awful 0.0.148 → 0.0.149

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d420f25ad52c2ef47831260ad3877200ce63db51
-  data.tar.gz: 5cb75305af243c48deb0fe2883345a77759063a6
+  metadata.gz: 0e57d00ae8d82a5f9567358f877adfe11f42c2b2
+  data.tar.gz: 709fade131b43199128f2f0983a46860344bfcce
 SHA512:
-  metadata.gz: 7026740cf81eff9e4cc493b37d18d0ef50b673c3a6f1016bf3d126f7c7e9ddd767cf67ae9e7572ee2bbf624066ec876176e8ca8749e9d58c625e1a2a11edb7da
-  data.tar.gz: 0df95ff8ef59e626b459b854f3482fbf93b5fb8f48db16e55eeb91ed6ba8aba00cdfa752f8bd7a46a683639146f8158bfc5a9869f50b61e10e640a484aa88709
+  metadata.gz: 93972b5343ab4e2ef2201f6b0ffa1b78627ca0f139d532e7fa4a0646299e003f30a127deb340d305c3c2525769c1d5ef07502d36475ccc1b9022597c024be186
+  data.tar.gz: 73fdb3e8539f4c76ab8e3b926da72bad42a50f94a055286f63bcb401864bbc53994cad0ab03c6df55f4b55916061499ba31d7ffddee30a03465ef40d5309a111

data/bin/kms

@@ -0,0 +1,7 @@
+#!/usr/bin/ruby
+#-*- mode: ruby; -*-
+
+require 'awful'
+require 'awful/kms'
+
+Awful::Kms.start(ARGV)

data/lib/awful/kms.rb

@@ -0,0 +1,96 @@
+module Awful
+  module Short
+    def kms(*args)
+      Awful::Kms.new.invoke(*args)
+    end
+  end
+
+  class Kms < Cli
+    COLORS = {
+      Enabled:         :green,
+      PendingDeletion: :red,
+    }
+
+    no_commands do
+      def kms
+        @_kms ||= Aws::KMS::Client.new
+      end
+
+      def color(string)
+        set_color(string, COLORS.fetch(string.to_sym, :yellow))
+      end
+
+      def paginate(thing)
+        next_marker = nil
+        things = []
+        loop do
+          response = yield(next_marker)
+          things += response.send(thing)
+          next_marker = response.next_marker
+          break unless next_marker
+        end
+        things
+      end
+
+      def aliases
+        paginate(:aliases) do |marker|
+          kms.list_aliases(marker: marker)
+        end
+      end
+
+      def aliases_hash
+        @_aliases_hash ||= aliases.each_with_object({}) do |a, h|
+          h[a.target_key_id] = a.alias_name.gsub(/^alias\//, '')
+        end
+      end
+
+      ## return target id for alias
+      def alias_by_name(name)
+        aliases.find do |a|
+          a.alias_name == "alias/#{name}"
+        end.target_key_id
+      end
+
+      def is_uuid?(id)
+        id.match(/^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$/i)
+      end
+
+      def id_or_alias(id)
+        is_uuid?(id) ? id : alias_by_name(id)
+      end
+    end
+
+    desc 'ls', 'list keys'
+    method_option :long, aliases: '-l', type: :boolean, default: false, desc: 'long listing'
+    def ls
+      paginate(:keys) do |marker|
+        kms.list_keys(marker: marker)
+      end.output do |keys|
+        if options[:long]
+          print_table keys.map { |k|
+            key = kms.describe_key(key_id: k.key_id).key_metadata
+            [ aliases_hash.fetch(k.key_id, '-'), k.key_id, color(key.key_state), key.creation_date ]
+          }.sort
+        else
+          puts keys.map(&:key_id)
+        end
+      end
+    end
+
+    desc 'get ID', 'describe KMS key with ID'
+    def get(id)
+      kms.describe_key(key_id: id_or_alias(id)).key_metadata.output do |key|
+        puts YAML.dump(stringify_keys(key.to_hash))
+      end
+    end
+
+    desc 'policy ID', 'get key policy'
+    method_option :name, aliases: '-n', type: :string, default: :default, desc: 'policy name'
+    def policy(id)
+      kms.get_key_policy(key_id: id_or_alias(id), policy_name: options[:name]).policy.output do |policy|
+        puts policy
+      end
+    end
+
+  end
+end

data/lib/awful/s3.rb

@@ -102,12 +102,29 @@ module Awful
       end
     end
 
+    ## deprecated in favour of put below
     desc 'upload FILE BUCKET/OBJECT', 'upload FILE to given object'
     def upload(file, s3path)
       bucket, key = s3path.split('/', 2)
       s3_resource.bucket(bucket).object(key).upload_file(file)
     end
 
+    ## this is the new version of upload
+    desc 'put BUCKET/OBJECT [FILE]', 'put object in bucket from file/stdin/string'
+    method_option :string, aliases: '-s', type: :string, default: nil, desc: 'send string instead of reading a file'
+    method_option :kms,    aliases: '-k', type: :string, default: nil, desc: 'KMS key ID for encryption'
+    def put(s3path, filename = nil)
+      bucket, key = s3path.split('/', 2)
+      body = options.fetch('string', file_or_stdin(filename))
+      s3.put_object(
+        bucket: bucket,
+        key: key,
+        body: body,
+        server_side_encryption: options[:kms] ? 'aws:kms' : nil,
+        ssekms_key_id: options[:kms],
+      )
+    end
+
     desc 'remove_bucket NAME', 'delete a bucket, which must be empty'
     def remove_bucket(name)
       if yes? "Really delete bucket #{name}?", :yellow

data/lib/awful/version.rb

@@ -1,3 +1,3 @@
 module Awful
-  VERSION = '0.0.148'
+  VERSION = '0.0.149'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awful
 version: !ruby/object:Gem::Version
-  version: 0.0.148
+  version: 0.0.149
 platform: ruby
 authors:
 - Ric Lister
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-10-18 00:00:00.000000000 Z
+date: 2016-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -102,6 +102,7 @@ executables:
 - elasticache
 - elb
 - iam
+- kms
 - lambda
 - lc
 - r53
@@ -143,6 +144,7 @@ files:
 - bin/elasticache
 - bin/elb
 - bin/iam
+- bin/kms
 - bin/lambda
 - bin/lc
 - bin/r53
@@ -182,6 +184,7 @@ files:
 - lib/awful/elasticache.rb
 - lib/awful/elb.rb
 - lib/awful/iam.rb
+- lib/awful/kms.rb
 - lib/awful/lambda.rb
 - lib/awful/lambda_events.rb
 - lib/awful/launch_config.rb