cfer 0.3.0 → 0.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -1
- data/README.md +39 -1
- data/Rakefile +1 -56
- data/cfer.gemspec +13 -14
- data/examples/common/instance_deps.rb +3 -3
- data/examples/instance.rb +15 -21
- data/lib/cfer.rb +83 -7
- data/lib/cfer/block.rb +42 -0
- data/lib/cfer/cfn/cfer_credentials_provider.rb +72 -0
- data/lib/cfer/cfn/client.rb +121 -18
- data/lib/cfer/cli.rb +40 -1
- data/lib/cfer/core/client.rb +11 -0
- data/lib/cfer/core/resource.rb +16 -18
- data/lib/cfer/core/stack.rb +85 -14
- data/lib/cfer/util/error.rb +8 -0
- data/lib/cfer/version.rb +7 -1
- data/lib/cferext/aws/auto_scaling/auto_scaling_group.rb +6 -0
- data/lib/cferext/aws/iam/policy.rb +30 -0
- data/lib/cferext/aws/iam/policy_generator.rb +54 -0
- metadata +84 -58
- data/examples/chef_instance.rb +0 -56
- data/lib/cferext/aws/auto_scaling/launch_configuration.rb +0 -15
- data/lib/cferext/aws/ec2/instance.rb +0 -15
- data/lib/cferext/provisioning.rb +0 -16
- data/lib/cferext/provisioning/cfn-bootstrap.rb +0 -186
- data/lib/cferext/provisioning/chef.rb +0 -75
data/lib/cfer/util/error.rb
CHANGED
data/lib/cfer/version.rb
CHANGED
@@ -0,0 +1,30 @@
|
|
1
|
+
require 'cferext/aws/iam/policy_generator'
|
2
|
+
|
3
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::ManagedPolicy" do
|
4
|
+
include CferExt::AWS::IAM::WithPolicyDocument
|
5
|
+
end
|
6
|
+
|
7
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::User" do
|
8
|
+
include CferExt::AWS::IAM::WithPolicies
|
9
|
+
end
|
10
|
+
|
11
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::Group" do
|
12
|
+
include CferExt::AWS::IAM::WithPolicies
|
13
|
+
end
|
14
|
+
|
15
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::Role" do
|
16
|
+
include CferExt::AWS::IAM::WithPolicies
|
17
|
+
|
18
|
+
def assume_role_policy_document(doc = nil, &block)
|
19
|
+
doc = CferExt::AWS::IAM.generate_policy(&block) if doc == nil
|
20
|
+
properties :AssumeRolePolicyDocument => doc
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
Cfer::Core::Resource.extend_resource "AWS::IAM::Policy" do
|
25
|
+
def policy_document(doc = nil, &block)
|
26
|
+
doc = CferExt::AWS::IAM.generate_policy(&block) if doc == nil
|
27
|
+
properties :PolicyDocument => doc
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
@@ -0,0 +1,54 @@
|
|
1
|
+
require 'docile'
|
2
|
+
|
3
|
+
module CferExt
|
4
|
+
module AWS
|
5
|
+
module IAM
|
6
|
+
class PolicyGenerator < Cfer::BlockHash
|
7
|
+
def initialize
|
8
|
+
self[:Version] = '2012-10-17'
|
9
|
+
self[:Statement] = []
|
10
|
+
end
|
11
|
+
|
12
|
+
def statement(options = {}, &block)
|
13
|
+
statement = Cfer::BlockHash.new(&block)
|
14
|
+
statement.merge! options
|
15
|
+
statement.build_from_block(&block)
|
16
|
+
self[:Statement].unshift statement
|
17
|
+
end
|
18
|
+
|
19
|
+
def allow(&block)
|
20
|
+
statement Effect: :Allow, &block
|
21
|
+
end
|
22
|
+
|
23
|
+
def deny(&block)
|
24
|
+
statement Effect: :Deny, &block
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
module WithPolicyDocument
|
29
|
+
end
|
30
|
+
|
31
|
+
module WithPolicies
|
32
|
+
def policy(doc = nil, &block)
|
33
|
+
self[:Properties][:Policies] ||= []
|
34
|
+
doc = CferExt::AWS::IAM.generate_policy(&block) if doc == nil
|
35
|
+
get_property(:Policies) << doc.to_h
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
def self.generate_policy(&block)
|
40
|
+
policy = PolicyGenerator.new
|
41
|
+
policy.build_from_block(&block)
|
42
|
+
policy
|
43
|
+
end
|
44
|
+
|
45
|
+
EC2_ASSUME_ROLE_POLICY_DOCUMENT =
|
46
|
+
CferExt::AWS::IAM.generate_policy do
|
47
|
+
allow do
|
48
|
+
principal Service: 'ec2.amazonaws.com'
|
49
|
+
action 'sts:AssumeRole'
|
50
|
+
end
|
51
|
+
end.freeze
|
52
|
+
end
|
53
|
+
end
|
54
|
+
end
|
metadata
CHANGED
@@ -1,183 +1,211 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sean Edwards
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-04-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: docile
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.1'
|
17
20
|
- - ">="
|
18
21
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
22
|
+
version: 1.1.5
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
27
|
+
- - "~>"
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '1.1'
|
24
30
|
- - ">="
|
25
31
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
32
|
+
version: 1.1.5
|
27
33
|
- !ruby/object:Gem::Dependency
|
28
34
|
name: thor
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
30
36
|
requirements:
|
31
|
-
- - "
|
37
|
+
- - "~>"
|
32
38
|
- !ruby/object:Gem::Version
|
33
|
-
version:
|
39
|
+
version: 0.19.1
|
34
40
|
type: :runtime
|
35
41
|
prerelease: false
|
36
42
|
version_requirements: !ruby/object:Gem::Requirement
|
37
43
|
requirements:
|
38
|
-
- - "
|
44
|
+
- - "~>"
|
39
45
|
- !ruby/object:Gem::Version
|
40
|
-
version:
|
46
|
+
version: 0.19.1
|
41
47
|
- !ruby/object:Gem::Dependency
|
42
48
|
name: activesupport
|
43
49
|
requirement: !ruby/object:Gem::Requirement
|
44
50
|
requirements:
|
51
|
+
- - "~>"
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: '4.2'
|
45
54
|
- - ">="
|
46
55
|
- !ruby/object:Gem::Version
|
47
|
-
version:
|
56
|
+
version: 4.2.6
|
48
57
|
type: :runtime
|
49
58
|
prerelease: false
|
50
59
|
version_requirements: !ruby/object:Gem::Requirement
|
51
60
|
requirements:
|
61
|
+
- - "~>"
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
version: '4.2'
|
52
64
|
- - ">="
|
53
65
|
- !ruby/object:Gem::Version
|
54
|
-
version:
|
66
|
+
version: 4.2.6
|
55
67
|
- !ruby/object:Gem::Dependency
|
56
68
|
name: aws-sdk
|
57
69
|
requirement: !ruby/object:Gem::Requirement
|
58
70
|
requirements:
|
71
|
+
- - "~>"
|
72
|
+
- !ruby/object:Gem::Version
|
73
|
+
version: '2.2'
|
59
74
|
- - ">="
|
60
75
|
- !ruby/object:Gem::Version
|
61
|
-
version:
|
76
|
+
version: 2.2.33
|
62
77
|
type: :runtime
|
63
78
|
prerelease: false
|
64
79
|
version_requirements: !ruby/object:Gem::Requirement
|
65
80
|
requirements:
|
81
|
+
- - "~>"
|
82
|
+
- !ruby/object:Gem::Version
|
83
|
+
version: '2.2'
|
66
84
|
- - ">="
|
67
85
|
- !ruby/object:Gem::Version
|
68
|
-
version:
|
86
|
+
version: 2.2.33
|
69
87
|
- !ruby/object:Gem::Dependency
|
70
88
|
name: aws-sdk-resources
|
71
89
|
requirement: !ruby/object:Gem::Requirement
|
72
90
|
requirements:
|
91
|
+
- - "~>"
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: '2.2'
|
73
94
|
- - ">="
|
74
95
|
- !ruby/object:Gem::Version
|
75
|
-
version:
|
96
|
+
version: 2.2.33
|
76
97
|
type: :runtime
|
77
98
|
prerelease: false
|
78
99
|
version_requirements: !ruby/object:Gem::Requirement
|
79
100
|
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '2.2'
|
80
104
|
- - ">="
|
81
105
|
- !ruby/object:Gem::Version
|
82
|
-
version:
|
106
|
+
version: 2.2.33
|
83
107
|
- !ruby/object:Gem::Dependency
|
84
108
|
name: preconditions
|
85
109
|
requirement: !ruby/object:Gem::Requirement
|
86
110
|
requirements:
|
87
|
-
- - "
|
111
|
+
- - "~>"
|
88
112
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
113
|
+
version: 0.3.0
|
90
114
|
type: :runtime
|
91
115
|
prerelease: false
|
92
116
|
version_requirements: !ruby/object:Gem::Requirement
|
93
117
|
requirements:
|
94
|
-
- - "
|
118
|
+
- - "~>"
|
95
119
|
- !ruby/object:Gem::Version
|
96
|
-
version:
|
120
|
+
version: 0.3.0
|
97
121
|
- !ruby/object:Gem::Dependency
|
98
122
|
name: semantic
|
99
123
|
requirement: !ruby/object:Gem::Requirement
|
100
124
|
requirements:
|
125
|
+
- - "~>"
|
126
|
+
- !ruby/object:Gem::Version
|
127
|
+
version: '1.4'
|
101
128
|
- - ">="
|
102
129
|
- !ruby/object:Gem::Version
|
103
|
-
version:
|
130
|
+
version: 1.4.1
|
104
131
|
type: :runtime
|
105
132
|
prerelease: false
|
106
133
|
version_requirements: !ruby/object:Gem::Requirement
|
107
134
|
requirements:
|
135
|
+
- - "~>"
|
136
|
+
- !ruby/object:Gem::Version
|
137
|
+
version: '1.4'
|
108
138
|
- - ">="
|
109
139
|
- !ruby/object:Gem::Version
|
110
|
-
version:
|
140
|
+
version: 1.4.1
|
111
141
|
- !ruby/object:Gem::Dependency
|
112
142
|
name: rainbow
|
113
143
|
requirement: !ruby/object:Gem::Requirement
|
114
144
|
requirements:
|
115
|
-
- - "
|
145
|
+
- - "~>"
|
116
146
|
- !ruby/object:Gem::Version
|
117
|
-
version: '
|
147
|
+
version: '2.1'
|
118
148
|
type: :runtime
|
119
149
|
prerelease: false
|
120
150
|
version_requirements: !ruby/object:Gem::Requirement
|
121
151
|
requirements:
|
122
|
-
- - "
|
152
|
+
- - "~>"
|
123
153
|
- !ruby/object:Gem::Version
|
124
|
-
version: '
|
154
|
+
version: '2.1'
|
125
155
|
- !ruby/object:Gem::Dependency
|
126
156
|
name: highline
|
127
157
|
requirement: !ruby/object:Gem::Requirement
|
128
158
|
requirements:
|
159
|
+
- - "~>"
|
160
|
+
- !ruby/object:Gem::Version
|
161
|
+
version: '1.7'
|
129
162
|
- - ">="
|
130
163
|
- !ruby/object:Gem::Version
|
131
|
-
version:
|
164
|
+
version: 1.7.8
|
132
165
|
type: :runtime
|
133
166
|
prerelease: false
|
134
167
|
version_requirements: !ruby/object:Gem::Requirement
|
135
168
|
requirements:
|
169
|
+
- - "~>"
|
170
|
+
- !ruby/object:Gem::Version
|
171
|
+
version: '1.7'
|
136
172
|
- - ">="
|
137
173
|
- !ruby/object:Gem::Version
|
138
|
-
version:
|
174
|
+
version: 1.7.8
|
139
175
|
- !ruby/object:Gem::Dependency
|
140
176
|
name: table_print
|
141
177
|
requirement: !ruby/object:Gem::Requirement
|
142
178
|
requirements:
|
143
|
-
- - "
|
179
|
+
- - "~>"
|
144
180
|
- !ruby/object:Gem::Version
|
145
|
-
version: '
|
146
|
-
type: :runtime
|
147
|
-
prerelease: false
|
148
|
-
version_requirements: !ruby/object:Gem::Requirement
|
149
|
-
requirements:
|
150
|
-
- - ">="
|
151
|
-
- !ruby/object:Gem::Version
|
152
|
-
version: '0'
|
153
|
-
- !ruby/object:Gem::Dependency
|
154
|
-
name: rake
|
155
|
-
requirement: !ruby/object:Gem::Requirement
|
156
|
-
requirements:
|
181
|
+
version: '1.5'
|
157
182
|
- - ">="
|
158
183
|
- !ruby/object:Gem::Version
|
159
|
-
version:
|
184
|
+
version: 1.5.6
|
160
185
|
type: :runtime
|
161
186
|
prerelease: false
|
162
187
|
version_requirements: !ruby/object:Gem::Requirement
|
163
188
|
requirements:
|
189
|
+
- - "~>"
|
190
|
+
- !ruby/object:Gem::Version
|
191
|
+
version: '1.5'
|
164
192
|
- - ">="
|
165
193
|
- !ruby/object:Gem::Version
|
166
|
-
version:
|
194
|
+
version: 1.5.6
|
167
195
|
- !ruby/object:Gem::Dependency
|
168
|
-
name:
|
196
|
+
name: git
|
169
197
|
requirement: !ruby/object:Gem::Requirement
|
170
198
|
requirements:
|
171
|
-
- - "
|
199
|
+
- - "~>"
|
172
200
|
- !ruby/object:Gem::Version
|
173
|
-
version: '
|
201
|
+
version: '1.3'
|
174
202
|
type: :runtime
|
175
203
|
prerelease: false
|
176
204
|
version_requirements: !ruby/object:Gem::Requirement
|
177
205
|
requirements:
|
178
|
-
- - "
|
206
|
+
- - "~>"
|
179
207
|
- !ruby/object:Gem::Version
|
180
|
-
version: '
|
208
|
+
version: '1.3'
|
181
209
|
- !ruby/object:Gem::Dependency
|
182
210
|
name: bundler
|
183
211
|
requirement: !ruby/object:Gem::Requirement
|
@@ -185,7 +213,7 @@ dependencies:
|
|
185
213
|
- - ">="
|
186
214
|
- !ruby/object:Gem::Version
|
187
215
|
version: '0'
|
188
|
-
type: :
|
216
|
+
type: :runtime
|
189
217
|
prerelease: false
|
190
218
|
version_requirements: !ruby/object:Gem::Requirement
|
191
219
|
requirements:
|
@@ -196,16 +224,16 @@ dependencies:
|
|
196
224
|
name: yard
|
197
225
|
requirement: !ruby/object:Gem::Requirement
|
198
226
|
requirements:
|
199
|
-
- - "
|
227
|
+
- - "~>"
|
200
228
|
- !ruby/object:Gem::Version
|
201
|
-
version:
|
229
|
+
version: 0.8.7.6
|
202
230
|
type: :development
|
203
231
|
prerelease: false
|
204
232
|
version_requirements: !ruby/object:Gem::Requirement
|
205
233
|
requirements:
|
206
|
-
- - "
|
234
|
+
- - "~>"
|
207
235
|
- !ruby/object:Gem::Version
|
208
|
-
version:
|
236
|
+
version: 0.8.7.6
|
209
237
|
description: Toolkit for automating infrastructure using AWS CloudFormation
|
210
238
|
email:
|
211
239
|
- stedwards87+cfer@gmail.com
|
@@ -232,13 +260,13 @@ files:
|
|
232
260
|
- bin/setup
|
233
261
|
- cfer.gemspec
|
234
262
|
- doc/cfer-demo.gif
|
235
|
-
- examples/chef_instance.rb
|
236
263
|
- examples/common/instance_deps.rb
|
237
264
|
- examples/instance.rb
|
238
265
|
- examples/vpc.rb
|
239
266
|
- lib/cfer.rb
|
240
267
|
- lib/cfer/block.rb
|
241
268
|
- lib/cfer/cfn/aws.rb
|
269
|
+
- lib/cfer/cfn/cfer_credentials_provider.rb
|
242
270
|
- lib/cfer/cfn/client.rb
|
243
271
|
- lib/cfer/cli.rb
|
244
272
|
- lib/cfer/core/client.rb
|
@@ -247,11 +275,9 @@ files:
|
|
247
275
|
- lib/cfer/core/stack.rb
|
248
276
|
- lib/cfer/util/error.rb
|
249
277
|
- lib/cfer/version.rb
|
250
|
-
- lib/cferext/aws/auto_scaling/
|
251
|
-
- lib/cferext/aws/
|
252
|
-
- lib/cferext/
|
253
|
-
- lib/cferext/provisioning/cfn-bootstrap.rb
|
254
|
-
- lib/cferext/provisioning/chef.rb
|
278
|
+
- lib/cferext/aws/auto_scaling/auto_scaling_group.rb
|
279
|
+
- lib/cferext/aws/iam/policy.rb
|
280
|
+
- lib/cferext/aws/iam/policy_generator.rb
|
255
281
|
homepage: https://github.com/seanedwards/cfer
|
256
282
|
licenses:
|
257
283
|
- MIT
|
@@ -272,7 +298,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
272
298
|
version: '0'
|
273
299
|
requirements: []
|
274
300
|
rubyforge_project:
|
275
|
-
rubygems_version: 2.
|
301
|
+
rubygems_version: 2.5.1
|
276
302
|
signing_key:
|
277
303
|
specification_version: 4
|
278
304
|
summary: Toolkit for automating infrastructure using AWS CloudFormation
|
data/examples/chef_instance.rb
DELETED
@@ -1,56 +0,0 @@
|
|
1
|
-
description 'Example stack template for a small EC2 instance'
|
2
|
-
|
3
|
-
# NOTE: This template depends on vpc.rb
|
4
|
-
|
5
|
-
# Include common template code that will be used for examples that create EC2 instances.
|
6
|
-
include_template 'common/instance_deps.rb'
|
7
|
-
|
8
|
-
resource :instance, "AWS::EC2::Instance",
|
9
|
-
# Set a creation policy so that the stack will wait for
|
10
|
-
# on-instance provisioning to complete before marking the instance
|
11
|
-
# as done.
|
12
|
-
:CreationPolicy => {
|
13
|
-
:ResourceSignal => {
|
14
|
-
:Count => 1
|
15
|
-
}
|
16
|
-
} do
|
17
|
-
# Chef provisioning depends on cfn-init, so set that up first.
|
18
|
-
# We will have the initial provisioning set up cfn-hup, install chef, and run our cookbooks.
|
19
|
-
# Cfn-hup will only rerun chef when the metadata changes.
|
20
|
-
cfn_init_setup signal: :instance,
|
21
|
-
cfn_init_config_set: [ :cfn_hup, :install_chef, :run_chef],
|
22
|
-
cfn_hup_config_set: [ :cfn_hup, :run_chef]
|
23
|
-
|
24
|
-
# Configure chef to generate a Berksfile that will download the AWS cookbook from the Chef supermarket.
|
25
|
-
# Set the run list to run the AWS cookbook, so our instance will have the AWS SDK available.
|
26
|
-
chef_solo version: 'latest',
|
27
|
-
node: {
|
28
|
-
cfer: {
|
29
|
-
demo: {
|
30
|
-
welcome: "Welcome to Cfer!"
|
31
|
-
}
|
32
|
-
},
|
33
|
-
run_list: 'recipe[ec2-demo]'
|
34
|
-
},
|
35
|
-
# We specify a berksfile inline, but you could read this from somewhere else in your repo too.
|
36
|
-
# This uses a simple cookbook to write a file, similar to the instance.rb example.
|
37
|
-
# Review this cookbook here: https://github.com/seanedwards/cfer-cookbook-demo
|
38
|
-
berksfile: <<-EOF
|
39
|
-
source "https://supermarket.chef.io"
|
40
|
-
cookbook 'ec2-demo', github: 'seanedwards/cfer-cookbook-demo', branch: 'master'
|
41
|
-
EOF
|
42
|
-
|
43
|
-
image_id Fn::ref(:ImageId)
|
44
|
-
instance_type Fn::ref(:InstanceType)
|
45
|
-
key_name Fn::ref(:KeyName)
|
46
|
-
|
47
|
-
network_interfaces [ {
|
48
|
-
AssociatePublicIpAddress: "true",
|
49
|
-
DeviceIndex: "0",
|
50
|
-
GroupSet: [ Fn::ref(:instancesg) ],
|
51
|
-
SubnetId: Fn::ref(:SubnetId)
|
52
|
-
} ]
|
53
|
-
end
|
54
|
-
|
55
|
-
output :instance, Fn::ref(:instance)
|
56
|
-
output :instanceip, Fn::get_att(:instance, :PublicIp)
|