README.md in practice_terraforming-0.1.3 vs README.md in practice_terraforming-0.1.4
- old
+ new
@@ -1,14 +1,16 @@
[](https://circleci.com/gh/nakamasato/practice_terraforming)
# PracticeTerraforming
-This is just for practice!
+## Description
+This is just for practice! There's not `IAMRolePolicyAttachment`, `IAMUserPolicyAttachment` and `IAMGroupPolicyAttachment` in the original repo. So, I implemented them and also sent pull requests. This repo is used to check before sending those pull requests.
+
## Installation
-Add this line to your application's Gemfile:
+Add this line to your application's Gemfile (https://rubygems.org/gems/practice_terraforming):
```ruby
gem 'practice_terraforming'
```
@@ -30,19 +32,19 @@
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
## Contributing
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/practice_terraforming. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+Bug reports and pull requests are welcome on GitHub at https://github.com/nakamasato/practice_terraforming. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
## License
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
## Code of Conduct
-Everyone interacting in the PracticeTerraforming project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/practice_terraforming/blob/master/CODE_OF_CONDUCT.md).
+Everyone interacting in the PracticeTerraforming project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/nakamasato/practice_terraforming/blob/master/CODE_OF_CONDUCT.md).
# How I created this
## Prepare Gem
@@ -102,60 +104,60 @@
|spec/lib/practice_terraforming/resource/<resource>.rb|generated by `script/generate` but need to write by yourself|
## Create Resource
-0. generate templates with `script/generate`
+`. generate templates with `script/generate`
-```
-script/generate iam_policy_attachment
-==> Generate iam_policy_attachment.rb
-==> Generate iam_policy_attachment_spec.rb
-==> Generate iam_policy_attachment.erb
+ ```
+ script/generate iam_policy_attachment
+ ==> Generate iam_policy_attachment.rb
+ ==> Generate iam_policy_attachment_spec.rb
+ ==> Generate iam_policy_attachment.erb
-Add below code by hand.
+ Add below code by hand.
-lib/practice_terraforming.rb:
+ lib/practice_terraforming.rb:
- require "practice_terraforming/resource/iam_policy_attachment"
+ require "practice_terraforming/resource/iam_policy_attachment"
-lib/practice_terraforming/cli.rb:
+ lib/practice_terraforming/cli.rb:
- module PracticeTerraforming
- class CLI < Thor
+ module PracticeTerraforming
+ class CLI < Thor
- # Subcommand name should be acronym.
- desc "iam_policy_attachment", "Iam Policy Attachment"
- def iam_policy_attachment
- execute(PracticeTerraforming::Resource::IamPolicyAttachment, options)
- end
+ # Subcommand name should be acronym.
+ desc "iam_policy_attachment", "Iam Policy Attachment"
+ def iam_policy_attachment
+ execute(PracticeTerraforming::Resource::IamPolicyAttachment, options)
+ end
-spec/lib/practice_terraforming/cli_spec.rb:
+ spec/lib/practice_terraforming/cli_spec.rb:
- module PracticeTerraforming
- describe CLI do
- context "resources" do
- describe "iam_policy_attachment" do
- let(:klass) { PracticeTerraforming::Resource::IamPolicyAttachment }
- let(:command) { :iam_policy_attachment }
+ module PracticeTerraforming
+ describe CLI do
+ context "resources" do
+ describe "iam_policy_attachment" do
+ let(:klass) { PracticeTerraforming::Resource::IamPolicyAttachment }
+ let(:command) { :iam_policy_attachment }
- it_behaves_like "CLI examples"
- end
-```
+ it_behaves_like "CLI examples"
+ end
+ ```
1. As the message says, add those codes.
-2. `lib/practice_terraforming/resource/iam_policy_attachment.rb`: Change Aws client and write logic in `tfstate` method
+1. `lib/practice_terraforming/resource/iam_policy_attachment.rb`: Change Aws client and write logic in `tfstate` method
Use aws-sdk-<resource> to get the input data and write the logic to generate tf/tfstate file.
1. tf -> only need to update the template file, which appears in the next step
2. tfstate -> get resource list using private method, format them into resources and return them
3. As for private methods:
- module_name_of(<resource>) -> used for module name of terraform to be imported
- <api method name, e.g. entities_for_policy> -> get the resource info with aws-sdk
- other -> make a list of resources to be used in `tfstate` method
-3. `lib/practice_terraforming/template/tf/iam_policy_attachment.erb`: Update the erb based on the corresponding terraform resource.
+1. `lib/practice_terraforming/template/tf/iam_policy_attachment.erb`: Update the erb based on the corresponding terraform resource.
```
<% iam_policy_attachments.each do |policy_attachment| -%>
resource "aws_iam_policy_attachment" "<%= module_name_of(policy_attachment) %>" {
name = "<%= policy_attachment[:name] %>"
@@ -166,58 +168,58 @@
}
<% end -%>
```
-4. `spec/lib/practice_terraforming/resource/iam_policy_attachment_spec.rb`: Change Aws client and write test for tf and tfstate
+1. `spec/lib/practice_terraforming/resource/iam_policy_attachment_spec.rb`: Change Aws client and write test for tf and tfstate
Test Perspective:
1. Create aws sdk result using stub.
2. Use the module to generate tf/tfstate.
3. Compare expected one and generated one.
- ```
- irb(main):007:0> client.list_policies.policies[0]
- => #<struct Aws::IAM::Types::Policy policy_name="test-policy", policy_id="ABCDEFG", arn="arn:aws:iam::123456789:policy/test-policy", path="/", default_version_id="v1", attachment_count=1, permissions_boundary_usage_count=0, is_attachable=true, description=nil, create_date=2019-01-01 00:00:00 UTC, update_date=2019-01-02 00:00:00 UTC>
-client.list_entities_for_policy(policy_arn: "arn:aws:iam::351540792571:policy/ai-suggest-batch-user-policy")
- irb(main):008:0> client.list_entities_for_policy(policy_arn: "arn:aws:iam::123456789:policy/test-policy")
- => #<struct Aws::IAM::Types::ListEntitiesForPolicyResponse policy_groups=[#<struct Aws::IAM::Types::PolicyGroup group_name="test-group", group_id="ABCDEFG">], policy_users=[], policy_roles=[], is_truncated=false, marker=nil>
- ```
- ```
- let(:policies) do
- [
- {
- policy_name: "test-policy",
- policy_id: "ABCDEFG",
- arn: "arn:aws:iam::123456789:policy/test-policy",
- path: "/",
- default_version_id: "v1",
- attachment_count: 1,
- is_attachable: true,
- create_date: Time.parse("2019-01-01 00:00:00 UTC"),
- update_date: Time.parse("2019-01-02 00:00:00 UTC"),
- description: nil,
- }
- ]
- end
+ ```
+ irb(main):007:0> client.list_policies.policies[0]
+ => #<struct Aws::IAM::Types::Policy policy_name="test-policy", policy_id="ABCDEFG", arn="arn:aws:iam::123456789:policy/test-policy", path="/", default_version_id="v1", attachment_count=1, permissions_boundary_usage_count=0, is_attachable=true, description=nil, create_date=2019-01-01 00:00:00 UTC, update_date=2019-01-02 00:00:00 UTC>
+ irb(main):008:0> client.list_entities_for_policy(policy_arn: "arn:aws:iam::123456789:policy/test-policy")
+ => #<struct Aws::IAM::Types::ListEntitiesForPolicyResponse policy_groups=[#<struct Aws::IAM::Types::PolicyGroup group_name="test-group", group_id="ABCDEFG">], policy_users=[], policy_roles=[], is_truncated=false, marker=nil>
+ ```
- let(:entities_for_policy) do
- {
- policy_groups: [
- { group_name: "test-group", group_id: "ABCDEFG" },
- ],
- policy_users: [],
- policy_roles: [],
- }
- end
+ ```
+ let(:policies) do
+ [
+ {
+ policy_name: "test-policy",
+ policy_id: "ABCDEFG",
+ arn: "arn:aws:iam::123456789:policy/test-policy",
+ path: "/",
+ default_version_id: "v1",
+ attachment_count: 1,
+ is_attachable: true,
+ create_date: Time.parse("2019-01-01 00:00:00 UTC"),
+ update_date: Time.parse("2019-01-02 00:00:00 UTC"),
+ description: nil,
+ }
+ ]
+ end
- before do
- client.stub_responses(:list_policies, policies: policies)
- client.stub_responses(:list_entities_for_policy, [entities_for_policy])
- end
- ```
+ let(:entities_for_policy) do
+ {
+ policy_groups: [
+ { group_name: "test-group", group_id: "ABCDEFG" },
+ ],
+ policy_users: [],
+ policy_roles: [],
+ }
+ end
+ before do
+ client.stub_responses(:list_policies, policies: policies)
+ client.stub_responses(:list_entities_for_policy, [entities_for_policy])
+ end
+ ```
+
## Install on local
### Build
```
@@ -243,11 +245,14 @@
```
practice_terraforming
Commands:
practice_terraforming help [COMMAND] # Describe available commands or one specific command
+ practice_terraforming iampa # Iam Policy Attachment
practice_terraforming iamr # Iam Role
+ practice_terraforming iamrpa # Iam Role Policy Attachment
+ practice_terraforming iamupa # Iam User Policy Attachment
practice_terraforming s3 # S3
Options:
[--merge=MERGE] # tfstate file to merge
[--overwrite], [--no-overwrite] # Overwrite existing tfstate
@@ -255,5 +260,13 @@
[--profile=PROFILE] # AWS credentials profile
[--region=REGION] # AWS region
[--assume=ASSUME] # Role ARN to assume
[--use-bundled-cert], [--no-use-bundled-cert] # Use the bundled CA certificate from AWS SDK
```
+
+## Table for aws-sdk and terraforming
+
+|terraforming resource|aws-sdk|
+|---|---|
+|IAMRolePolicyAttachment|`list_roles` and `list_attached_role_policies` for all extracted roles |
+|IAMGroupPolicyAttachment|`list_users` and `list_attached_user_policies` for all extracted users|
+|IAMGroupPolicyAttachment|`list_groups` and `list_attached_group_policies` for all extracted groups|