aboisvert_aws 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/History.txt +329 -0
- data/Manifest.txt +61 -0
- data/README.txt +163 -0
- data/Rakefile +130 -0
- data/lib/acf/right_acf_interface.rb +549 -0
- data/lib/acf/right_acf_invalidations.rb +144 -0
- data/lib/acf/right_acf_origin_access_identities.rb +230 -0
- data/lib/acf/right_acf_streaming_interface.rb +229 -0
- data/lib/acw/right_acw_interface.rb +248 -0
- data/lib/as/right_as_interface.rb +698 -0
- data/lib/awsbase/benchmark_fix.rb +39 -0
- data/lib/awsbase/right_awsbase.rb +1343 -0
- data/lib/awsbase/support.rb +35 -0
- data/lib/awsbase/version.rb +9 -0
- data/lib/ec2/right_ec2.rb +541 -0
- data/lib/ec2/right_ec2_ebs.rb +481 -0
- data/lib/ec2/right_ec2_images.rb +444 -0
- data/lib/ec2/right_ec2_instances.rb +788 -0
- data/lib/ec2/right_ec2_monitoring.rb +70 -0
- data/lib/ec2/right_ec2_placement_groups.rb +108 -0
- data/lib/ec2/right_ec2_reserved_instances.rb +184 -0
- data/lib/ec2/right_ec2_security_groups.rb +491 -0
- data/lib/ec2/right_ec2_spot_instances.rb +422 -0
- data/lib/ec2/right_ec2_tags.rb +139 -0
- data/lib/ec2/right_ec2_vpc.rb +590 -0
- data/lib/ec2/right_ec2_vpc2.rb +381 -0
- data/lib/ec2/right_ec2_windows_mobility.rb +84 -0
- data/lib/elb/right_elb_interface.rb +573 -0
- data/lib/emr/right_emr_interface.rb +727 -0
- data/lib/iam/right_iam_access_keys.rb +71 -0
- data/lib/iam/right_iam_groups.rb +195 -0
- data/lib/iam/right_iam_interface.rb +341 -0
- data/lib/iam/right_iam_mfa_devices.rb +67 -0
- data/lib/iam/right_iam_users.rb +251 -0
- data/lib/rds/right_rds_interface.rb +1384 -0
- data/lib/right_aws.rb +86 -0
- data/lib/route_53/right_route_53_interface.rb +640 -0
- data/lib/s3/right_s3.rb +1138 -0
- data/lib/s3/right_s3_interface.rb +1278 -0
- data/lib/sdb/active_sdb.rb +1107 -0
- data/lib/sdb/right_sdb_interface.rb +762 -0
- data/lib/sns/right_sns_interface.rb +286 -0
- data/lib/sqs/right_sqs.rb +387 -0
- data/lib/sqs/right_sqs_gen2.rb +342 -0
- data/lib/sqs/right_sqs_gen2_interface.rb +523 -0
- data/lib/sqs/right_sqs_interface.rb +593 -0
- data/right_aws.gemspec +90 -0
- data/test/README.mdown +39 -0
- data/test/acf/test_helper.rb +2 -0
- data/test/acf/test_right_acf.rb +138 -0
- data/test/awsbase/test_helper.rb +2 -0
- data/test/awsbase/test_right_awsbase.rb +11 -0
- data/test/ec2/test_helper.rb +2 -0
- data/test/ec2/test_right_ec2.rb +107 -0
- data/test/elb/test_helper.rb +2 -0
- data/test/elb/test_right_elb.rb +43 -0
- data/test/http_connection.rb +87 -0
- data/test/rds/test_helper.rb +2 -0
- data/test/rds/test_right_rds.rb +120 -0
- data/test/route_53/fixtures/a_record.xml +18 -0
- data/test/route_53/fixtures/alias_record.xml +18 -0
- data/test/route_53/test_helper.rb +2 -0
- data/test/route_53/test_right_route_53.rb +141 -0
- data/test/s3/test_helper.rb +2 -0
- data/test/s3/test_right_s3.rb +528 -0
- data/test/s3/test_right_s3_stubbed.rb +97 -0
- data/test/sdb/test_active_sdb.rb +357 -0
- data/test/sdb/test_batch_put_attributes.rb +54 -0
- data/test/sdb/test_helper.rb +3 -0
- data/test/sdb/test_right_sdb.rb +253 -0
- data/test/sns/test_helper.rb +2 -0
- data/test/sns/test_right_sns.rb +153 -0
- data/test/sqs/test_helper.rb +2 -0
- data/test/sqs/test_right_sqs.rb +285 -0
- data/test/sqs/test_right_sqs_gen2.rb +264 -0
- data/test/test_credentials.rb +37 -0
- data/test/ts_right_aws.rb +15 -0
- metadata +257 -0
@@ -0,0 +1,71 @@
|
|
1
|
+
module RightAws
|
2
|
+
|
3
|
+
class IamInterface < RightAwsBase
|
4
|
+
|
5
|
+
#-----------------------------------------------------------------
|
6
|
+
# Access Keys
|
7
|
+
#-----------------------------------------------------------------
|
8
|
+
|
9
|
+
# Returns information about the Access Key IDs associated with the specified User.
|
10
|
+
#
|
11
|
+
# Options: :user_name, :max_items, :marker
|
12
|
+
#
|
13
|
+
# iam.list_access_keys #=>
|
14
|
+
# [{:create_date=>"2007-01-09T06:16:30Z",
|
15
|
+
# :status=>"Active",
|
16
|
+
# :access_key_id=>"00000000000000000000"}]
|
17
|
+
#
|
18
|
+
def list_access_keys(options={}, &block)
|
19
|
+
incrementally_list_iam_resources('ListAccessKeys', options, &block)
|
20
|
+
end
|
21
|
+
|
22
|
+
# Creates a new AWS Secret Access Key and corresponding AWS Access Key ID for the specified User.
|
23
|
+
#
|
24
|
+
# Options: :user_name
|
25
|
+
#
|
26
|
+
# iam.create_access_key(:user_name => 'kd1') #=>
|
27
|
+
# {:access_key_id=>"AK0000000000000000ZQ",
|
28
|
+
# :status=>"Active",
|
29
|
+
# :secret_access_key=>"QXN0000000000000000000000000000000000Ioj",
|
30
|
+
# :create_date=>"2010-10-29T07:16:32.210Z",
|
31
|
+
# :user_name=>"kd1"}
|
32
|
+
#
|
33
|
+
def create_access_key(options={})
|
34
|
+
request_hash = {}
|
35
|
+
request_hash['UserName'] = options[:user_name] unless options[:user_name].right_blank?
|
36
|
+
link = generate_request("CreateAccessKey", request_hash)
|
37
|
+
request_info(link, CreateAccessKeyParser.new(:logger => @logger))
|
38
|
+
end
|
39
|
+
|
40
|
+
# Deletes the access key associated with the specified User.
|
41
|
+
#
|
42
|
+
# Options: :user_name
|
43
|
+
#
|
44
|
+
# iam.delete_access_key('AK00000000000000006A', :user_name => 'kd1') #=> true
|
45
|
+
#
|
46
|
+
def delete_access_key(access_key_id, options={})
|
47
|
+
request_hash = { 'AccessKeyId' => access_key_id }
|
48
|
+
request_hash['UserName'] = options[:user_name] unless options[:user_name].right_blank?
|
49
|
+
link = generate_request("DeleteAccessKey", request_hash)
|
50
|
+
request_info(link, RightHttp2xxParser.new(:logger => @logger))
|
51
|
+
end
|
52
|
+
|
53
|
+
#-----------------------------------------------------------------
|
54
|
+
# PARSERS
|
55
|
+
#-----------------------------------------------------------------
|
56
|
+
|
57
|
+
class ListAccessKeysParser < BasicIamListParser #:nodoc:
|
58
|
+
def reset
|
59
|
+
@expected_tags = %w{ AccessKeyId CreateDate Status UserName }
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
class CreateAccessKeyParser < BasicIamParser #:nodoc:
|
64
|
+
def reset
|
65
|
+
@expected_tags = %w{ AccessKeyId CreateDate SecretAccessKey Status UserName }
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
70
|
+
|
71
|
+
end
|
@@ -0,0 +1,195 @@
|
|
1
|
+
module RightAws
|
2
|
+
|
3
|
+
class IamInterface < RightAwsBase
|
4
|
+
|
5
|
+
#-----------------------------------------------------------------
|
6
|
+
# Groups
|
7
|
+
#-----------------------------------------------------------------
|
8
|
+
|
9
|
+
# Lists the groups that have the specified path prefix.
|
10
|
+
#
|
11
|
+
# Options: :path_prefix, :max_items, :marker
|
12
|
+
#
|
13
|
+
# iam.list_groups #=>
|
14
|
+
# [{:group_id=>"AGP000000000000000UTY",
|
15
|
+
# :arn=>"arn:aws:iam::640000000037:group/kd_test",
|
16
|
+
# :path=>"/",
|
17
|
+
# :group_name=>"kd_test"}]
|
18
|
+
#
|
19
|
+
def list_groups(options={}, &block)
|
20
|
+
incrementally_list_iam_resources('ListGroups', options, &block)
|
21
|
+
end
|
22
|
+
|
23
|
+
# Creates a new group.
|
24
|
+
#
|
25
|
+
# iam.create_group('kd_group') #=>
|
26
|
+
# {:group_id=>"AGP000000000000000UTY",
|
27
|
+
# :arn=>"arn:aws:iam::640000000037:group/kd_test",
|
28
|
+
# :path=>"/",
|
29
|
+
# :group_name=>"kd_test"}
|
30
|
+
#
|
31
|
+
# iam.create_group('kd_test_3', '/kd/') #=>
|
32
|
+
# {:group_id=>"AGP000000000000000G6Q",
|
33
|
+
# :arn=>"arn:aws:iam::640000000037:group/kd/kd_test_3",
|
34
|
+
# :path=>"/kd/",
|
35
|
+
# :group_name=>"kd_test_3"}
|
36
|
+
#
|
37
|
+
def create_group(group_name, path=nil)
|
38
|
+
request_hash = { 'GroupName' => group_name }
|
39
|
+
request_hash['Path'] = path unless path.right_blank?
|
40
|
+
link = generate_request("CreateGroup", request_hash)
|
41
|
+
request_info(link, CreateGroupParser.new(:logger => @logger))
|
42
|
+
end
|
43
|
+
|
44
|
+
# Updates the name and/or the path of the specified group
|
45
|
+
#
|
46
|
+
# Options: :new_group_name, :new_path
|
47
|
+
#
|
48
|
+
# iam.update_group('kd_test', :new_group_name => 'kd_test_1', :new_path => '/kd1/') #=> true
|
49
|
+
#
|
50
|
+
def update_group(group_name, options={})
|
51
|
+
request_hash = { 'GroupName' => group_name}
|
52
|
+
request_hash['NewGroupName'] = options[:new_group_name] unless options[:new_group_name].right_blank?
|
53
|
+
request_hash['NewPath'] = options[:new_path] unless options[:new_path].right_blank?
|
54
|
+
link = generate_request("UpdateGroup", request_hash)
|
55
|
+
request_info(link, RightHttp2xxParser.new(:logger => @logger))
|
56
|
+
end
|
57
|
+
|
58
|
+
# Returns a list of Users that are in the specified group.
|
59
|
+
#
|
60
|
+
# Options: :max_items, :marker
|
61
|
+
#
|
62
|
+
# iam.get_group('kd_test') #=>
|
63
|
+
# {:arn=>"arn:aws:iam::640000000037:group/kd1/kd_test_1",
|
64
|
+
# :users=>
|
65
|
+
# [{:arn=>"arn:aws:iam::640000000037:user/kd",
|
66
|
+
# :path=>"/",
|
67
|
+
# :user_name=>"kd",
|
68
|
+
# :user_id=>"AID000000000000000WZ2"}],
|
69
|
+
# :group_name=>"kd_test_1",
|
70
|
+
# :group_id=>"AGP000000000000000UTY",
|
71
|
+
# :path=>"/kd1/"}
|
72
|
+
#
|
73
|
+
def get_group(group_name, options={}, &block)
|
74
|
+
options[:group_name] = group_name
|
75
|
+
incrementally_list_iam_resources('GetGroup', options, :items => :users, :except => [:marker, :is_truncated], &block)
|
76
|
+
end
|
77
|
+
|
78
|
+
# Deletes the specified group. The group must not contain any Users or have any attached policies.
|
79
|
+
#
|
80
|
+
# iam.delete_group('kd_test_3') #=> true
|
81
|
+
#
|
82
|
+
def delete_group(group_name)
|
83
|
+
request_hash = { 'GroupName' => group_name }
|
84
|
+
link = generate_request("DeleteGroup", request_hash)
|
85
|
+
request_info(link, RightHttp2xxParser.new(:logger => @logger))
|
86
|
+
end
|
87
|
+
|
88
|
+
#-----------------------------------------------------------------
|
89
|
+
# Group Policies
|
90
|
+
#-----------------------------------------------------------------
|
91
|
+
|
92
|
+
# Lists the names of the policies associated with the specified group.
|
93
|
+
#
|
94
|
+
# Options: :max_items, :marker
|
95
|
+
#
|
96
|
+
# iam.list_group_policies('kd_test') #=> ["kd_policy_1"]
|
97
|
+
#
|
98
|
+
def list_group_policies(group_name, options={}, &block)
|
99
|
+
options[:group_name] = group_name
|
100
|
+
incrementally_list_iam_resources('ListGroupPolicies', options, :parser => BasicIamListParser, &block)
|
101
|
+
end
|
102
|
+
|
103
|
+
# Adds (or updates) a policy document associated with the specified group.
|
104
|
+
#
|
105
|
+
# iam.put_group_policy('kd_test', 'kd_policy_1', %Q({"Statement":[{"Effect":"Allow","Action":"*","Resource":"*"}]})) #=> true
|
106
|
+
#
|
107
|
+
def put_group_policy(group_name, policy_name, policy_document)
|
108
|
+
request_hash = { 'GroupName' => group_name,
|
109
|
+
'PolicyDocument' => policy_document,
|
110
|
+
'PolicyName' => policy_name }
|
111
|
+
link = generate_request_impl(:post, "PutGroupPolicy", request_hash)
|
112
|
+
result = request_info(link, RightHttp2xxParser.new(:logger => @logger))
|
113
|
+
result[:policy_document] = URI::decode(result[:policy_document])
|
114
|
+
result
|
115
|
+
end
|
116
|
+
|
117
|
+
# Retrieves the specified policy document for the specified group.
|
118
|
+
#
|
119
|
+
# iam.get_group_policy('kd_test', 'kd_policy_1') #=>
|
120
|
+
# {:policy_name=>"kd_policy_1",
|
121
|
+
# :policy_document=>"{\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}]}",
|
122
|
+
# :group_name=>"kd_test"}
|
123
|
+
#
|
124
|
+
def get_group_policy(group_name, policy_name)
|
125
|
+
request_hash = { 'GroupName' => group_name,
|
126
|
+
'PolicyName' => policy_name }
|
127
|
+
link = generate_request("GetGroupPolicy", request_hash)
|
128
|
+
request_info(link, GetGroupPolicyParser.new(:logger => @logger))
|
129
|
+
end
|
130
|
+
|
131
|
+
# Deletes the specified policy that is associated with the specified group
|
132
|
+
#
|
133
|
+
# iam.delete_group_policy('kd_test', 'kd_policy_1') #=> true
|
134
|
+
#
|
135
|
+
def delete_group_policy(group_name, policy_name)
|
136
|
+
request_hash = { 'GroupName' => group_name,
|
137
|
+
'PolicyName' => policy_name }
|
138
|
+
link = generate_request("DeleteGroupPolicy", request_hash)
|
139
|
+
request_info(link, RightHttp2xxParser.new(:logger => @logger))
|
140
|
+
end
|
141
|
+
|
142
|
+
#-----------------------------------------------------------------
|
143
|
+
# PARSERS:
|
144
|
+
#-----------------------------------------------------------------
|
145
|
+
|
146
|
+
class ListGroupsParser < BasicIamListParser #:nodoc:
|
147
|
+
def reset
|
148
|
+
@expected_tags = %w{ Arn GroupId GroupName Path }
|
149
|
+
end
|
150
|
+
end
|
151
|
+
|
152
|
+
class CreateGroupParser < BasicIamParser #:nodoc:
|
153
|
+
def reset
|
154
|
+
@expected_tags = %w{ Arn GroupId GroupName Path }
|
155
|
+
end
|
156
|
+
end
|
157
|
+
|
158
|
+
class GetGroupParser < RightAWSParser #:nodoc:
|
159
|
+
def tagstart(name, attributes)
|
160
|
+
@item = {} if name == 'member'
|
161
|
+
end
|
162
|
+
def tagend(name)
|
163
|
+
case name
|
164
|
+
when 'Marker' then @result[:marker] = @text
|
165
|
+
when 'IsTruncated' then @result[:is_truncated] = @text == 'true'
|
166
|
+
|
167
|
+
when 'GroupName' then @result[:group_name] = @text
|
168
|
+
when 'GroupId' then @result[:group_id] = @text
|
169
|
+
when 'UserName' then @item[:user_name] = @text
|
170
|
+
when 'UserId' then @item[:user_id] = @text
|
171
|
+
when 'member' then @result[:users] << @item
|
172
|
+
else
|
173
|
+
case full_tag_name
|
174
|
+
when %r{/Group/Path$} then @result[:path] = @text
|
175
|
+
when %r{/Group/Arn$} then @result[:arn] = @text
|
176
|
+
when %r{/member/Path$} then @item[:path] = @text
|
177
|
+
when %r{/member/Arn$} then @item[:arn] = @text
|
178
|
+
end
|
179
|
+
end
|
180
|
+
end
|
181
|
+
def reset
|
182
|
+
@result = { :users => [] }
|
183
|
+
end
|
184
|
+
end
|
185
|
+
|
186
|
+
class GetGroupPolicyParser < BasicIamParser #:nodoc:
|
187
|
+
def reset
|
188
|
+
@expected_tags = %w{ GroupName PolicyDocument PolicyName }
|
189
|
+
end
|
190
|
+
end
|
191
|
+
|
192
|
+
end
|
193
|
+
|
194
|
+
end
|
195
|
+
|
@@ -0,0 +1,341 @@
|
|
1
|
+
#
|
2
|
+
# Copyright (c) 2007-2010 RightScale Inc
|
3
|
+
#
|
4
|
+
# Permission is hereby granted, free of charge, to any person obtaining
|
5
|
+
# a copy of this software and associated documentation files (the
|
6
|
+
# "Software"), to deal in the Software without restriction, including
|
7
|
+
# without limitation the rights to use, copy, modify, merge, publish,
|
8
|
+
# distribute, sublicense, and/or sell copies of the Software, and to
|
9
|
+
# permit persons to whom the Software is furnished to do so, subject to
|
10
|
+
# the following conditions:
|
11
|
+
#
|
12
|
+
# The above copyright notice and this permission notice shall be
|
13
|
+
# included in all copies or substantial portions of the Software.
|
14
|
+
#
|
15
|
+
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
16
|
+
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
17
|
+
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
18
|
+
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
19
|
+
# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
20
|
+
# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
21
|
+
# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
22
|
+
#
|
23
|
+
|
24
|
+
module RightAws
|
25
|
+
|
26
|
+
# = RightAWS::Iam -- RightScale AWS Identity and Access Management (IAM) interface
|
27
|
+
#
|
28
|
+
# The RightAws::Iam class provides a complete interface to Amazon's Identity and
|
29
|
+
# Access Management service.
|
30
|
+
#
|
31
|
+
# For explanations of the semantics of each call, please refer to Amazon's documentation at
|
32
|
+
# http://aws.amazon.com/documentation/iam/
|
33
|
+
#
|
34
|
+
# Examples:
|
35
|
+
#
|
36
|
+
# Create an EC2 interface handle:
|
37
|
+
#
|
38
|
+
# iam = RightAws::IamInterface.new(aws_access_key_id, aws_secret_access_key)
|
39
|
+
# iam.list_access_keys
|
40
|
+
# iam.list_users
|
41
|
+
# iam.list_groups
|
42
|
+
#
|
43
|
+
class IamInterface < RightAwsBase
|
44
|
+
include RightAwsBaseInterface
|
45
|
+
|
46
|
+
API_VERSION = "2010-05-08"
|
47
|
+
DEFAULT_HOST = "iam.amazonaws.com"
|
48
|
+
DEFAULT_PATH = '/'
|
49
|
+
DEFAULT_PROTOCOL = 'https'
|
50
|
+
DEFAULT_PORT = 443
|
51
|
+
|
52
|
+
@@bench = AwsBenchmarkingBlock.new
|
53
|
+
def self.bench_xml
|
54
|
+
@@bench.xml
|
55
|
+
end
|
56
|
+
def self.bench_service
|
57
|
+
@@bench.service
|
58
|
+
end
|
59
|
+
|
60
|
+
# Create a new handle to an IAM account. All handles share the same per process or per thread
|
61
|
+
# HTTP connection to Amazon IAM. Each handle is for a specific account. The params have the
|
62
|
+
# following options:
|
63
|
+
# * <tt>:endpoint_url</tt> a fully qualified url to Amazon API endpoint (this overwrites: :server, :port, :service, :protocol).
|
64
|
+
# * <tt>:server</tt>: IAM service host, default: DEFAULT_HOST
|
65
|
+
# * <tt>:port</tt>: IAM service port, default: DEFAULT_PORT
|
66
|
+
# * <tt>:protocol</tt>: 'http' or 'https', default: DEFAULT_PROTOCOL
|
67
|
+
# * <tt>:logger</tt>: for log messages, default: RAILS_DEFAULT_LOGGER else STDOUT
|
68
|
+
# * <tt>:signature_version</tt>: The signature version : '0','1' or '2'(default)
|
69
|
+
# * <tt>:cache</tt>: true/false(default): caching works for: describe_load_balancers
|
70
|
+
#
|
71
|
+
def initialize(aws_access_key_id=nil, aws_secret_access_key=nil, params={})
|
72
|
+
init({ :name => 'IAM',
|
73
|
+
:default_host => ENV['IAM_URL'] ? URI.parse(ENV['IAM_URL']).host : DEFAULT_HOST,
|
74
|
+
:default_port => ENV['IAM_URL'] ? URI.parse(ENV['IAM_URL']).port : DEFAULT_PORT,
|
75
|
+
:default_service => ENV['IAM_URL'] ? URI.parse(ENV['IAM_URL']).path : DEFAULT_PATH,
|
76
|
+
:default_protocol => ENV['IAM_URL'] ? URI.parse(ENV['IAM_URL']).scheme : DEFAULT_PROTOCOL,
|
77
|
+
:default_api_version => ENV['IAM_API_VERSION'] || API_VERSION },
|
78
|
+
aws_access_key_id || ENV['AWS_ACCESS_KEY_ID'] ,
|
79
|
+
aws_secret_access_key|| ENV['AWS_SECRET_ACCESS_KEY'],
|
80
|
+
params)
|
81
|
+
end
|
82
|
+
|
83
|
+
def generate_request(action, params={}) #:nodoc:
|
84
|
+
generate_request_impl(:get, action, params )
|
85
|
+
end
|
86
|
+
|
87
|
+
# Sends request to Amazon and parses the response
|
88
|
+
# Raises AwsError if any banana happened
|
89
|
+
def request_info(request, parser) #:nodoc:
|
90
|
+
request_info_impl(:iam_connection, @@bench, request, parser)
|
91
|
+
end
|
92
|
+
|
93
|
+
# Options: :parser, :except, :items
|
94
|
+
#
|
95
|
+
def incrementally_list_iam_resources(api_function, params={}, options={}, &block) #:nodoc:
|
96
|
+
items = options[:items] || :items
|
97
|
+
result = { items => [] }
|
98
|
+
parser = options[:parser] || "RightAws::IamInterface::#{api_function}Parser".right_constantize
|
99
|
+
request_hash = {}
|
100
|
+
params.each { |key,value| request_hash[key.to_s.right_camelize] = value unless value.right_blank? }
|
101
|
+
incrementally_list_items(api_function, parser, request_hash) do |response|
|
102
|
+
if result[items].right_blank?
|
103
|
+
result = response
|
104
|
+
else
|
105
|
+
result[items] += response[items]
|
106
|
+
end
|
107
|
+
block ? block.call(response) : true
|
108
|
+
end
|
109
|
+
if options[:except]
|
110
|
+
Array(options[:except]).each{ |key| result.delete(key)}
|
111
|
+
result
|
112
|
+
else
|
113
|
+
result[items]
|
114
|
+
end
|
115
|
+
end
|
116
|
+
|
117
|
+
#-----------------------------------------------------------------
|
118
|
+
# Server Certificates
|
119
|
+
#-----------------------------------------------------------------
|
120
|
+
|
121
|
+
# Lists the server certificates that have the specified path prefix. If none exist, the action returns an empty list.
|
122
|
+
#
|
123
|
+
# Options: :path_prefix, :max_items, :marker
|
124
|
+
#
|
125
|
+
# iam.list_server_certificates #=>
|
126
|
+
# {:server_certificate_id=>"ASCDJN5K5HRGS1N2UJWWU",
|
127
|
+
# :server_certificate_name=>"KdCert1",
|
128
|
+
# :upload_date=>"2010-12-09T13:21:07.226Z",
|
129
|
+
# :path=>"/kdcert/",
|
130
|
+
# :arn=>"arn:aws:iam::600000000007:server-certificate/kdcert/KdCert1"}
|
131
|
+
#
|
132
|
+
def list_server_certificates(options={}, &block)
|
133
|
+
incrementally_list_iam_resources('ListServerCertificates', options, &block)
|
134
|
+
end
|
135
|
+
|
136
|
+
# Uploads a server certificate entity for the AWS Account. The server certificate
|
137
|
+
# entity includes a public key certificate, a private key, and an optional certificate
|
138
|
+
# chain, which should all be PEM-encoded.
|
139
|
+
#
|
140
|
+
# Options: :certificate_chain, :path
|
141
|
+
#
|
142
|
+
# certificate_body =<<-EOB
|
143
|
+
# -----BEGIN CERTIFICATE-----
|
144
|
+
# MIICdzCCAeCgAwIBAgIGANc+Ha2wMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT
|
145
|
+
# AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT
|
146
|
+
# GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTAyMDQxNzE5MjdaFw0xMDAy
|
147
|
+
# AEaHzTpmEXAMPLE=
|
148
|
+
# EOB
|
149
|
+
#
|
150
|
+
# private_key =<<EOK
|
151
|
+
# -----BEGIN DSA PRIVATE KEY-----
|
152
|
+
# MIIBugIBTTKBgQD33xToSXPJ6hr37L3+KNi3/7DgywlBcvlFPPSHIw3ORuO/22mT
|
153
|
+
# 8Cy5fT89WwNvZ3BPKWU6OZ38TQv3eWjNc/3U3+oqVNG2poX5nCPOtO1b96HYX2mR
|
154
|
+
# 62TITdw53KWJEXAMPLE=
|
155
|
+
# EOK
|
156
|
+
#
|
157
|
+
# iam.upload_server_certificate('KdCert1', certificate_body, private_key, :path=>'/kdcert/') #=>
|
158
|
+
# {:server_certificate_id=>"ASCDJN5K5HRGS1N2UJWWU",
|
159
|
+
# :server_certificate_name=>"KdCert1",
|
160
|
+
# :upload_date=>"2010-12-09T13:21:07.226Z",
|
161
|
+
# :path=>"/kdcert/",
|
162
|
+
# :arn=>"arn:aws:iam::600000000007:server-certificate/kdcert/KdCert1"}
|
163
|
+
#
|
164
|
+
def upload_server_certificate(server_certificate_name, certificate_body, private_key, options={})
|
165
|
+
request_hash = { 'CertificateBody' => certificate_body,
|
166
|
+
'PrivateKey' => private_key,
|
167
|
+
'ServerCertificateName' => server_certificate_name }
|
168
|
+
request_hash['CertificateChain'] = options[:certificate_chain] unless options[:certificate_chain].right_blank?
|
169
|
+
request_hash['Path'] = options[:path] unless options[:path].right_blank?
|
170
|
+
link = generate_request_impl(:post, "UploadServerCertificate", request_hash)
|
171
|
+
request_info(link, GetServerCertificateParser.new(:logger => @logger))
|
172
|
+
end
|
173
|
+
|
174
|
+
# Updates the name and/or the path of the specified server certificate.
|
175
|
+
#
|
176
|
+
# Options: :new_server_certificate_name, :new_path
|
177
|
+
#
|
178
|
+
# iam.update_server_certificate('ProdServerCert', :new_server_certificate_name => 'OldServerCert') #=> true
|
179
|
+
#
|
180
|
+
def update_server_certificate(server_certificate_name, options={})
|
181
|
+
request_hash = { 'ServerCertificateName' => server_certificate_name}
|
182
|
+
request_hash['NewServerCertificateName'] = options[:new_server_certificate_name] unless options[:new_server_certificate_name].right_blank?
|
183
|
+
request_hash['NewPath'] = options[:new_path] unless options[:new_path].right_blank?
|
184
|
+
link = generate_request("UpdateServerCertificate", request_hash)
|
185
|
+
request_info(link, RightHttp2xxParser.new(:logger => @logger))
|
186
|
+
end
|
187
|
+
|
188
|
+
# Retrieves information about the specified server certificate.
|
189
|
+
#
|
190
|
+
# iam.get_server_certificate('KdCert1')
|
191
|
+
# {:certificate_body=>
|
192
|
+
# "-----BEGIN CERTIFICATE-----\nMIICATC...TiU5TibMpD1g==\n-----END CERTIFICATE-----",
|
193
|
+
# :server_certificate_id=>"ASCDJN5K5HRGS1N2UJWWU",
|
194
|
+
# :server_certificate_name=>"KdCert1",
|
195
|
+
# :upload_date=>"2010-12-09T13:21:07Z",
|
196
|
+
# :path=>"/kdcert/",
|
197
|
+
# :certificate_chain=>"",
|
198
|
+
# :arn=>"arn:aws:iam::600000000007:server-certificate/kdcert/KdCert1"}
|
199
|
+
#
|
200
|
+
def get_server_certificate(server_certificate_name)
|
201
|
+
request_hash = { 'ServerCertificateName' => server_certificate_name}
|
202
|
+
link = generate_request("GetServerCertificate", request_hash)
|
203
|
+
request_info(link, GetServerCertificateParser.new(:logger => @logger))
|
204
|
+
end
|
205
|
+
|
206
|
+
# Deletes the specified server certificate
|
207
|
+
#
|
208
|
+
# iam.delete_server_certificate('ProdServerCert') #=> true
|
209
|
+
#
|
210
|
+
def delete_server_certificate(server_certificate_name)
|
211
|
+
request_hash = { 'ServerCertificateName' => server_certificate_name }
|
212
|
+
link = generate_request("DeleteServerCertificate", request_hash)
|
213
|
+
request_info(link, RightHttp2xxParser.new(:logger => @logger))
|
214
|
+
end
|
215
|
+
|
216
|
+
#-----------------------------------------------------------------
|
217
|
+
# Signing Certificates
|
218
|
+
#-----------------------------------------------------------------
|
219
|
+
|
220
|
+
# Returns information about the signing certificates associated with the specified User.
|
221
|
+
#
|
222
|
+
# Options: :user_name, :max_items, :marker
|
223
|
+
#
|
224
|
+
# iam.list_signing_certificates #=>
|
225
|
+
# [{:upload_date => "2007-08-11T06:48:35Z",
|
226
|
+
# :status => "Active",
|
227
|
+
# :certificate_id => "00000000000000000000000000000000",
|
228
|
+
# :certificate_body => "-----BEGIN CERTIFICATE-----\nMIICd...PPHQ=\n-----END CERTIFICATE-----\n"}]
|
229
|
+
#
|
230
|
+
def list_signing_certificates(options={}, &block)
|
231
|
+
incrementally_list_iam_resources('ListSigningCertificates', options, &block)
|
232
|
+
end
|
233
|
+
|
234
|
+
# Uploads an X.509 signing certificate and associates it with the specified User.
|
235
|
+
#
|
236
|
+
# Options: :user_name
|
237
|
+
#
|
238
|
+
# certificate_body =<<-EOB
|
239
|
+
# -----BEGIN CERTIFICATE-----
|
240
|
+
# MIICdzCCAeCgAwIBAgIGANc+Ha2wMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT
|
241
|
+
# AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT
|
242
|
+
# GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTAyMDQxNzE5MjdaFw0xMDAy
|
243
|
+
# AEaHzTpmEXAMPLE=
|
244
|
+
# EOB
|
245
|
+
#
|
246
|
+
# iam.upload_signing_certificate(certificate_body, :user_name => 'kd1') #=>
|
247
|
+
# {:user_name => "kd1",
|
248
|
+
# :certificate_id => "OBG00000000000000000000000000DHY",
|
249
|
+
# :status => "Active",
|
250
|
+
# :certificate_body => "-----BEGIN CERTIFICATE-----\nMII...5GS\n-----END CERTIFICATE-----\n",
|
251
|
+
# :upload_date => "2010-10-29T10:02:05.929Z"}
|
252
|
+
#
|
253
|
+
def upload_signing_certificate(certificate_body, options={})
|
254
|
+
request_hash = { 'CertificateBody' => certificate_body }
|
255
|
+
request_hash['UserName'] = options[:user_name] unless options[:user_name].right_blank?
|
256
|
+
link = generate_request_impl(:post, "UploadSigningCertificate", request_hash)
|
257
|
+
request_info(link, GetSigningCertificateParser.new(:logger => @logger))
|
258
|
+
end
|
259
|
+
|
260
|
+
# Deletes the specified signing certificate associated with the specified User.
|
261
|
+
#
|
262
|
+
# Options: :user_name
|
263
|
+
#
|
264
|
+
# pp iam.delete_signing_certificate('OB0000000000000000000000000000HY', :user_name => 'kd1')
|
265
|
+
#
|
266
|
+
def delete_signing_certificate(certificate_id, options={})
|
267
|
+
request_hash = { 'CertificateId' => certificate_id }
|
268
|
+
request_hash['UserName'] = options[:user_name] unless options[:user_name].right_blank?
|
269
|
+
link = generate_request("DeleteSigningCertificate", request_hash)
|
270
|
+
request_info(link, RightHttp2xxParser.new(:logger => @logger))
|
271
|
+
end
|
272
|
+
|
273
|
+
#-----------------------------------------------------------------
|
274
|
+
# PARSERS:
|
275
|
+
#-----------------------------------------------------------------
|
276
|
+
|
277
|
+
class BasicIamParser < RightAWSParser #:nodoc:
|
278
|
+
def tagstart(name, attributes)
|
279
|
+
@result ||= {}
|
280
|
+
end
|
281
|
+
def tagend(name)
|
282
|
+
if Array(@expected_tags).include?(name)
|
283
|
+
@result[name.right_underscore.to_sym] = @text
|
284
|
+
end
|
285
|
+
end
|
286
|
+
end
|
287
|
+
|
288
|
+
class BasicIamListParser < RightAWSParser #:nodoc:
|
289
|
+
def tagstart(name, attributes)
|
290
|
+
@result ||= { :items => [] }
|
291
|
+
@item = {} if name == (@items_splitter || 'member')
|
292
|
+
end
|
293
|
+
def tagend(name)
|
294
|
+
case name
|
295
|
+
when 'Marker' then @result[:marker] = @text
|
296
|
+
when 'IsTruncated' then @result[:is_truncated] = @text == 'true'
|
297
|
+
when (@items_splitter || 'member')
|
298
|
+
@result[:items] << (@item.right_blank? ? @text : @item)
|
299
|
+
else
|
300
|
+
if Array(@expected_tags).include?(name)
|
301
|
+
@item[name.right_underscore.to_sym] = @text
|
302
|
+
end
|
303
|
+
end
|
304
|
+
end
|
305
|
+
end
|
306
|
+
|
307
|
+
#-----------------------------------------------------------------
|
308
|
+
# Server Certificates
|
309
|
+
#-----------------------------------------------------------------
|
310
|
+
|
311
|
+
class GetServerCertificateParser < BasicIamParser #:nodoc:
|
312
|
+
def reset
|
313
|
+
@expected_tags = %w{ Arn Path ServerCertificateId ServerCertificateName UploadDate CertificateBody CertificateChain }
|
314
|
+
end
|
315
|
+
end
|
316
|
+
|
317
|
+
class ListServerCertificatesParser < BasicIamListParser #:nodoc:
|
318
|
+
def reset
|
319
|
+
@expected_tags = %w{ Arn Path ServerCertificateId ServerCertificateName UploadDate }
|
320
|
+
end
|
321
|
+
end
|
322
|
+
|
323
|
+
#-----------------------------------------------------------------
|
324
|
+
# Signing Certificates
|
325
|
+
#-----------------------------------------------------------------
|
326
|
+
|
327
|
+
class ListSigningCertificatesParser < BasicIamListParser #:nodoc:
|
328
|
+
def reset
|
329
|
+
@expected_tags = %w{ CertificateBody CertificateId Status UploadDate UserName }
|
330
|
+
end
|
331
|
+
end
|
332
|
+
|
333
|
+
class GetSigningCertificateParser < BasicIamParser #:nodoc:
|
334
|
+
def reset
|
335
|
+
@expected_tags = %w{ CertificateBody CertificateId Status UploadDate UserName }
|
336
|
+
end
|
337
|
+
end
|
338
|
+
|
339
|
+
end
|
340
|
+
|
341
|
+
end
|