RubyGems - awspec - Versions diffs - 1.15.2 → 1.15.3 - Mend

awspec 1.15.2 → 1.15.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +5 -5
data/doc/_resource_types/iam_group.md +9 -1
data/doc/_resource_types/iam_role.md +8 -0
data/doc/_resource_types/iam_user.md +8 -0
data/doc/resource_types.md +59 -0
data/lib/awspec/helper/finder/s3.rb +1 -2
data/lib/awspec/type/iam_group.rb +9 -0
data/lib/awspec/type/iam_role.rb +9 -0
data/lib/awspec/type/iam_user.rb +9 -0
data/lib/awspec/version.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
-SHA256:
-  metadata.gz: 286caeeb79c08042ba020a6266bbbf879dda76df25c59673502bb6e7b274c7d9
-  data.tar.gz: 45c43c72c18b243bb504d94e524510b2bb29a9595dcc2120356b48633ed3d0fd
+SHA1:
+  metadata.gz: ca755a39c613bc48b0ccc9e5dba01cc0c727f7df
+  data.tar.gz: 894571bf21f40ba2c635f0667cfee61f39792a40
 SHA512:
-  metadata.gz: 328f23daea68ba72d74de30518fb246fe355f275e299860863010850ac2847b7b270317de971cd230c7e74665f999e4863ba4abafd736e2618c55e16fc56c6f7
-  data.tar.gz: 38a223660281278ebfae75e77f377e5a6ef3884da5e04364de711a4271a4f5a27159877f48cdbf518a5ee0d59ab3247308d0d49d0cad36be8870822df6368967
+  metadata.gz: 2731087c9c0b93a7f12f19dce2c06a86beb38cef1f685541c5f0f6f69201916823796199f8baa24175716c6ad772bc0698bde18f502cc201c9f416c195f59396
+  data.tar.gz: 26a1b770cfa85ddf827cfbbe9f0cf1e63c37dcbec3e14ac7f573ef1e3a7ae7e4734cd0e0b548f529229be168d85f966b4d56a2a799ece93cad7ea1db7615bf6d

data/doc/_resource_types/iam_group.md CHANGED

@@ -31,7 +31,7 @@ describe iam_group('my-iam-group') do
 end
 ```
-### have_inline_group
+### have_inline_policy
 ```ruby
 describe iam_group('my-iam-group') do
@@ -67,6 +67,14 @@ DOC
 end
 ```
+You can test absence of inline policies.
+```ruby
+describe iam_group('my-iam-group') do
+  it { should_not have_inline_policy }
+end
+```
 ### advanced
 `iam_group` can use `Aws::IAM::Group` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/IAM/Group.html).

data/doc/_resource_types/iam_role.md CHANGED

@@ -51,6 +51,14 @@ DOC
 end
 ```
+You can test absence of inline policies.
+```ruby
+describe iam_role('my-iam-role') do
+  it { should_not have_inline_policy }
+end
+```
 ### advanced
 `iam_role` can use `Aws::IAM::Role` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/IAM/Role.html).

data/doc/_resource_types/iam_user.md CHANGED

@@ -51,6 +51,14 @@ DOC
 end
 ```
+You can test absence of inline policies.
+```ruby
+describe iam_user('my-iam-user') do
+  it { should_not have_inline_policy }
+end
+```
 ### belong_to_iam_group
 ```ruby

data/doc/resource_types.md CHANGED

@@ -1670,6 +1670,49 @@ end
 ### have_inline_policy
+```ruby
+describe iam_group('my-iam-group') do
+  it { should have_inline_policy('InlineEC2FullAccess') }
+  it do
+    should have_inline_policy('InlineEC2FullAccess').policy_document(<<-'DOC')
+{
+  "Statement": [
+    {
+      "Action": "ec2:*",
+      "Effect": "Allow",
+      "Resource": "*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": "elasticloadbalancing:*",
+      "Resource": "*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": "cloudwatch:*",
+      "Resource": "*"
+    },
+    {
+      "Effect": "Allow",
+      "Action": "autoscaling:*",
+      "Resource": "*"
+    }
+  ]
+}
+DOC
+  end
+end
+```
+You can test absence of inline policies.
+```ruby
+describe iam_group('my-iam-group') do
+  it { should_not have_inline_policy }
+end
+```
 ### its(:path), its(:group_name), its(:group_id), its(:arn), its(:create_date)
 ### :unlock: Advanced use
@@ -1798,6 +1841,14 @@ DOC
 end
 ```
+You can test absence of inline policies.
+```ruby
+describe iam_role('my-iam-role') do
+  it { should_not have_inline_policy }
+end
+```
 ### its(:path), its(:role_name), its(:role_id), its(:arn), its(:create_date), its(:assume_role_policy_document), its(:description), its(:max_session_duration), its(:permissions_boundary), its(:tags)
 ### :unlock: Advanced use
@@ -1878,6 +1929,14 @@ DOC
 end
 ```
+You can test absence of inline policies.
+```ruby
+describe iam_user('my-iam-user') do
+  it { should_not have_inline_policy }
+end
+```
 ### belong_to_iam_group

data/lib/awspec/helper/finder/s3.rb CHANGED

@@ -2,8 +2,7 @@ module Awspec::Helper
   module Finder
     module S3
       def find_bucket(id)
-        res = s3_client.list_buckets
-        ret = s3_client.list_buckets[:buckets].find do |bucket|
+        s3_client.list_buckets[:buckets].find do |bucket|
           bucket.name == id
         end
       end

data/lib/awspec/type/iam_group.rb CHANGED

@@ -28,6 +28,8 @@ module Awspec::Type
     end
     def has_inline_policy?(policy_name, document = nil)
+      return has_any_inline_policies? unless policy_name
       res = iam_client.get_group_policy({
                                           group_name: id,
                                           policy_name: policy_name
@@ -35,5 +37,12 @@ module Awspec::Type
       return JSON.parse(URI.decode(res.policy_document)) == JSON.parse(document) if document
       res
     end
+    private
+    def has_any_inline_policies?
+      res = iam_client.list_group_policies(group_name: id)
+      !res.policy_names.empty?
+    end
   end
 end

data/lib/awspec/type/iam_role.rb CHANGED

@@ -18,6 +18,8 @@ module Awspec::Type
     end
     def has_inline_policy?(policy_name, document = nil)
+      return has_any_inline_policies? unless policy_name
       res = iam_client.get_role_policy({
                                          role_name: resource_via_client.role_name,
                                          policy_name: policy_name
@@ -25,5 +27,12 @@ module Awspec::Type
       return JSON.parse(URI.decode(res.policy_document)) == JSON.parse(document) if document
       res
     end
+    private
+    def has_any_inline_policies?
+      res = iam_client.list_role_policies(role_name: resource_via_client.role_name)
+      !res.policy_names.empty?
+    end
   end
 end

data/lib/awspec/type/iam_user.rb CHANGED

@@ -18,6 +18,8 @@ module Awspec::Type
     end
     def has_inline_policy?(policy_name, document = nil)
+      return has_any_inline_policies? unless policy_name
       res = iam_client.get_user_policy({
                                          user_name: resource_via_client.user_name,
                                          policy_name: policy_name
@@ -25,5 +27,12 @@ module Awspec::Type
       return JSON.parse(URI.decode(res.policy_document)) == JSON.parse(document) if document
       res
     end
+    private
+    def has_any_inline_policies?
+      res = iam_client.list_user_policies(user_name: resource_via_client.user_name)
+      !res.policy_names.empty?
+    end
   end
 end

data/lib/awspec/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Awspec
-  VERSION = '1.15.2'
+  VERSION = '1.15.3'
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awspec
 version: !ruby/object:Gem::Version
-  version: 1.15.2
+  version: 1.15.3
 platform: ruby
 authors:
 - k1LoW
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2019-02-14 00:00:00.000000000 Z
+date: 2019-02-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -706,7 +706,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.7.6
+rubygems_version: 2.6.14
 signing_key:
 specification_version: 4
 summary: RSpec tests for your AWS resources.