cfn-model 0.4.30 → 0.4.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/cfn-model/parser/cfn_parser.rb +4 -2
- data/lib/cfn-model/parser/iam_group_parser.rb +3 -2
- data/lib/cfn-model/parser/iam_role_parser.rb +4 -3
- data/lib/cfn-model/parser/iam_user_parser.rb +5 -4
- data/lib/cfn-model/parser/kms_key_parser.rb +1 -1
- data/lib/cfn-model/parser/policy_document_parser.rb +15 -13
- data/lib/cfn-model/parser/security_group_parser.rb +2 -2
- data/lib/cfn-model/parser/with_policy_document_parser.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1af7ad2e0d6f1ccc44f948bbeed9ecac11264ce1aff4bf9ef824461810cbf65e
|
|
4
|
+
data.tar.gz: 7d62f46f1cefd0f5f6347e5bfa25e10767250f81679eab502200262c82a6d8ef
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d714c8be48de3d60fa59a55948b407a8bed0875e7b8dc75bf872905caa38408858b8ebd51d57f603e90cc9b85148844e66cba7e44febb6118ff0a43370c2c4ff
|
|
7
|
+
data.tar.gz: d32238875efa9fb50d60f0d64ffce415117fb749145e80fcfa43dd11cf7eca2a4462a5fb82b1aea6527c14587baf58029e159e33d19a1b51aeb6bd202861ecbc
|
|
@@ -44,6 +44,9 @@ class CfnParser
|
|
|
44
44
|
|
|
45
45
|
apply_parameter_values(cfn_model, parameter_values_json)
|
|
46
46
|
|
|
47
|
+
# pass 2: tie together separate resources only where necessary to make life easier for rule logic
|
|
48
|
+
post_process_resource_model_elements cfn_model
|
|
49
|
+
|
|
47
50
|
cfn_model
|
|
48
51
|
end
|
|
49
52
|
|
|
@@ -87,8 +90,7 @@ class CfnParser
|
|
|
87
90
|
transform_hash_into_parameters cfn_hash, cfn_model
|
|
88
91
|
transform_hash_into_globals cfn_hash, cfn_model
|
|
89
92
|
|
|
90
|
-
|
|
91
|
-
post_process_resource_model_elements cfn_model
|
|
93
|
+
|
|
92
94
|
|
|
93
95
|
cfn_model
|
|
94
96
|
end
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require 'cfn-model/model/iam_role'
|
|
4
4
|
require 'cfn-model/model/policy'
|
|
5
|
+
require 'cfn-model/model/references'
|
|
5
6
|
require_relative 'policy_document_parser'
|
|
6
7
|
|
|
7
8
|
class IamGroupParser
|
|
@@ -12,8 +13,8 @@ class IamGroupParser
|
|
|
12
13
|
next unless policy.has_key? 'PolicyName'
|
|
13
14
|
|
|
14
15
|
new_policy = Policy.new
|
|
15
|
-
new_policy.policy_name = policy['PolicyName']
|
|
16
|
-
new_policy.policy_document = PolicyDocumentParser.new.parse(policy['PolicyDocument'])
|
|
16
|
+
new_policy.policy_name = References.resolve_value(cfn_model, policy['PolicyName'])
|
|
17
|
+
new_policy.policy_document = PolicyDocumentParser.new.parse(cfn_model, policy['PolicyDocument'])
|
|
17
18
|
new_policy
|
|
18
19
|
end.reject { |policy| policy.nil? }
|
|
19
20
|
iam_group
|
|
@@ -2,20 +2,21 @@
|
|
|
2
2
|
|
|
3
3
|
require 'cfn-model/model/iam_role'
|
|
4
4
|
require 'cfn-model/model/policy'
|
|
5
|
+
require 'cfn-model/model/references'
|
|
5
6
|
require_relative 'policy_document_parser'
|
|
6
7
|
|
|
7
8
|
class IamRoleParser
|
|
8
9
|
def parse(cfn_model:, resource:)
|
|
9
10
|
iam_role = resource
|
|
10
11
|
|
|
11
|
-
iam_role.assume_role_policy_document = PolicyDocumentParser.new.parse(iam_role.assumeRolePolicyDocument)
|
|
12
|
+
iam_role.assume_role_policy_document = PolicyDocumentParser.new.parse(cfn_model, iam_role.assumeRolePolicyDocument)
|
|
12
13
|
|
|
13
14
|
iam_role.policy_objects = iam_role.policies.map do |policy|
|
|
14
15
|
next unless policy.has_key? 'PolicyName'
|
|
15
16
|
|
|
16
17
|
new_policy = Policy.new
|
|
17
|
-
new_policy.policy_name = policy['PolicyName']
|
|
18
|
-
new_policy.policy_document = PolicyDocumentParser.new.parse(policy['PolicyDocument'])
|
|
18
|
+
new_policy.policy_name = References.resolve_value(cfn_model, policy['PolicyName'])
|
|
19
|
+
new_policy.policy_document = PolicyDocumentParser.new.parse(cfn_model, policy['PolicyDocument'])
|
|
19
20
|
new_policy
|
|
20
21
|
end.reject { |policy| policy.nil? }
|
|
21
22
|
|
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require 'cfn-model/model/policy_document'
|
|
4
4
|
require 'cfn-model/model/policy'
|
|
5
|
+
require 'cfn-model/model/references'
|
|
5
6
|
require_relative 'policy_document_parser'
|
|
6
7
|
|
|
7
8
|
class IamUserParser
|
|
@@ -12,8 +13,8 @@ class IamUserParser
|
|
|
12
13
|
next unless policy.has_key? 'PolicyName'
|
|
13
14
|
|
|
14
15
|
new_policy = Policy.new
|
|
15
|
-
new_policy.policy_name = policy['PolicyName']
|
|
16
|
-
new_policy.policy_document = PolicyDocumentParser.new.parse(policy['PolicyDocument'])
|
|
16
|
+
new_policy.policy_name = References.resolve_value(cfn_model, policy['PolicyName'])
|
|
17
|
+
new_policy.policy_document = PolicyDocumentParser.new.parse(cfn_model, policy['PolicyDocument'])
|
|
17
18
|
new_policy
|
|
18
19
|
end.reject { |policy| policy.nil? }
|
|
19
20
|
|
|
@@ -22,8 +23,8 @@ class IamUserParser
|
|
|
22
23
|
user_to_group_additions = cfn_model.resources_by_type 'AWS::IAM::UserToGroupAddition'
|
|
23
24
|
user_to_group_additions.each do |user_to_group_addition|
|
|
24
25
|
|
|
25
|
-
if user_to_group_addition_has_username(user_to_group_addition.users,iam_user)
|
|
26
|
-
iam_user.group_names << user_to_group_addition.groupName
|
|
26
|
+
if user_to_group_addition_has_username(user_to_group_addition.users, iam_user)
|
|
27
|
+
iam_user.group_names << References.resolve_value(cfn_model, user_to_group_addition.groupName)
|
|
27
28
|
|
|
28
29
|
# we need to figure out the story on resolving Refs i think for this to be real
|
|
29
30
|
end
|
|
@@ -9,7 +9,7 @@ class KmsKeyParser
|
|
|
9
9
|
kms_key = resource
|
|
10
10
|
|
|
11
11
|
new_policy = Policy.new
|
|
12
|
-
new_policy.policy_document = PolicyDocumentParser.new.parse(kms_key.keyPolicy)
|
|
12
|
+
new_policy.policy_document = PolicyDocumentParser.new.parse(cfn_model, kms_key.keyPolicy)
|
|
13
13
|
kms_key.key_policy = new_policy
|
|
14
14
|
|
|
15
15
|
kms_key
|
|
@@ -1,16 +1,18 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'cfn-model/model/iam_policy'
|
|
4
|
+
require 'cfn-model/model/references'
|
|
5
|
+
|
|
4
6
|
require 'cfn-model/model/policy_document'
|
|
5
7
|
|
|
6
8
|
class PolicyDocumentParser
|
|
7
|
-
def parse(raw_policy_document)
|
|
9
|
+
def parse(cfn_model, raw_policy_document)
|
|
8
10
|
policy_document = PolicyDocument.new
|
|
9
11
|
|
|
10
|
-
policy_document.version = raw_policy_document['Version']
|
|
12
|
+
policy_document.version = References.resolve_value(cfn_model, raw_policy_document['Version'])
|
|
11
13
|
|
|
12
14
|
policy_document.statements = streamline_array(raw_policy_document['Statement']) do |statement|
|
|
13
|
-
parse_statement statement
|
|
15
|
+
parse_statement cfn_model, statement
|
|
14
16
|
end
|
|
15
17
|
|
|
16
18
|
policy_document
|
|
@@ -18,17 +20,17 @@ class PolicyDocumentParser
|
|
|
18
20
|
|
|
19
21
|
private
|
|
20
22
|
|
|
21
|
-
def parse_statement(raw_statement)
|
|
23
|
+
def parse_statement(cfn_model, raw_statement)
|
|
22
24
|
statement = Statement.new
|
|
23
|
-
statement.effect = raw_statement['Effect']
|
|
24
|
-
statement.sid = raw_statement['Sid']
|
|
25
|
-
statement.condition = raw_statement['Condition']
|
|
26
|
-
statement.actions = streamline_array(raw_statement['Action'])
|
|
27
|
-
statement.not_actions = streamline_array(raw_statement['NotAction'])
|
|
28
|
-
statement.resources = streamline_array(raw_statement['Resource'])
|
|
29
|
-
statement.not_resources = streamline_array(raw_statement['NotResource'])
|
|
30
|
-
statement.principal = raw_statement['Principal']
|
|
31
|
-
statement.not_principal = raw_statement['NotPrincipal']
|
|
25
|
+
statement.effect = References.resolve_value(cfn_model, raw_statement['Effect'])
|
|
26
|
+
statement.sid = References.resolve_value(cfn_model, raw_statement['Sid'])
|
|
27
|
+
statement.condition = References.resolve_value(cfn_model, raw_statement['Condition'])
|
|
28
|
+
statement.actions = References.resolve_value(cfn_model, streamline_array(raw_statement['Action']))
|
|
29
|
+
statement.not_actions = References.resolve_value(cfn_model, streamline_array(raw_statement['NotAction']))
|
|
30
|
+
statement.resources = References.resolve_value(cfn_model, streamline_array(raw_statement['Resource']))
|
|
31
|
+
statement.not_resources = References.resolve_value(cfn_model, streamline_array(raw_statement['NotResource']))
|
|
32
|
+
statement.principal = References.resolve_value(cfn_model, raw_statement['Principal'])
|
|
33
|
+
statement.not_principal = References.resolve_value(cfn_model, raw_statement['NotPrincipal'])
|
|
32
34
|
statement
|
|
33
35
|
end
|
|
34
36
|
|
|
@@ -38,7 +38,7 @@ class SecurityGroupParser
|
|
|
38
38
|
ingress_object = AWS::EC2::SecurityGroupIngress.new cfn_model
|
|
39
39
|
ingress.each do |k, v|
|
|
40
40
|
silently_fail do
|
|
41
|
-
ingress_object.send("#{initialLower(k)}=", v)
|
|
41
|
+
ingress_object.send("#{initialLower(k)}=", References.resolve_value(cfn_model, v))
|
|
42
42
|
mapped_at_least_one_attribute = true
|
|
43
43
|
end
|
|
44
44
|
end
|
|
@@ -59,7 +59,7 @@ class SecurityGroupParser
|
|
|
59
59
|
egress.each do |k, v|
|
|
60
60
|
next if k.match /::/
|
|
61
61
|
silently_fail do
|
|
62
|
-
egress_object.send("#{initialLower(k)}=", v)
|
|
62
|
+
egress_object.send("#{initialLower(k)}=", References.resolve_value(cfn_model, v))
|
|
63
63
|
mapped_at_least_one_attribute = true
|
|
64
64
|
end
|
|
65
65
|
|
|
@@ -6,7 +6,7 @@ require_relative 'policy_document_parser'
|
|
|
6
6
|
|
|
7
7
|
class WithPolicyDocumentParser
|
|
8
8
|
def parse(cfn_model:, resource:)
|
|
9
|
-
resource.policy_document = PolicyDocumentParser.new.parse(resource.policyDocument)
|
|
9
|
+
resource.policy_document = PolicyDocumentParser.new.parse(cfn_model, resource.policyDocument)
|
|
10
10
|
resource
|
|
11
11
|
end
|
|
12
12
|
end
|