cfn-model 0.0.9 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (35) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cfn-model/model/bucket_policy.rb +4 -0
  3. data/lib/cfn-model/model/cfn_model.rb +18 -0
  4. data/lib/cfn-model/model/ec2_instance.rb +15 -0
  5. data/lib/cfn-model/model/ec2_network_interface.rb +18 -0
  6. data/lib/cfn-model/model/iam_group.rb +4 -10
  7. data/lib/cfn-model/model/iam_managed_policy.rb +2 -0
  8. data/lib/cfn-model/model/iam_policy.rb +2 -0
  9. data/lib/cfn-model/model/iam_role.rb +4 -10
  10. data/lib/cfn-model/model/iam_user.rb +5 -0
  11. data/lib/cfn-model/model/iam_user_to_group_addition.rb +10 -0
  12. data/lib/cfn-model/model/load_balancer.rb +37 -0
  13. data/lib/cfn-model/model/model_element.rb +4 -0
  14. data/lib/cfn-model/model/policy.rb +10 -0
  15. data/lib/cfn-model/model/queue_policy.rb +3 -0
  16. data/lib/cfn-model/model/security_group.rb +4 -0
  17. data/lib/cfn-model/model/topic_policy.rb +3 -0
  18. data/lib/cfn-model/parser/ec2_instance_parser.rb +10 -0
  19. data/lib/cfn-model/parser/ec2_network_interface_parser.rb +10 -0
  20. data/lib/cfn-model/parser/iam_group_parser.rb +17 -0
  21. data/lib/cfn-model/parser/iam_role_parser.rb +6 -6
  22. data/lib/cfn-model/parser/iam_user_parser.rb +13 -1
  23. data/lib/cfn-model/parser/load_balancer_parser.rb +10 -0
  24. data/lib/cfn-model/parser/load_balancer_v2_parser.rb +15 -0
  25. data/lib/cfn-model/parser/parser_registry.rb +6 -1
  26. data/lib/cfn-model/parser/security_group_parser.rb +4 -4
  27. data/lib/cfn-model/parser/with_policy_document_parser.rb +1 -1
  28. data/lib/cfn-model/schema/AWS_EC2_Instance.yml +146 -0
  29. data/lib/cfn-model/schema/AWS_EC2_NetworkInterface.yml +62 -0
  30. data/lib/cfn-model/schema/AWS_EC2_NetworkInterfaceAttachment.yml +24 -0
  31. data/lib/cfn-model/schema/AWS_EC2_SecurityGroup.yml +14 -0
  32. data/lib/cfn-model/schema/AWS_ElasticLoadBalancingV2_LoadBalancer.yml +56 -0
  33. data/lib/cfn-model/schema/AWS_ElasticLoadBalancing_LoadBalancer.yml +157 -1
  34. data/lib/cfn-model/schema/AWS_IAM_User.yml +2 -2
  35. metadata +16 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 9464ccb5aeb4d72a6ee7934e5f703e1740615c5a
4
- data.tar.gz: a9656a1d245d91fe13b4a173b59a70dd35d9fb18
3
+ metadata.gz: b40be56bb9e42ec1fba35ad4529c386233317a61
4
+ data.tar.gz: f4c348c41667a8331a283773acc0e3eceece5d70
5
5
  SHA512:
6
- metadata.gz: eafd2f325ccfc4a7a310c1ec19b50e4f63ccea271d5bbc00cfcea9685a6d0e0be0bfccce3ff7cac87072e0ed7b2f73077809b0eb25322d98d96390105e4d2bdd
7
- data.tar.gz: 18b64e07a3dae4e93f1ab9819ca920432d95687703838faea59e3b2a82254e7ecf637b0bca7afcb3a66b1ae4fff77e3ded722edda4cf79454aaf61a50293fe24
6
+ metadata.gz: 5aae1c11924963643a52f60f94926412ae25142c37b46c80d29447562a48e89b4678d57a1363044e3778c875be6502f7535f46098686354e03475e871a8d5694
7
+ data.tar.gz: b05b8a0cef40e5ee4252586104a71b54221f4b232c787dad86c360b9d49b60531f725c2219235fd91a88a6b56d462e6c48c36abde1f90682a9a92fa4a0d25bf7
@@ -1,8 +1,12 @@
1
1
  require_relative 'model_element'
2
2
 
3
3
  class AWS::S3::BucketPolicy < ModelElement
4
+ # mapped from document
4
5
  attr_accessor :bucket, :policyDocument
5
6
 
7
+ # PolicyDocument - objectified policyDocument
8
+ attr_accessor :policy_document
9
+
6
10
  def initialize
7
11
  @resource_type = 'AWS::S3::BucketPolicy'
8
12
  end
@@ -40,6 +40,24 @@ class CfnModel
40
40
  @resources.values.select { |resource| resource.resource_type == resource_type }
41
41
  end
42
42
 
43
+ def find_security_group_by_group_id(security_group_reference)
44
+ security_group_id = References.resolve_security_group_id(security_group_reference)
45
+ if security_group_id.nil?
46
+ # leave it alone since external ref or something we don't grok
47
+ security_group_reference
48
+ else
49
+ matched_security_group = security_groups.find do |security_group|
50
+ security_group.logical_resource_id == security_group_id
51
+ end
52
+ if matched_security_group.nil?
53
+ # leave it alone since external ref or something we don't grok
54
+ security_group_reference
55
+ else
56
+ matched_security_group
57
+ end
58
+ end
59
+ end
60
+
43
61
  def to_s
44
62
  @resources.to_s
45
63
  end
@@ -0,0 +1,15 @@
1
+ require_relative 'model_element'
2
+
3
+ class AWS::EC2::Instance < ModelElement
4
+ attr_accessor :securityGroupIds, :networkInterfaces
5
+
6
+ # SecurityGroup objects based upon securityGroupIds
7
+ attr_accessor :security_groups
8
+
9
+ def initialize
10
+ @securityGroupIds = []
11
+ @networkInterfaces = []
12
+ @security_groups = []
13
+ @resource_type = 'AWS::EC2::Instance'
14
+ end
15
+ end
@@ -0,0 +1,18 @@
1
+ require_relative 'model_element'
2
+
3
+ class AWS::EC2::NetworkInterface < ModelElement
4
+ attr_accessor :groupSet, :ipv6Addresses, :privateIpAddresses, :tags
5
+ attr_accessor :description, :ipv6AddressCount, :privateIpAddress, :secondaryPrivateIpAddressCount, :sourceDestCheck, :subnetId
6
+
7
+ # SecurityGroup objects based upon groupSet
8
+ attr_accessor :security_groups
9
+
10
+ def initialize
11
+ @groupSet = []
12
+ @ipv6Addresses = []
13
+ @privateIpAddresses = []
14
+ @tags = []
15
+ @security_groups = []
16
+ @resource_type = 'AWS::EC2::NetworkInterface'
17
+ end
18
+ end
@@ -3,19 +3,13 @@ require_relative 'model_element'
3
3
  class AWS::IAM::Group < ModelElement
4
4
  attr_accessor :groupName, :managedPolicyArns, :path, :policies
5
5
 
6
+ # synthesized version of policies
7
+ attr_accessor :policy_objects
8
+
6
9
  def initialize
7
10
  @managedPolicyArns = []
8
11
  @policies = []
12
+ @policy_objects = []
9
13
  @resource_type = 'AWS::IAM::Group'
10
14
  end
11
15
  end
12
-
13
-
14
- class AWS::IAM::UserToGroupAddition < ModelElement
15
- attr_accessor :groupName, :users
16
-
17
- def initialize
18
- @users = []
19
- @resource_type = 'AWS::IAM::UserToGroupAddition'
20
- end
21
- end
@@ -3,6 +3,8 @@ require_relative 'model_element'
3
3
  class AWS::IAM::ManagedPolicy < ModelElement
4
4
  attr_accessor :description, :managedPolicyName, :policyDocument, :groups, :roles, :users, :path
5
5
 
6
+ attr_accessor :policy_document
7
+
6
8
  def initialize
7
9
  @groups = []
8
10
  @roles = []
@@ -3,6 +3,8 @@ require_relative 'model_element'
3
3
  class AWS::IAM::Policy < ModelElement
4
4
  attr_accessor :policyName, :policyDocument, :groups, :roles, :users
5
5
 
6
+ attr_accessor :policy_document
7
+
6
8
  def initialize
7
9
  @groups = []
8
10
  @roles = []
@@ -1,20 +1,14 @@
1
1
  require_relative 'model_element'
2
2
 
3
- class AWS::IAM::Role < ModelElement
3
+ class AWS::IAM::Role < ModelElement
4
4
  attr_accessor :roleName, :assumeRolePolicyDocument, :policies, :path, :managedPolicyArns
5
5
 
6
+ attr_accessor :policy_objects, :assume_role_policy_document
7
+
6
8
  def initialize
7
9
  @policies = []
8
10
  @managedPolicyArns = []
11
+ @policy_objects = []
9
12
  @resource_type = 'AWS::IAM::Role'
10
13
  end
11
14
  end
12
-
13
- class Policy
14
- attr_accessor :policyName, :policyDocument
15
-
16
- def ==(another_policy)
17
- policyName == another_policy.policyName &&
18
- policyDocument == another_policy.policyDocument
19
- end
20
- end
@@ -3,9 +3,14 @@ require_relative 'model_element'
3
3
  class AWS::IAM::User < ModelElement
4
4
  attr_accessor :groups, :loginProfile, :path, :policies, :userName
5
5
 
6
+ # synthesized version of policies
7
+ attr_accessor :policy_objects, :group_names
8
+
6
9
  def initialize
7
10
  @groups = []
8
11
  @policies = []
12
+ @policy_objects = []
13
+ @group_names = []
9
14
  @resource_type = 'AWS::IAM::User'
10
15
  end
11
16
  end
@@ -0,0 +1,10 @@
1
+ require_relative 'model_element'
2
+
3
+ class AWS::IAM::UserToGroupAddition < ModelElement
4
+ attr_accessor :groupName, :users
5
+
6
+ def initialize
7
+ @users = []
8
+ @resource_type = 'AWS::IAM::UserToGroupAddition'
9
+ end
10
+ end
@@ -0,0 +1,37 @@
1
+ require_relative 'model_element'
2
+
3
+ class AWS::ElasticLoadBalancing::LoadBalancer < ModelElement
4
+ attr_accessor :securityGroups, :subnets, :tags, :scheme, :loadBalancerName, :crossZone, :availabilityZones, :connectionDrainingPolicy
5
+ attr_accessor :connectionSettings, :accessLoggingPolicy, :instances, :appCookieStickinessPolicy, :lBCookieStickinessPolicy, :healthCheck, :policies, :listeners
6
+
7
+ attr_accessor :security_groups
8
+
9
+ def initialize
10
+ @securityGroups = []
11
+ @security_groups = []
12
+ @subnets = []
13
+ @tags = []
14
+ @availabilityZones = []
15
+ @instances = []
16
+ @appCookieStickinessPolicy = []
17
+ @lBCookieStickinessPolicy = []
18
+ @policies = []
19
+ @listeners = []
20
+ @resource_type = 'AWS::ElasticLoadBalancing::LoadBalancer'
21
+ end
22
+ end
23
+
24
+ class AWS::ElasticLoadBalancingV2::LoadBalancer < ModelElement
25
+ attr_accessor :securityGroups, :loadBalancerAttributes, :subnets, :tags, :scheme, :name, :ipAddressType
26
+
27
+ attr_accessor :security_groups
28
+
29
+ def initialize
30
+ @securityGroups = []
31
+ @security_groups = []
32
+ @loadBalancerAttributes = []
33
+ @subnets = []
34
+ @tags = []
35
+ @resource_type = 'AWS::ElasticLoadBalancingV2::LoadBalancer'
36
+ end
37
+ end
@@ -12,6 +12,10 @@ module AWS
12
12
 
13
13
  end
14
14
 
15
+ module ElasticLoadBalancingV2
16
+
17
+ end
18
+
15
19
  module IAM
16
20
 
17
21
  end
@@ -0,0 +1,10 @@
1
+ require_relative 'model_element'
2
+
3
+ class Policy
4
+ attr_accessor :policy_name, :policy_document
5
+
6
+ def ==(another_policy)
7
+ policy_name == another_policy.policy_name &&
8
+ policy_document == another_policy.policy_document
9
+ end
10
+ end
@@ -3,6 +3,9 @@ require_relative 'model_element'
3
3
  class AWS::SQS::QueuePolicy < ModelElement
4
4
  attr_accessor :queues, :policyDocument
5
5
 
6
+ # PolicyDocument - objectified policyDocument
7
+ attr_accessor :policy_document
8
+
6
9
  def initialize
7
10
  @queues = []
8
11
  @resource_type = 'AWS::SQS::QueuePolicy'
@@ -5,9 +5,13 @@ class AWS::EC2::SecurityGroup < ModelElement
5
5
  attr_accessor :tags
6
6
  attr_accessor :securityGroupIngress, :securityGroupEgress
7
7
 
8
+ attr_accessor :ingresses, :egresses
9
+
8
10
  def initialize
9
11
  @securityGroupIngress = []
10
12
  @securityGroupEgress = []
13
+ @ingresses = []
14
+ @egresses = []
11
15
  @tags = []
12
16
  @resource_type = 'AWS::EC2::SecurityGroup'
13
17
  end
@@ -3,6 +3,9 @@ require_relative 'model_element'
3
3
  class AWS::SNS::TopicPolicy < ModelElement
4
4
  attr_accessor :topics, :policyDocument
5
5
 
6
+ # PolicyDocument - objectified policyDocument
7
+ attr_accessor :policy_document
8
+
6
9
  def initialize
7
10
  @topics = []
8
11
  @resource_type = 'AWS::SNS::TopicPolicy'
@@ -0,0 +1,10 @@
1
+ class Ec2InstanceParser
2
+ def parse(cfn_model:, resource:)
3
+ ec2_instance = resource
4
+
5
+ ec2_instance.security_groups = ec2_instance.securityGroupIds.map do |security_group_reference|
6
+ cfn_model.find_security_group_by_group_id(security_group_reference)
7
+ end
8
+ ec2_instance
9
+ end
10
+ end
@@ -0,0 +1,10 @@
1
+ class Ec2NetworkInterfaceParser
2
+ def parse(cfn_model:, resource:)
3
+ network_interface = resource
4
+
5
+ network_interface.security_groups = network_interface.groupSet.map do |security_group_reference|
6
+ cfn_model.find_security_group_by_group_id(security_group_reference)
7
+ end
8
+ network_interface
9
+ end
10
+ end
@@ -0,0 +1,17 @@
1
+ require 'cfn-model/model/iam_role'
2
+ require 'cfn-model/model/policy'
3
+ require_relative 'policy_document_parser'
4
+
5
+ class IamGroupParser
6
+ def parse(cfn_model:, resource:)
7
+ iam_group = resource
8
+
9
+ iam_group.policy_objects = iam_group.policies.map do |policy|
10
+ new_policy = Policy.new
11
+ new_policy.policyName = policy['PolicyName']
12
+ new_policy.policyDocument = PolicyDocumentParser.new.parse(policy['PolicyDocument'])
13
+ new_policy
14
+ end
15
+ iam_group
16
+ end
17
+ end
@@ -1,20 +1,20 @@
1
1
  require 'cfn-model/model/iam_role'
2
- require 'cfn-model/model/policy_document'
2
+ require 'cfn-model/model/policy'
3
3
  require_relative 'policy_document_parser'
4
4
 
5
5
  class IamRoleParser
6
6
  def parse(cfn_model:, resource:)
7
7
  iam_role = resource
8
8
 
9
- iam_role.assumeRolePolicyDocument = PolicyDocumentParser.new.parse(iam_role.assumeRolePolicyDocument)
10
-
11
- iam_role.policies = iam_role.policies.map do |policy|
9
+ iam_role.assume_role_policy_document = PolicyDocumentParser.new.parse(iam_role.assumeRolePolicyDocument)
12
10
 
11
+ iam_role.policy_objects = iam_role.policies.map do |policy|
13
12
  new_policy = Policy.new
14
- new_policy.policyName = policy['PolicyName']
15
- new_policy.policyDocument = PolicyDocumentParser.new.parse(policy['PolicyDocument'])
13
+ new_policy.policy_name = policy['PolicyName']
14
+ new_policy.policy_document = PolicyDocumentParser.new.parse(policy['PolicyDocument'])
16
15
  new_policy
17
16
  end
17
+
18
18
  iam_role
19
19
  end
20
20
  end
@@ -1,13 +1,25 @@
1
+ require 'cfn-model/model/policy_document'
2
+ require 'cfn-model/model/policy'
3
+ require_relative 'policy_document_parser'
1
4
 
2
5
  class IamUserParser
3
6
  def parse(cfn_model:, resource:)
4
7
  iam_user = resource
5
8
 
9
+ iam_user.policy_objects = iam_user.policies.map do |policy|
10
+ new_policy = Policy.new
11
+ new_policy.policy_name = policy['PolicyName']
12
+ new_policy.policy_document = PolicyDocumentParser.new.parse(policy['PolicyDocument'])
13
+ new_policy
14
+ end
15
+
16
+ iam_user.groups.each { |group_name| iam_user.group_names << group_name }
17
+
6
18
  user_to_group_additions = cfn_model.resources_by_type 'AWS::IAM::UserToGroupAddition'
7
19
  user_to_group_additions.each do |user_to_group_addition|
8
20
 
9
21
  if user_to_group_addition_has_username(user_to_group_addition.users,iam_user)
10
- iam_user.groups << user_to_group_addition.groupName
22
+ iam_user.group_names << user_to_group_addition.groupName
11
23
 
12
24
  # we need to figure out the story on resolving Refs i think for this to be real
13
25
  end
@@ -0,0 +1,10 @@
1
+ class LoadBalancerParser
2
+ def parse(cfn_model:, resource:)
3
+ load_balancer = resource
4
+
5
+ load_balancer.security_groups = load_balancer.securityGroups.map do |security_group_reference|
6
+ cfn_model.find_security_group_by_group_id(security_group_reference)
7
+ end
8
+ load_balancer
9
+ end
10
+ end
@@ -0,0 +1,15 @@
1
+ class LoadBalancerV2Parser
2
+ def parse(cfn_model:, resource:)
3
+ load_balancer = resource
4
+
5
+ #could be a List<Subnet::Id>
6
+ # if load_balancer.subnets.size < 2
7
+ # raise ParserError.new("Load Balancer must have at least two subnets: #{load_balancer.logical_resource_id}")
8
+ # end
9
+
10
+ load_balancer.security_groups = load_balancer.securityGroups.map do |security_group_reference|
11
+ cfn_model.find_security_group_by_group_id(security_group_reference)
12
+ end
13
+ load_balancer
14
+ end
15
+ end
@@ -6,12 +6,17 @@ class ParserRegistry
6
6
  def initialize
7
7
  @registry = {
8
8
  'AWS::EC2::SecurityGroup' => SecurityGroupParser,
9
+ 'AWS::EC2::NetworkInterface' => Ec2NetworkInterfaceParser,
10
+ 'AWS::EC2::Instance' => Ec2InstanceParser,
11
+ 'AWS::ElasticLoadBalancing::LoadBalancer' => LoadBalancerParser,
12
+ 'AWS::ElasticLoadBalancingV2::LoadBalancer' => LoadBalancerV2Parser,
13
+ 'AWS::IAM::Group' => IamGroupParser,
9
14
  'AWS::IAM::User' => IamUserParser,
10
15
  'AWS::IAM::Role' => IamRoleParser,
11
16
  'AWS::IAM::Policy' => WithPolicyDocumentParser,
12
17
  'AWS::IAM::ManagedPolicy' => WithPolicyDocumentParser,
13
- 'AWS::SNS::TopicPolicy' => WithPolicyDocumentParser,
14
18
  'AWS::S3::BucketPolicy' => WithPolicyDocumentParser,
19
+ 'AWS::SNS::TopicPolicy' => WithPolicyDocumentParser,
15
20
  'AWS::SQS::QueuePolicy' => WithPolicyDocumentParser
16
21
  }
17
22
  end
@@ -24,7 +24,7 @@ class SecurityGroupParser
24
24
  security_group.securityGroupIngress = [security_group.securityGroupIngress]
25
25
  end
26
26
 
27
- security_group.securityGroupIngress = security_group.securityGroupIngress.map do |ingress|
27
+ security_group.ingresses = security_group.securityGroupIngress.map do |ingress|
28
28
  ingress_object = AWS::EC2::SecurityGroupIngress.new
29
29
  ingress.each do |k,v|
30
30
  ingress_object.send("#{initialLower(k)}=", v)
@@ -39,7 +39,7 @@ class SecurityGroupParser
39
39
  security_group.securityGroupEgress = [security_group.securityGroupEgress]
40
40
  end
41
41
 
42
- security_group.securityGroupEgress = security_group.securityGroupEgress.map do |egress|
42
+ security_group.egresses = security_group.securityGroupEgress.map do |egress|
43
43
  egress_object = AWS::EC2::SecurityGroupEgress.new
44
44
  egress.each do |k,v|
45
45
  egress_object.send("#{initialLower(k)}=", v)
@@ -62,7 +62,7 @@ class SecurityGroupParser
62
62
  next if group_id.nil?
63
63
 
64
64
  if security_group.logical_resource_id == group_id
65
- security_group.securityGroupIngress << security_group_ingress
65
+ security_group.ingresses << security_group_ingress
66
66
  end
67
67
  end
68
68
  end
@@ -76,7 +76,7 @@ class SecurityGroupParser
76
76
  next if group_id.nil?
77
77
 
78
78
  if security_group.logical_resource_id == group_id
79
- security_group.securityGroupEgress << security_group_egress
79
+ security_group.egresses << security_group_egress
80
80
  end
81
81
  end
82
82
  end
@@ -4,7 +4,7 @@ require_relative 'policy_document_parser'
4
4
 
5
5
  class WithPolicyDocumentParser
6
6
  def parse(cfn_model:, resource:)
7
- resource.policyDocument = PolicyDocumentParser.new.parse(resource.policyDocument)
7
+ resource.policy_document = PolicyDocumentParser.new.parse(resource.policyDocument)
8
8
  resource
9
9
  end
10
10
  end
@@ -0,0 +1,146 @@
1
+ ---
2
+ type: map
3
+ mapping:
4
+ Type:
5
+ type: str
6
+ required: yes
7
+ pattern: /AWS::EC2::Instance/
8
+ Properties:
9
+ type: map
10
+ required: yes
11
+ mapping:
12
+ BlockDeviceMappings:
13
+ type: seq
14
+ required: no
15
+ sequence:
16
+ - type: map
17
+ mapping:
18
+ DeviceName:
19
+ type: any
20
+ required: yes
21
+ =:
22
+ type: any
23
+ ImageId:
24
+ type: any
25
+ required: yes
26
+ Ipv6Addresses:
27
+ type: seq
28
+ required: no
29
+ sequence:
30
+ - type: map
31
+ mapping:
32
+ Ipv6Address:
33
+ type: any
34
+ required: yes
35
+ =:
36
+ type: any
37
+ NetworkInterfaces:
38
+ type: seq
39
+ required: no
40
+ sequence:
41
+ - type: map
42
+ mapping:
43
+ DeviceIndex:
44
+ type: any
45
+ required: yes
46
+ GroupSet:
47
+ type: seq
48
+ required: no
49
+ sequence:
50
+ - type: any
51
+ Ipv6Addresses:
52
+ type: seq
53
+ required: no
54
+ sequence:
55
+ - type: map
56
+ mapping:
57
+ Ipv6Address:
58
+ type: any
59
+ required: yes
60
+ =:
61
+ type: any
62
+ PrivateIpAddresses:
63
+ type: seq
64
+ required: no
65
+ sequence:
66
+ - type: map
67
+ mapping:
68
+ PrivateIpAddress:
69
+ type: any
70
+ required: yes
71
+ Primary:
72
+ type: any
73
+ required: yes
74
+ =:
75
+ type: any
76
+ =:
77
+ type: any
78
+
79
+ # sigh this could be List<AWS::EC2::SecurityGroup::Id> so can't enfore seq
80
+ SecurityGroupIds:
81
+ type: any
82
+ required: no
83
+
84
+ # sigh this could be List<AWS::EC2::SecurityGroup::GroupName> so can't enfore seq
85
+ SecurityGroups:
86
+ type: any
87
+ required: no
88
+
89
+ SsmAssociations:
90
+ type: seq
91
+ required: no
92
+ sequence:
93
+ - type: map
94
+ mapping:
95
+ AssociationParameters:
96
+ type: seq
97
+ required: no
98
+ sequence:
99
+ - type: map
100
+ mapping:
101
+ Key:
102
+ type: any
103
+ required: yes
104
+ Value:
105
+ type: seq
106
+ required: yes
107
+ sequence:
108
+ - type: any
109
+ =:
110
+ type: any
111
+ DocumentName:
112
+ required: yes
113
+ type: any
114
+
115
+ Tags:
116
+ type: seq
117
+ required: no
118
+ sequence:
119
+ - type: map
120
+ mapping:
121
+ Key:
122
+ type: any
123
+ required: yes
124
+ Value:
125
+ type: any
126
+ required: yes
127
+ =:
128
+ type: any
129
+ Volumes:
130
+ type: seq
131
+ required: no
132
+ sequence:
133
+ - type: map
134
+ mapping:
135
+ Device:
136
+ type: any
137
+ required: yes
138
+ VolumeId:
139
+ type: any
140
+ required: yes
141
+ =:
142
+ type: any
143
+ =:
144
+ type: any
145
+ =:
146
+ type: any
@@ -0,0 +1,62 @@
1
+ ---
2
+ type: map
3
+ mapping:
4
+ Type:
5
+ type: str
6
+ required: yes
7
+ pattern: /AWS::EC2::NetworkInterface/
8
+ Properties:
9
+ type: map
10
+ required: yes
11
+ mapping:
12
+ # sigh this could be List<AWS::EC2::SecurityGroup::Id> so can't enfore seq
13
+ GroupSet:
14
+ type: any
15
+ required: no
16
+
17
+ Ipv6Addresses:
18
+ type: seq
19
+ required: no
20
+ sequence:
21
+ - type: map
22
+ mapping:
23
+ Ipv6Address:
24
+ type: any
25
+ required: yes
26
+ =:
27
+ type: any
28
+ PrivateIpAddresses:
29
+ type: seq
30
+ required: no
31
+ sequence:
32
+ - type: map
33
+ mapping:
34
+ PrivateIpAddress:
35
+ type: any
36
+ required: yes
37
+ Primary:
38
+ type: any
39
+ required: yes
40
+ =:
41
+ type: any
42
+ SubnetId:
43
+ type: any
44
+ required: yes
45
+ Tags:
46
+ type: seq
47
+ required: no
48
+ sequence:
49
+ - type: map
50
+ mapping:
51
+ Key:
52
+ type: any
53
+ required: yes
54
+ Value:
55
+ type: any
56
+ required: yes
57
+ =:
58
+ type: any
59
+ =:
60
+ type: any
61
+ =:
62
+ type: any
@@ -0,0 +1,24 @@
1
+ ---
2
+ type: map
3
+ mapping:
4
+ Type:
5
+ type: str
6
+ required: yes
7
+ pattern: /AWS::EC2::NetworkInterfaceAttachment/
8
+ Properties:
9
+ type: map
10
+ required: yes
11
+ mapping:
12
+ DeviceIndex:
13
+ type: any
14
+ required: yes
15
+ InstanceId:
16
+ type: any
17
+ required: yes
18
+ NetworkInterfaceId:
19
+ type: any
20
+ required: yes
21
+ =:
22
+ type: any
23
+ =:
24
+ type: any
@@ -15,6 +15,20 @@ mapping:
15
15
  VpcId:
16
16
  type: any
17
17
  required: yes
18
+ Tags:
19
+ type: seq
20
+ required: no
21
+ sequence:
22
+ - type: map
23
+ mapping:
24
+ Key:
25
+ type: any
26
+ required: yes
27
+ Value:
28
+ type: any
29
+ required: yes
30
+ =:
31
+ type: any
18
32
  # this can be a Hash or an Array... kwalify doesn't seem to have a union concept so defer any such
19
33
  # validation into the parser object
20
34
  # SecurityGroupIngress:
@@ -0,0 +1,56 @@
1
+ ---
2
+ type: map
3
+ mapping:
4
+ Type:
5
+ type: str
6
+ required: yes
7
+ pattern: /AWS::ElasticLoadBalancingV2::LoadBalancer/
8
+ Properties:
9
+ type: map
10
+ required: yes
11
+ mapping:
12
+ LoadBalancerAttributes:
13
+ type: seq
14
+ required: no
15
+ sequence:
16
+ - type: map
17
+ mapping:
18
+ Key:
19
+ type: any
20
+ required: yes
21
+ Value:
22
+ type: any
23
+ required: yes
24
+ =:
25
+ type: any
26
+
27
+ # sigh this could be List<AWS::EC2::SecurityGroup::Id> so can't enfore seq
28
+ SecurityGroups:
29
+ type: any
30
+ required: no
31
+
32
+ # sigh this could be List<AWS::EC2::Subnet::Id> so can't enfore seq
33
+ Subnets:
34
+ type: any
35
+ required: yes
36
+
37
+ Tags:
38
+ type: seq
39
+ required: no
40
+ sequence:
41
+ - type: map
42
+ mapping:
43
+ Key:
44
+ type: any
45
+ required: yes
46
+ Value:
47
+ type: any
48
+ required: yes
49
+ =:
50
+ type: any
51
+ =:
52
+ type: any
53
+ =:
54
+ type: any
55
+
56
+
@@ -21,11 +21,167 @@ mapping:
21
21
  required: yes
22
22
  =:
23
23
  type: any
24
+ AppCookieStickinessPolicy:
25
+ type: seq
26
+ required: no
27
+ sequence:
28
+ - type: map
29
+ mapping:
30
+ CookieName:
31
+ type: any
32
+ required: yes
33
+ PolicyName:
34
+ type: any
35
+ required: yes
36
+ =:
37
+ type: any
38
+
39
+ # sigh this could be List<AWS::EC2::AvailabilityZone::Name> so can't enfore seq
40
+ AvailabilityZones:
41
+ type: any
42
+ required: no
43
+
44
+ ConnectionDrainingPolicy:
45
+ type: map
46
+ required: no
47
+ mapping:
48
+ Enabled:
49
+ type: any
50
+ required: yes
51
+ Timeout:
52
+ type: any
53
+ required: no
54
+ =:
55
+ type: any
56
+ ConnectionSettings:
57
+ type: map
58
+ required: no
59
+ mapping:
60
+ IdleTimeout:
61
+ type: any
62
+ required: yes
63
+ =:
64
+ type: any
65
+ HealthCheck:
66
+ type: map
67
+ required: no
68
+ mapping:
69
+ HealthyThreshold:
70
+ type: any
71
+ required: yes
72
+ Interval:
73
+ type: any
74
+ required: yes
75
+ Target:
76
+ type: any
77
+ required: yes
78
+ Timeout:
79
+ type: any
80
+ required: yes
81
+ UnhealthyThreshold:
82
+ type: any
83
+ required: yes
84
+ =:
85
+ type: any
86
+
87
+ # sigh this could be List<AWS::EC2::Instance::Id> so can't enfore seq
88
+ Instances:
89
+ type: any
90
+ required: no
91
+
92
+ LBCookieStickinessPolicy:
93
+ type: map
94
+ required: no
95
+ mapping:
96
+ CookieExpirationPeriod:
97
+ type: any
98
+ required: no
99
+ PolicyName:
100
+ type: any
101
+ required: yes
102
+ =:
103
+ type: any
24
104
  Listeners:
25
105
  type: seq
26
106
  required: yes
27
107
  sequence:
28
- - type: any
108
+ - type: map
109
+ mapping:
110
+ InstancePort:
111
+ type: any
112
+ required: yes
113
+ LoadBalancerPort:
114
+ type: any
115
+ required: yes
116
+ PolicyNames:
117
+ type: seq
118
+ required: no
119
+ sequence:
120
+ - type: any
121
+ =:
122
+ type: any
123
+ Policies:
124
+ type: seq
125
+ required: no
126
+ sequence:
127
+ - type: map
128
+ mapping:
129
+ Attributes:
130
+ type: seq
131
+ required: yes
132
+ sequence:
133
+ - type: map
134
+ required: yes
135
+ mapping:
136
+ Name:
137
+ type: any
138
+ required: yes
139
+ Value:
140
+ type: any
141
+ required: yes
142
+ =:
143
+ type: any
144
+ InstancePorts:
145
+ type: seq
146
+ required: no
147
+ sequence:
148
+ - type: any
149
+ LoadBalancerPorts:
150
+ type: seq
151
+ required: no
152
+ sequence:
153
+ - type: any
154
+ PolicyName:
155
+ type: any
156
+ required: yes
157
+ PolicyType:
158
+ type: any
159
+ required: yes
160
+
161
+ # sigh this could be List<AWS::EC2::SecurityGroup::Id> so can't enfore seq
162
+ SecurityGroups:
163
+ type: any
164
+ required: no
165
+
166
+ # sigh this could be List<AWS::EC2::Subnet::Id> so can't enfore seq
167
+ Subnets:
168
+ type: any
169
+ required: no
170
+
171
+ Tags:
172
+ type: seq
173
+ required: no
174
+ sequence:
175
+ - type: map
176
+ mapping:
177
+ Key:
178
+ type: any
179
+ required: yes
180
+ Value:
181
+ type: any
182
+ required: yes
183
+ =:
184
+ type: any
29
185
  =:
30
186
  type: any
31
187
  =:
@@ -18,8 +18,8 @@ mapping:
18
18
  required: no
19
19
  mapping:
20
20
  Password:
21
- type: any
22
- required: yes
21
+ type: any
22
+ required: yes
23
23
  =:
24
24
  type: any
25
25
  ManagedPolicyArns:
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cfn-model
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.9
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Eric Kascic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-07-24 00:00:00.000000000 Z
11
+ date: 2017-07-28 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: kwalify
@@ -35,12 +35,17 @@ files:
35
35
  - lib/cfn-model.rb
36
36
  - lib/cfn-model/model/bucket_policy.rb
37
37
  - lib/cfn-model/model/cfn_model.rb
38
+ - lib/cfn-model/model/ec2_instance.rb
39
+ - lib/cfn-model/model/ec2_network_interface.rb
38
40
  - lib/cfn-model/model/iam_group.rb
39
41
  - lib/cfn-model/model/iam_managed_policy.rb
40
42
  - lib/cfn-model/model/iam_policy.rb
41
43
  - lib/cfn-model/model/iam_role.rb
42
44
  - lib/cfn-model/model/iam_user.rb
45
+ - lib/cfn-model/model/iam_user_to_group_addition.rb
46
+ - lib/cfn-model/model/load_balancer.rb
43
47
  - lib/cfn-model/model/model_element.rb
48
+ - lib/cfn-model/model/policy.rb
44
49
  - lib/cfn-model/model/policy_document.rb
45
50
  - lib/cfn-model/model/principal.rb
46
51
  - lib/cfn-model/model/queue_policy.rb
@@ -51,17 +56,26 @@ files:
51
56
  - lib/cfn-model/model/statement.rb
52
57
  - lib/cfn-model/model/topic_policy.rb
53
58
  - lib/cfn-model/parser/cfn_parser.rb
59
+ - lib/cfn-model/parser/ec2_instance_parser.rb
60
+ - lib/cfn-model/parser/ec2_network_interface_parser.rb
61
+ - lib/cfn-model/parser/iam_group_parser.rb
54
62
  - lib/cfn-model/parser/iam_role_parser.rb
55
63
  - lib/cfn-model/parser/iam_user_parser.rb
64
+ - lib/cfn-model/parser/load_balancer_parser.rb
65
+ - lib/cfn-model/parser/load_balancer_v2_parser.rb
56
66
  - lib/cfn-model/parser/parser_error.rb
57
67
  - lib/cfn-model/parser/parser_registry.rb
58
68
  - lib/cfn-model/parser/policy_document_parser.rb
59
69
  - lib/cfn-model/parser/security_group_parser.rb
60
70
  - lib/cfn-model/parser/with_policy_document_parser.rb
61
71
  - lib/cfn-model/schema/AWS_CloudFront_Distribution.yml
72
+ - lib/cfn-model/schema/AWS_EC2_Instance.yml
73
+ - lib/cfn-model/schema/AWS_EC2_NetworkInterface.yml
74
+ - lib/cfn-model/schema/AWS_EC2_NetworkInterfaceAttachment.yml
62
75
  - lib/cfn-model/schema/AWS_EC2_SecurityGroup.yml
63
76
  - lib/cfn-model/schema/AWS_EC2_SecurityGroupEgress.yml
64
77
  - lib/cfn-model/schema/AWS_EC2_SecurityGroupIngress.yml
78
+ - lib/cfn-model/schema/AWS_ElasticLoadBalancingV2_LoadBalancer.yml
65
79
  - lib/cfn-model/schema/AWS_ElasticLoadBalancing_LoadBalancer.yml
66
80
  - lib/cfn-model/schema/AWS_IAM_Group.yml
67
81
  - lib/cfn-model/schema/AWS_IAM_ManagedPolicy.yml