
   end
 
   def initialize(iam, options = {})
@@ -15,10 +17,11 @@
     account_authorization_details = get_account_authorization_details
 
     users = account_authorization_details[:user_detail_list]
     groups = account_authorization_details[:group_detail_list]
     roles = account_authorization_details[:role_detail_list]
+    policies = account_authorization_details[:policies]
     instance_profiles = list_instance_profiles
     group_users = {}
     instance_profile_roles = {}
 
     unless @options[:no_progress]
@@ -35,10 +38,11 @@
     expected = {
       :users => export_users(users, group_users),
       :groups => export_groups(groups),
       :roles => export_roles(roles, instance_profile_roles),
       :instance_profiles => export_instance_profiles(instance_profiles),
+      :policies => export_policies(policies),
     }
 
     [expected, group_users, instance_profile_roles]
   end
 
@@ -190,10 +194,49 @@
     end
 
     result
   end
 
+  def export_policies(policies)
+    result = {}
+
+    Parallel.each(policies, :in_threads => @concurrency) do |policy|
+      if policy.arn.start_with?(AWS_MANAGED_POLICY_PREFIX)
+        next
+      end
+
+      policy_name = policy.policy_name
+      document = export_policy_document(policy)
+
+      result[policy_name] = {
+        :path => policy.path,
+        :document => document,
+      }
+    end
+
+    result
+  end
+
+  def export_policy_document(policy)
+    policy_version = nil
+
+    policy_version_list = policy.policy_version_list.sort_by do |pv|
+      pv.version_id[1..-1].to_i
+    end
+
+    policy_version_list.each do |pv|
+      policy_version = pv
+
+      if pv.is_default_version
+        break
+      end
+    end
+
+    document = CGI.unescape(policy_version.document)
+    JSON.parse(document)
+  end
+
   def list_instance_profiles
     @iam.list_instance_profiles.map {|resp|
       resp.instance_profiles.to_a
     }.flatten
   end
@@ -207,9 +250,10 @@
 
     keys = [
       :user_detail_list,
       :group_detail_list,
       :role_detail_list,
+      :policies,
     ]
 
     keys.each do |key|
       account_authorization_details[key] = []
     end