cfer 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +1 -1
- data/README.md +39 -1
- data/Rakefile +1 -56
- data/cfer.gemspec +13 -14
- data/examples/common/instance_deps.rb +3 -3
- data/examples/instance.rb +15 -21
- data/lib/cfer.rb +83 -7
- data/lib/cfer/block.rb +42 -0
- data/lib/cfer/cfn/cfer_credentials_provider.rb +72 -0
- data/lib/cfer/cfn/client.rb +121 -18
- data/lib/cfer/cli.rb +40 -1
- data/lib/cfer/core/client.rb +11 -0
- data/lib/cfer/core/resource.rb +16 -18
- data/lib/cfer/core/stack.rb +85 -14
- data/lib/cfer/util/error.rb +8 -0
- data/lib/cfer/version.rb +7 -1
- data/lib/cferext/aws/auto_scaling/auto_scaling_group.rb +6 -0
- data/lib/cferext/aws/iam/policy.rb +30 -0
- data/lib/cferext/aws/iam/policy_generator.rb +54 -0
- metadata +84 -58
- data/examples/chef_instance.rb +0 -56
- data/lib/cferext/aws/auto_scaling/launch_configuration.rb +0 -15
- data/lib/cferext/aws/ec2/instance.rb +0 -15
- data/lib/cferext/provisioning.rb +0 -16
- data/lib/cferext/provisioning/cfn-bootstrap.rb +0 -186
- data/lib/cferext/provisioning/chef.rb +0 -75
data/lib/cfer/util/error.rb
CHANGED
data/lib/cfer/version.rb
CHANGED
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'cferext/aws/iam/policy_generator'
|
2
|
+
|
3
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::ManagedPolicy" do
|
4
|
+
include CferExt::AWS::IAM::WithPolicyDocument
|
5
|
+
end
|
6
|
+
|
7
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::User" do
|
8
|
+
include CferExt::AWS::IAM::WithPolicies
|
9
|
+
end
|
10
|
+
|
11
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::Group" do
|
12
|
+
include CferExt::AWS::IAM::WithPolicies
|
13
|
+
end
|
14
|
+
|
15
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::Role" do
|
16
|
+
include CferExt::AWS::IAM::WithPolicies
|
17
|
+
|
18
|
+
def assume_role_policy_document(doc = nil, &block)
|
19
|
+
doc = CferExt::AWS::IAM.generate_policy(&block) if doc == nil
|
20
|
+
properties :AssumeRolePolicyDocument => doc
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::Policy" do
|
25
|
+
def policy_document(doc = nil, &block)
|
26
|
+
doc = CferExt::AWS::IAM.generate_policy(&block) if doc == nil
|
27
|
+
properties :PolicyDocument => doc
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
@@ -0,0 +1,54 @@
|
|
1
|
+
require 'docile'
|
2
|
+
|
3
|
+
module CferExt
|
4
|
+
module AWS
|
5
|
+
module IAM
|
6
|
+
class PolicyGenerator < Cfer::BlockHash
|
7
|
+
def initialize
|
8
|
+
self[:Version] = '2012-10-17'
|
9
|
+
self[:Statement] = []
|
10
|
+
end
|
11
|
+
|
12
|
+
def statement(options = {}, &block)
|
13
|
+
statement = Cfer::BlockHash.new(&block)
|
14
|
+
statement.merge! options
|
15
|
+
statement.build_from_block(&block)
|
16
|
+
self[:Statement].unshift statement
|
17
|
+
end
|
18
|
+
|
19
|
+
def allow(&block)
|
20
|
+
statement Effect: :Allow, &block
|
21
|
+
end
|
22
|
+
|
23
|
+
def deny(&block)
|
24
|
+
statement Effect: :Deny, &block
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
module WithPolicyDocument
|
29
|
+
end
|
30
|
+
|
31
|
+
module WithPolicies
|
32
|
+
def policy(doc = nil, &block)
|
33
|
+
self[:Properties][:Policies] ||= []
|
34
|
+
doc = CferExt::AWS::IAM.generate_policy(&block) if doc == nil
|
35
|
+
get_property(:Policies) << doc.to_h
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
def self.generate_policy(&block)
|
40
|
+
policy = PolicyGenerator.new
|
41
|
+
policy.build_from_block(&block)
|
42
|
+
policy
|
43
|
+
end
|
44
|
+
|
45
|
+
EC2_ASSUME_ROLE_POLICY_DOCUMENT =
|
46
|
+
CferExt::AWS::IAM.generate_policy do
|
47
|
+
allow do
|
48
|
+
principal Service: 'ec2.amazonaws.com'
|
49
|
+
action 'sts:AssumeRole'
|
50
|
+
end
|
51
|
+
end.freeze
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
metadata
CHANGED
@@ -1,183 +1,211 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sean Edwards
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-04-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: docile
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.1'
|
17
20
|
- - ">="
|
18
21
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
22
|
+
version: 1.1.5
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
27
|
+
- - "~>"
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '1.1'
|
24
30
|
- - ">="
|
25
31
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
32
|
+
version: 1.1.5
|
27
33
|
- !ruby/object:Gem::Dependency
|
28
34
|
name: thor
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
30
36
|
requirements:
|
31
|
-
- - "
|
37
|
+
- - "~>"
|
32
38
|
- !ruby/object:Gem::Version
|
33
|
-
version:
|
39
|
+
version: 0.19.1
|
34
40
|
type: :runtime
|
35
41
|
prerelease: false
|
36
42
|
version_requirements: !ruby/object:Gem::Requirement
|
37
43
|
requirements:
|
38
|
-
- - "
|
44
|
+
- - "~>"
|
39
45
|
- !ruby/object:Gem::Version
|
40
|
-
version:
|
46
|
+
version: 0.19.1
|
41
47
|
- !ruby/object:Gem::Dependency
|
42
48
|
name: activesupport
|
43
49
|
requirement: !ruby/object:Gem::Requirement
|
44
50
|
requirements:
|
51
|
+
- - "~>"
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '4.2'
|
45
54
|
- - ">="
|
46
55
|
- !ruby/object:Gem::Version
|
47
|
-
version:
|
56
|
+
version: 4.2.6
|
48
57
|
type: :runtime
|
49
58
|
prerelease: false
|
50
59
|
version_requirements: !ruby/object:Gem::Requirement
|
51
60
|
requirements:
|
61
|
+
- - "~>"
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
version: '4.2'
|
52
64
|
- - ">="
|
53
65
|
- !ruby/object:Gem::Version
|
54
|
-
version:
|
66
|
+
version: 4.2.6
|
55
67
|
- !ruby/object:Gem::Dependency
|
56
68
|
name: aws-sdk
|
57
69
|
requirement: !ruby/object:Gem::Requirement
|
58
70
|
requirements:
|
71
|
+
- - "~>"
|
72
|
+
- !ruby/object:Gem::Version
|
73
|
+
version: '2.2'
|
59
74
|
- - ">="
|
60
75
|
- !ruby/object:Gem::Version
|
61
|
-
version:
|
76
|
+
version: 2.2.33
|
62
77
|
type: :runtime
|
63
78
|
prerelease: false
|
64
79
|
version_requirements: !ruby/object:Gem::Requirement
|
65
80
|
requirements:
|
81
|
+
- - "~>"
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '2.2'
|
66
84
|
- - ">="
|
67
85
|
- !ruby/object:Gem::Version
|
68
|
-
version:
|
86
|
+
version: 2.2.33
|
69
87
|
- !ruby/object:Gem::Dependency
|
70
88
|
name: aws-sdk-resources
|
71
89
|
requirement: !ruby/object:Gem::Requirement
|
72
90
|
requirements:
|
91
|
+
- - "~>"
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: '2.2'
|
73
94
|
- - ">="
|
74
95
|
- !ruby/object:Gem::Version
|
75
|
-
version:
|
96
|
+
version: 2.2.33
|
76
97
|
type: :runtime
|
77
98
|
prerelease: false
|
78
99
|
version_requirements: !ruby/object:Gem::Requirement
|
79
100
|
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '2.2'
|
80
104
|
- - ">="
|
81
105
|
- !ruby/object:Gem::Version
|
82
|
-
version:
|
106
|
+
version: 2.2.33
|
83
107
|
- !ruby/object:Gem::Dependency
|
84
108
|
name: preconditions
|
85
109
|
requirement: !ruby/object:Gem::Requirement
|
86
110
|
requirements:
|
87
|
-
- - "
|
111
|
+
- - "~>"
|
88
112
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
113
|
+
version: 0.3.0
|
90
114
|
type: :runtime
|
91
115
|
prerelease: false
|
92
116
|
version_requirements: !ruby/object:Gem::Requirement
|
93
117
|
requirements:
|
94
|
-
- - "
|
118
|
+
- - "~>"
|
95
119
|
- !ruby/object:Gem::Version
|
96
|
-
version:
|
120
|
+
version: 0.3.0
|
97
121
|
- !ruby/object:Gem::Dependency
|
98
122
|
name: semantic
|
99
123
|
requirement: !ruby/object:Gem::Requirement
|
100
124
|
requirements:
|
125
|
+
- - "~>"
|
126
|
+
- !ruby/object:Gem::Version
|
127
|
+
version: '1.4'
|
101
128
|
- - ">="
|
102
129
|
- !ruby/object:Gem::Version
|
103
|
-
version:
|
130
|
+
version: 1.4.1
|
104
131
|
type: :runtime
|
105
132
|
prerelease: false
|
106
133
|
version_requirements: !ruby/object:Gem::Requirement
|
107
134
|
requirements:
|
135
|
+
- - "~>"
|
136
|
+
- !ruby/object:Gem::Version
|
137
|
+
version: '1.4'
|
108
138
|
- - ">="
|
109
139
|
- !ruby/object:Gem::Version
|
110
|
-
version:
|
140
|
+
version: 1.4.1
|
111
141
|
- !ruby/object:Gem::Dependency
|
112
142
|
name: rainbow
|
113
143
|
requirement: !ruby/object:Gem::Requirement
|
114
144
|
requirements:
|
115
|
-
- - "
|
145
|
+
- - "~>"
|
116
146
|
- !ruby/object:Gem::Version
|
117
|
-
version: '
|
147
|
+
version: '2.1'
|
118
148
|
type: :runtime
|
119
149
|
prerelease: false
|
120
150
|
version_requirements: !ruby/object:Gem::Requirement
|
121
151
|
requirements:
|
122
|
-
- - "
|
152
|
+
- - "~>"
|
123
153
|
- !ruby/object:Gem::Version
|
124
|
-
version: '
|
154
|
+
version: '2.1'
|
125
155
|
- !ruby/object:Gem::Dependency
|
126
156
|
name: highline
|
127
157
|
requirement: !ruby/object:Gem::Requirement
|
128
158
|
requirements:
|
159
|
+
- - "~>"
|
160
|
+
- !ruby/object:Gem::Version
|
161
|
+
version: '1.7'
|
129
162
|
- - ">="
|
130
163
|
- !ruby/object:Gem::Version
|
131
|
-
version:
|
164
|
+
version: 1.7.8
|
132
165
|
type: :runtime
|
133
166
|
prerelease: false
|
134
167
|
version_requirements: !ruby/object:Gem::Requirement
|
135
168
|
requirements:
|
169
|
+
- - "~>"
|
170
|
+
- !ruby/object:Gem::Version
|
171
|
+
version: '1.7'
|
136
172
|
- - ">="
|
137
173
|
- !ruby/object:Gem::Version
|
138
|
-
version:
|
174
|
+
version: 1.7.8
|
139
175
|
- !ruby/object:Gem::Dependency
|
140
176
|
name: table_print
|
141
177
|
requirement: !ruby/object:Gem::Requirement
|
142
178
|
requirements:
|
143
|
-
- - "
|
179
|
+
- - "~>"
|
144
180
|
- !ruby/object:Gem::Version
|
145
|
-
version: '
|
146
|
-
type: :runtime
|
147
|
-
prerelease: false
|
148
|
-
version_requirements: !ruby/object:Gem::Requirement
|
149
|
-
requirements:
|
150
|
-
- - ">="
|
151
|
-
- !ruby/object:Gem::Version
|
152
|
-
version: '0'
|
153
|
-
- !ruby/object:Gem::Dependency
|
154
|
-
name: rake
|
155
|
-
requirement: !ruby/object:Gem::Requirement
|
156
|
-
requirements:
|
181
|
+
version: '1.5'
|
157
182
|
- - ">="
|
158
183
|
- !ruby/object:Gem::Version
|
159
|
-
version:
|
184
|
+
version: 1.5.6
|
160
185
|
type: :runtime
|
161
186
|
prerelease: false
|
162
187
|
version_requirements: !ruby/object:Gem::Requirement
|
163
188
|
requirements:
|
189
|
+
- - "~>"
|
190
|
+
- !ruby/object:Gem::Version
|
191
|
+
version: '1.5'
|
164
192
|
- - ">="
|
165
193
|
- !ruby/object:Gem::Version
|
166
|
-
version:
|
194
|
+
version: 1.5.6
|
167
195
|
- !ruby/object:Gem::Dependency
|
168
|
-
name:
|
196
|
+
name: git
|
169
197
|
requirement: !ruby/object:Gem::Requirement
|
170
198
|
requirements:
|
171
|
-
- - "
|
199
|
+
- - "~>"
|
172
200
|
- !ruby/object:Gem::Version
|
173
|
-
version: '
|
201
|
+
version: '1.3'
|
174
202
|
type: :runtime
|
175
203
|
prerelease: false
|
176
204
|
version_requirements: !ruby/object:Gem::Requirement
|
177
205
|
requirements:
|
178
|
-
- - "
|
206
|
+
- - "~>"
|
179
207
|
- !ruby/object:Gem::Version
|
180
|
-
version: '
|
208
|
+
version: '1.3'
|
181
209
|
- !ruby/object:Gem::Dependency
|
182
210
|
name: bundler
|
183
211
|
requirement: !ruby/object:Gem::Requirement
|
@@ -185,7 +213,7 @@ dependencies:
|
|
185
213
|
- - ">="
|
186
214
|
- !ruby/object:Gem::Version
|
187
215
|
version: '0'
|
188
|
-
type: :
|
216
|
+
type: :runtime
|
189
217
|
prerelease: false
|
190
218
|
version_requirements: !ruby/object:Gem::Requirement
|
191
219
|
requirements:
|
@@ -196,16 +224,16 @@ dependencies:
|
|
196
224
|
name: yard
|
197
225
|
requirement: !ruby/object:Gem::Requirement
|
198
226
|
requirements:
|
199
|
-
- - "
|
227
|
+
- - "~>"
|
200
228
|
- !ruby/object:Gem::Version
|
201
|
-
version:
|
229
|
+
version: 0.8.7.6
|
202
230
|
type: :development
|
203
231
|
prerelease: false
|
204
232
|
version_requirements: !ruby/object:Gem::Requirement
|
205
233
|
requirements:
|
206
|
-
- - "
|
234
|
+
- - "~>"
|
207
235
|
- !ruby/object:Gem::Version
|
208
|
-
version:
|
236
|
+
version: 0.8.7.6
|
209
237
|
description: Toolkit for automating infrastructure using AWS CloudFormation
|
210
238
|
email:
|
211
239
|
- stedwards87+cfer@gmail.com
|
@@ -232,13 +260,13 @@ files:
|
|
232
260
|
- bin/setup
|
233
261
|
- cfer.gemspec
|
234
262
|
- doc/cfer-demo.gif
|
235
|
-
- examples/chef_instance.rb
|
236
263
|
- examples/common/instance_deps.rb
|
237
264
|
- examples/instance.rb
|
238
265
|
- examples/vpc.rb
|
239
266
|
- lib/cfer.rb
|
240
267
|
- lib/cfer/block.rb
|
241
268
|
- lib/cfer/cfn/aws.rb
|
269
|
+
- lib/cfer/cfn/cfer_credentials_provider.rb
|
242
270
|
- lib/cfer/cfn/client.rb
|
243
271
|
- lib/cfer/cli.rb
|
244
272
|
- lib/cfer/core/client.rb
|
@@ -247,11 +275,9 @@ files:
|
|
247
275
|
- lib/cfer/core/stack.rb
|
248
276
|
- lib/cfer/util/error.rb
|
249
277
|
- lib/cfer/version.rb
|
250
|
-
- lib/cferext/aws/auto_scaling/
|
251
|
-
- lib/cferext/aws/
|
252
|
-
- lib/cferext/
|
253
|
-
- lib/cferext/provisioning/cfn-bootstrap.rb
|
254
|
-
- lib/cferext/provisioning/chef.rb
|
278
|
+
- lib/cferext/aws/auto_scaling/auto_scaling_group.rb
|
279
|
+
- lib/cferext/aws/iam/policy.rb
|
280
|
+
- lib/cferext/aws/iam/policy_generator.rb
|
255
281
|
homepage: https://github.com/seanedwards/cfer
|
256
282
|
licenses:
|
257
283
|
- MIT
|
@@ -272,7 +298,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
272
298
|
version: '0'
|
273
299
|
requirements: []
|
274
300
|
rubyforge_project:
|
275
|
-
rubygems_version: 2.
|
301
|
+
rubygems_version: 2.5.1
|
276
302
|
signing_key:
|
277
303
|
specification_version: 4
|
278
304
|
summary: Toolkit for automating infrastructure using AWS CloudFormation
|
data/examples/chef_instance.rb
DELETED
@@ -1,56 +0,0 @@
|
|
1
|
-
description 'Example stack template for a small EC2 instance'
|
2
|
-
|
3
|
-
# NOTE: This template depends on vpc.rb
|
4
|
-
|
5
|
-
# Include common template code that will be used for examples that create EC2 instances.
|
6
|
-
include_template 'common/instance_deps.rb'
|
7
|
-
|
8
|
-
resource :instance, "AWS::EC2::Instance",
|
9
|
-
# Set a creation policy so that the stack will wait for
|
10
|
-
# on-instance provisioning to complete before marking the instance
|
11
|
-
# as done.
|
12
|
-
:CreationPolicy => {
|
13
|
-
:ResourceSignal => {
|
14
|
-
:Count => 1
|
15
|
-
}
|
16
|
-
} do
|
17
|
-
# Chef provisioning depends on cfn-init, so set that up first.
|
18
|
-
# We will have the initial provisioning set up cfn-hup, install chef, and run our cookbooks.
|
19
|
-
# Cfn-hup will only rerun chef when the metadata changes.
|
20
|
-
cfn_init_setup signal: :instance,
|
21
|
-
cfn_init_config_set: [ :cfn_hup, :install_chef, :run_chef],
|
22
|
-
cfn_hup_config_set: [ :cfn_hup, :run_chef]
|
23
|
-
|
24
|
-
# Configure chef to generate a Berksfile that will download the AWS cookbook from the Chef supermarket.
|
25
|
-
# Set the run list to run the AWS cookbook, so our instance will have the AWS SDK available.
|
26
|
-
chef_solo version: 'latest',
|
27
|
-
node: {
|
28
|
-
cfer: {
|
29
|
-
demo: {
|
30
|
-
welcome: "Welcome to Cfer!"
|
31
|
-
}
|
32
|
-
},
|
33
|
-
run_list: 'recipe[ec2-demo]'
|
34
|
-
},
|
35
|
-
# We specify a berksfile inline, but you could read this from somewhere else in your repo too.
|
36
|
-
# This uses a simple cookbook to write a file, similar to the instance.rb example.
|
37
|
-
# Review this cookbook here: https://github.com/seanedwards/cfer-cookbook-demo
|
38
|
-
berksfile: <<-EOF
|
39
|
-
source "https://supermarket.chef.io"
|
40
|
-
cookbook 'ec2-demo', github: 'seanedwards/cfer-cookbook-demo', branch: 'master'
|
41
|
-
EOF
|
42
|
-
|
43
|
-
image_id Fn::ref(:ImageId)
|
44
|
-
instance_type Fn::ref(:InstanceType)
|
45
|
-
key_name Fn::ref(:KeyName)
|
46
|
-
|
47
|
-
network_interfaces [ {
|
48
|
-
AssociatePublicIpAddress: "true",
|
49
|
-
DeviceIndex: "0",
|
50
|
-
GroupSet: [ Fn::ref(:instancesg) ],
|
51
|
-
SubnetId: Fn::ref(:SubnetId)
|
52
|
-
} ]
|
53
|
-
end
|
54
|
-
|
55
|
-
output :instance, Fn::ref(:instance)
|
56
|
-
output :instanceip, Fn::get_att(:instance, :PublicIp)
|