awspec 1.18.4 → 1.19.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8620c43be44ef78d4639f850333575db607268b9215a7d237437650430dc33d4
-  data.tar.gz: 3b456a4446cefbfc87e0f3e5fb01e0fb622d1f3251ef671462c50362e395aff8
+  metadata.gz: 0cb0f518cbb9a6fd1719a6ab94547039f8ce88140d1a3536f47813f2c1de866a
+  data.tar.gz: 7ac384fb88ba40da139ba7ff562b17b93c2000a89dada4011ad9a3eeda64976a
 SHA512:
-  metadata.gz: 37dee8d4d020de491b58a5692fcbe0e57fcb20e06387a3ce87dbe7a49cd7402bf5f40331bdff30edc4a43f12b40a1f03d67ca7c6479adfe9829e007acc17c846
-  data.tar.gz: c65aaa6acbdb108164cc56de46b5d0ff0f5fecf73f398b7f3c865c04037e3de18f9fe8d7c6497e63396dfef2fbd4071789bf964d4802f56ebce3a0241c3ff8e4
+  metadata.gz: 027a2d063404ce032e2257d01e520a142152e81c33118d69a8a1a2f8defc9667b50f45362bc9051ef6e08594f47d4d9cc2fcafb64b508ce9e023bbd01a61701f
+  data.tar.gz: ad59add2cf039e0e2371b96899106f970c1d0a64ef3a0aca81f54af7f9fa9c5253563cad3772e1579f88837fe227ce34fe5de1cc23c3eba48f4eec8f56d080f8

data/awspec.gemspec

@@ -29,6 +29,7 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency 'rspec-its'
   spec.add_runtime_dependency 'term-ansicolor'
   spec.add_runtime_dependency 'thor'
+  spec.add_runtime_dependency 'addressable'
   spec.add_development_dependency 'bundler', '>= 1.9', '< 3.0'
   spec.add_development_dependency 'octorelease'
   spec.add_development_dependency 'pry'

data/doc/resource_types.md

@@ -198,7 +198,7 @@ describe alb_listener('arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:li
 end
 ```
 
-### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy)
+### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy), its(:alpn_policy)
 ## <a name="alb_target_group">alb_target_group</a>
 
 AlbTargetGroup resource type.
@@ -267,7 +267,7 @@ end
 
 ### have_tag
 
-### its(:architecture), its(:creation_date), its(:image_id), its(:image_location), its(:image_type), its(:public), its(:kernel_id), its(:owner_id), its(:platform), its(:ramdisk_id), its(:state), its(:description), its(:ena_support), its(:hypervisor), its(:image_owner_alias), its(:name), its(:root_device_name), its(:root_device_type), its(:sriov_net_support), its(:state_reason), its(:virtualization_type)
+### its(:architecture), its(:creation_date), its(:image_id), its(:image_location), its(:image_type), its(:public), its(:kernel_id), its(:owner_id), its(:platform), its(:platform_details), its(:usage_operation), its(:ramdisk_id), its(:state), its(:description), its(:ena_support), its(:hypervisor), its(:image_owner_alias), its(:name), its(:root_device_name), its(:root_device_type), its(:sriov_net_support), its(:state_reason), its(:virtualization_type)
 ### :unlock: Advanced use
 
 `ami` can use `Aws::EC2::Image` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Image.html).
@@ -284,6 +284,14 @@ describe apigateway('my-apigateway') do
 end
 ```
 
+### have_integration_method
+
+### have_integration_path
+
+### have_method
+
+### have_path
+
 ### its(:id), its(:name), its(:description), its(:created_date), its(:version), its(:warnings), its(:binary_media_types), its(:minimum_compression_size), its(:api_key_source), its(:policy), its(:tags)
 ## <a name="autoscaling_group">autoscaling_group</a>
 
@@ -894,7 +902,7 @@ end
 ```
 
 
-### its(:availability_zone), its(:create_time), its(:encrypted), its(:kms_key_id), its(:outpost_arn), its(:size), its(:snapshot_id), its(:state), its(:volume_id), its(:iops), its(:volume_type), its(:fast_restored)
+### its(:availability_zone), its(:create_time), its(:encrypted), its(:kms_key_id), its(:outpost_arn), its(:size), its(:snapshot_id), its(:state), its(:volume_id), its(:iops), its(:volume_type), its(:fast_restored), its(:multi_attach_enabled)
 ### :unlock: Advanced use
 
 `ebs` can use `Aws::EC2::Volume` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Volume.html).
@@ -1319,7 +1327,7 @@ describe eks('my-eks') do
 end
 ```
 
-### its(:name), its(:arn), its(:created_at), its(:version), its(:endpoint), its(:role_arn), its(:logging), its(:identity), its(:status), its(:client_request_token), its(:platform_version), its(:tags)
+### its(:name), its(:arn), its(:created_at), its(:version), its(:endpoint), its(:role_arn), its(:logging), its(:identity), its(:status), its(:client_request_token), its(:platform_version), its(:tags), its(:encryption_config)
 ## <a name="elasticache">elasticache</a>
 
 Elasticache resource type.
@@ -1388,7 +1396,7 @@ describe elasticache('my-rep-group-001') do
 end
 ```
 
-### its(:cache_cluster_id), its(:configuration_endpoint), its(:client_download_landing_page), its(:cache_node_type), its(:engine), its(:engine_version), its(:cache_cluster_status), its(:num_cache_nodes), its(:preferred_availability_zone), its(:cache_cluster_create_time), its(:preferred_maintenance_window), its(:notification_configuration), its(:cache_security_groups), its(:cache_subnet_group_name), its(:cache_nodes), its(:auto_minor_version_upgrade), its(:replication_group_id), its(:snapshot_retention_limit), its(:snapshot_window), its(:auth_token_enabled), its(:auth_token_last_modified_date), its(:transit_encryption_enabled), its(:at_rest_encryption_enabled)
+### its(:cache_cluster_id), its(:configuration_endpoint), its(:client_download_landing_page), its(:cache_node_type), its(:engine), its(:engine_version), its(:cache_cluster_status), its(:num_cache_nodes), its(:preferred_availability_zone), its(:cache_cluster_create_time), its(:preferred_maintenance_window), its(:notification_configuration), its(:cache_security_groups), its(:cache_subnet_group_name), its(:cache_nodes), its(:auto_minor_version_upgrade), its(:replication_group_id), its(:snapshot_retention_limit), its(:snapshot_window), its(:auth_token_enabled), its(:auth_token_last_modified_date), its(:transit_encryption_enabled), its(:at_rest_encryption_enabled), its(:arn)
 ## <a name="elasticache_cache_parameter_group">elasticache_cache_parameter_group</a>
 
 ElasticacheCacheParameterGroup resource type.
@@ -1467,7 +1475,7 @@ end
 ```
 
 
-### its(:domain_id), its(:domain_name), its(:arn), its(:created), its(:deleted), its(:endpoint), its(:endpoints), its(:processing), its(:upgrade_processing), its(:elasticsearch_version), its(:access_policies), its(:snapshot_options), its(:vpc_options), its(:cognito_options), its(:encryption_at_rest_options), its(:node_to_node_encryption_options), its(:advanced_options), its(:log_publishing_options), its(:service_software_options), its(:domain_endpoint_options)
+### its(:domain_id), its(:domain_name), its(:arn), its(:created), its(:deleted), its(:endpoint), its(:endpoints), its(:processing), its(:upgrade_processing), its(:elasticsearch_version), its(:access_policies), its(:snapshot_options), its(:vpc_options), its(:cognito_options), its(:encryption_at_rest_options), its(:node_to_node_encryption_options), its(:advanced_options), its(:log_publishing_options), its(:service_software_options), its(:domain_endpoint_options), its(:advanced_security_options)
 ## <a name="elastictranscoder_pipeline">elastictranscoder_pipeline</a>
 
 ElastictranscoderPipeline resource type.
@@ -1612,7 +1620,7 @@ describe emr('my-emr') do
 end
 ```
 
-### its(:id), its(:name), its(:instance_collection_type), its(:log_uri), its(:requested_ami_version), its(:running_ami_version), its(:release_label), its(:auto_terminate), its(:termination_protected), its(:visible_to_all_users), its(:service_role), its(:normalized_instance_hours), its(:master_public_dns_name), its(:configurations), its(:security_configuration), its(:auto_scaling_role), its(:scale_down_behavior), its(:custom_ami_id), its(:ebs_root_volume_size), its(:repo_upgrade_on_boot), its(:cluster_arn), its(:step_concurrency_level), its(:outpost_arn)
+### its(:id), its(:name), its(:instance_collection_type), its(:log_uri), its(:log_encryption_kms_key_id), its(:requested_ami_version), its(:running_ami_version), its(:release_label), its(:auto_terminate), its(:termination_protected), its(:visible_to_all_users), its(:service_role), its(:normalized_instance_hours), its(:master_public_dns_name), its(:configurations), its(:security_configuration), its(:auto_scaling_role), its(:scale_down_behavior), its(:custom_ami_id), its(:ebs_root_volume_size), its(:repo_upgrade_on_boot), its(:cluster_arn), its(:outpost_arn), its(:step_concurrency_level)
 ## <a name="firehose">firehose</a>
 
 Firehose resource type.
@@ -2583,7 +2591,7 @@ describe nlb_listener('arn:aws:elasticloadbalancing:ap-northeast-1:1234567890:li
 end
 ```
 
-### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy)
+### its(:listener_arn), its(:load_balancer_arn), its(:port), its(:protocol), its(:certificates), its(:ssl_policy), its(:alpn_policy)
 ## <a name="nlb_target_group">nlb_target_group</a>
 
 NlbTargetGroup resource type.
@@ -3192,6 +3200,10 @@ end
 
 ### be_outbound_opened_only
 
+### have_inbound_rule
+
+### have_outbound_rule
+
 ### have_tag
 
 ```ruby
@@ -3381,7 +3393,7 @@ end
 ```
 
 
-### its(:name), its(:type), its(:key_id), its(:last_modified_date), its(:last_modified_user), its(:description), its(:allowed_pattern), its(:version), its(:tier), its(:policies)
+### its(:name), its(:type), its(:key_id), its(:last_modified_date), its(:last_modified_user), its(:description), its(:allowed_pattern), its(:version), its(:tier), its(:policies), its(:data_type)
 ### :unlock: Advanced use
 
 ```ruby
@@ -3425,7 +3437,7 @@ end
 ```
 
 
-### its(:availability_zone), its(:availability_zone_id), its(:available_ip_address_count), its(:cidr_block), its(:default_for_az), its(:map_public_ip_on_launch), its(:state), its(:subnet_id), its(:vpc_id), its(:owner_id), its(:assign_ipv_6_address_on_creation), its(:ipv_6_cidr_block_association_set), its(:subnet_arn), its(:outpost_arn)
+### its(:availability_zone), its(:availability_zone_id), its(:available_ip_address_count), its(:cidr_block), its(:default_for_az), its(:map_public_ip_on_launch), its(:map_customer_owned_ip_on_launch), its(:customer_owned_ipv_4_pool), its(:state), its(:subnet_id), its(:vpc_id), its(:owner_id), its(:assign_ipv_6_address_on_creation), its(:ipv_6_cidr_block_association_set), its(:subnet_arn), its(:outpost_arn)
 ### :unlock: Advanced use
 
 `subnet` can use `Aws::EC2::Subnet` resource (see http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Subnet.html).

data/lib/awspec/helper/client_wrap.rb

@@ -2,7 +2,7 @@ require 'awspec/config'
 
 module Awspec::Helper
   class ClientWrap
-    attr_reader :client, :backoff, :iteration, :backoff_limit, :symbol
+    attr_reader :client, :backoff, :iteration, :backoff_limit, :symbol1, :symbol2
     def initialize(real_client = nil)
       raise ArgumentError, 'Client can not be nil' if real_client.nil?
       config = Awspec::Config.instance
@@ -14,7 +14,8 @@ module Awspec::Helper
       @backoff_limit = config[:client_backoff_limit]
       # build the symbol we'll use to compare to any errors caught in method_missing
       # below.
-      @symbol = real_client.class.to_s.split('::').shift(2).push('Errors', 'RequestLimitExceeded').join('::').to_sym
+      @symbol1 = real_client.class.to_s.split('::').shift(2).push('Errors', 'RequestLimitExceeded').join('::').to_sym
+      @symbol2 = real_client.class.to_s.split('::').shift(2).push('Errors', 'Throttling').join('::').to_sym
     end
 
     protected
@@ -28,7 +29,7 @@ module Awspec::Helper
       begin
         results = client.send(m, *args, &block)
       rescue Exception => e # rubocop:disable Lint/RescueException
-        raise unless e.class.to_s == symbol.to_s && backoff < backoff_limit
+        raise unless (e.class.to_s == symbol1.to_s || e.class.to_s == symbol2.to_s) && backoff < backoff_limit
 
         @backoff = backoff + (iteration * iteration * 0.5)
         @iteration += 1

data/lib/awspec/helper/finder/acm.rb

@@ -3,8 +3,8 @@ module Awspec::Helper
     module Acm
       def find_certificate(id)
         selected = []
+        req = {}
         loop do
-          req = {}
           res = acm_client.list_certificates(req)
           selected += res.certificate_summary_list.select do |c|
             c.certificate_arn == id || c.domain_name == id
@@ -19,8 +19,8 @@ module Awspec::Helper
 
       def select_all_certificates
         certs = []
+        req = {}
         loop do
-          req = {}
           res = acm_client.list_certificates(req)
           res.certificate_summary_list.each do |c|
             certs << c.certificate_arn

data/lib/awspec/helper/finder/alb.rb

@@ -6,7 +6,7 @@ module Awspec::Helper
         res.load_balancers.select do |lb|
           lb.type == 'application'
         end.single_resource(id)
-      rescue
+      rescue Aws::ElasticLoadBalancingV2::Errors::LoadBalancerNotFound
         return nil
       end
 
@@ -20,7 +20,7 @@ module Awspec::Helper
       def find_alb_listener(arn)
         res = elbv2_client.describe_listeners({ listener_arns: [arn] })
         res.listeners.single_resource(arn)
-      rescue
+      rescue StandardError
         return nil
       end
 
@@ -40,7 +40,7 @@ module Awspec::Helper
         res.target_groups.select do |tg|
           %w(HTTP HTTPS).include?(tg.protocol)
         end.single_resource(id)
-      rescue
+      rescue StandardError
         return nil
       end
 
@@ -60,7 +60,7 @@ module Awspec::Helper
         res.tag_descriptions.select do |resource|
           resource.resource_arn == id
         end.first.tags
-      rescue
+      rescue StandardError
         return nil
       end
     end

data/lib/awspec/helper/finder/apigateway.rb

@@ -2,20 +2,34 @@ module Awspec::Helper
   module Finder
     module Apigateway
       def find_apigateway_by_id(id)
-        rest_apis = apigateway_client.get_rest_apis
-        rest_apis.items.each do |item|
-          return item if item.id == id
+        apis = []
+        apigateway_client.get_rest_apis(limit: 500).each do |response|
+          apis += response.items
+        end
+        apis.each do |api|
+          return api if api.id == id
         end
         nil
       end
 
       def find_apigateway_by_name(name)
-        rest_apis = apigateway_client.get_rest_apis
-        rest_apis.items.each do |item|
-          return item if item.name == name
+        apis = []
+        apigateway_client.get_rest_apis(limit: 500).each do |response|
+          apis += response.items
+        end
+        apis.each do |api|
+          return api if api.name == name
         end
         nil
       end
+
+      def find_api_resources_by_id(api_id)
+        all_resources = []
+        apigateway_client.get_resources(rest_api_id: api_id, limit: 500, embed: ['methods']).each do |response|
+          all_resources += response.items
+        end
+        all_resources != [] ? all_resources : nil
+      end
     end
   end
 end

data/lib/awspec/stub/apigateway.rb

@@ -70,6 +70,45 @@ Aws.config[:apigateway] = {
           }
         }
       ]
+    },
+    get_resources: {
+      position: '1',
+      items: [
+        {
+          path: '/proxy',
+          resource_methods: {
+            'GET' => {
+              http_method: 'GET',
+              method_integration: { http_method: 'POST', uri: 'http://127.0.0.1:8080/hockey' }
+            }
+          }
+        },
+        {
+          path: '/zambonis',
+          resource_methods: {
+            'POST' => {
+              http_method: 'POST',
+              method_integration: { http_method: 'POST',
+                                    uri: 'http://127.0.0.1:8080/zambonis/{arena}?arena=Saddledome' }
+            }
+          }
+        },
+        {
+          path: '/zambonis/123',
+          resource_methods: {
+            'POST' => {
+              http_method: 'POST',
+              method_integration: { http_method: 'AWS',
+                                    uri: 'arn:aws:apigateway:us-east-1:cognito-idp:action/ListUsers' }
+            },
+            'GET' => {
+              http_method: 'GET',
+              method_integration: { http_method: 'AWS',
+                                    uri: 'arn:aws:apigateway:us-east-1:cognito-idp:action/SignUp?username=test' }
+            }
+          }
+        }
+      ]
     }
   }
 }

data/lib/awspec/type/alb.rb

@@ -15,11 +15,13 @@ module Awspec::Type
 
     STATES.each do |state|
       define_method state + '?' do
+        check_existence
         resource_via_client.state.code == state
       end
     end
 
     def has_security_group?(sg_id)
+      check_existence
       sgs = resource_via_client.security_groups
       ret = sgs.find do |sg|
         sg == sg_id
@@ -31,6 +33,7 @@ module Awspec::Type
     end
 
     def has_subnet?(subnet_id)
+      check_existence
       azs = resource_via_client.availability_zones
       ret = azs.find do |az|
         az.subnet_id == subnet_id

data/lib/awspec/type/apigateway.rb

@@ -1,3 +1,5 @@
+require 'addressable/uri'
+
 module Awspec::Type
   class Apigateway < ResourceBase
     aws_resource Aws::APIGateway::Client
@@ -11,5 +13,53 @@ module Awspec::Type
     def id
       @id ||= resource_via_client.id if resource_via_client
     end
+
+    def api_resources
+      @api_resources.nil? ? @api_resources = find_api_resources_by_id(@id) : @api_resources
+    end
+
+    def has_path?(path)
+      check_existence
+      self.api_resources.each do |resource|
+        return resource if resource.path == path
+      end
+      nil
+    end
+
+    def has_integration_path?(path)
+      check_existence
+      self.api_resources.each do |resource|
+        next if resource.resource_methods.nil?
+        resource.resource_methods.each do |_, method|
+          if method.method_integration.http_method == 'AWS'
+            aws_path = method.method_integration.uri.match(%r{(\/[^\?]+)\??.*$}).captures[0] # Matches for ARN type path
+            return resource if aws_path == path
+          end
+          uri = Addressable::URI.parse(method.method_integration.uri)
+          return resource if uri.path == path
+        end
+      end
+      nil
+    end
+
+    def has_method?(path, http_method)
+      check_existence
+      resource_to_check = has_path?(path)
+      return nil if resource_to_check.nil?
+      resource_to_check.resource_methods.each do |_, method|
+        return resource_to_check if method.http_method == http_method
+      end
+      nil
+    end
+
+    def has_integration_method?(integration_path, http_method)
+      check_existence
+      integration_resource_to_check = has_integration_path?(integration_path)
+      return nil if integration_resource_to_check.nil?
+      integration_resource_to_check.resource_methods.each do |_, method|
+        return integration_resource_to_check if method.method_integration.http_method == http_method
+      end
+      nil
+    end
   end
 end

data/lib/awspec/type/security_group.rb

@@ -1,4 +1,5 @@
 module Awspec::Type
+  # rubocop:disable Metrics/ClassLength
   class SecurityGroup < ResourceBase
     aws_resource Aws::EC2::SecurityGroup
     tags_allowed
@@ -75,12 +76,24 @@ module Awspec::Type
     end
     alias_method :outbound_permissions_count, :ip_permissions_egress_count
 
+    def has_inbound_rule?(rule)
+      resource_via_client.ip_permissions.find do |permission|
+        sg_rule_match?(permission, rule)
+      end
+    end
+
     def inbound_rule_count
       resource_via_client.ip_permissions.reduce(0) do |sum, permission|
         sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
       end
     end
 
+    def has_outbound_rule?(rule)
+      resource_via_client.ip_permissions_egress.find do |permission|
+        sg_rule_match?(permission, rule)
+      end
+    end
+
     def outbound_rule_count
       resource_via_client.ip_permissions_egress.reduce(0) do |sum, permission|
         sum += permission.ip_ranges.count + permission.user_id_group_pairs.count
@@ -144,5 +157,36 @@ module Awspec::Type
         port.between?(from_port, to_port)
       end
     end
+
+    def sg_rule_match?(permission, rule)
+      rule[:ip_protocol] = '-1' if rule[:ip_protocol] == 'all'
+      return false unless permission.ip_protocol == rule[:ip_protocol]
+      return false unless permission.ip_protocol == '-1' || permission.from_port == rule[:from_port]
+      return false unless permission.ip_protocol == '-1' || permission.to_port == rule[:to_port]
+
+      if rule[:ip_range]
+        return false unless permission.ip_ranges.find do |ip_range|
+          ip_range.cidr_ip == rule[:ip_range]
+        end
+      elsif rule[:group_pair]
+        return false unless permission.user_id_group_pairs.find do |pair|
+          group_pair_match?(pair, rule[:group_pair])
+        end
+      end
+      true
+    end
+
+    def group_pair_match?(actual_pair, rule_pair)
+      return false unless actual_pair.group_id == rule_pair[:group_id] || rule_pair[:group_id].nil?
+      return false unless actual_pair.group_name == rule_pair[:group_name] || rule_pair[:group_name].nil?
+      return false unless actual_pair.user_id == rule_pair[:user_id] || rule_pair[:user_id].nil?
+      return false unless actual_pair.vpc_id == rule_pair[:vpc_id] || rule_pair[:vpc_id].nil?
+      return false unless
+        actual_pair.vpc_peering_connection_id == rule_pair[:vpc_peering_connection_id] ||
+        rule_pair[:vpc_peering_connection_id].nil?
+      return false unless actual_pair.peering_status == rule_pair[:peering_status] || rule_pair[:peering_status].nil?
+      true
+    end
   end
+  # rubocop:enable Metrics/ClassLength
 end

data/lib/awspec/version.rb

@@ -1,3 +1,3 @@
 module Awspec
-  VERSION = '1.18.4'
+  VERSION = '1.19.2'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: awspec
 version: !ruby/object:Gem::Version
-  version: 1.18.4
+  version: 1.19.2
 platform: ruby
 authors:
 - k1LoW
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-01-26 00:00:00.000000000 Z
+date: 2020-06-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk
@@ -122,6 +122,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: addressable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement