cfndsl 0.4.4 → 0.5.0.pre

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. checksums.yaml +5 -13
  2. data/.rubocop.yml +23 -0
  3. data/Gemfile +4 -0
  4. data/Rakefile +19 -17
  5. data/bin/cfndsl +20 -20
  6. data/cfndsl.gemspec +16 -15
  7. data/lib/cfndsl.rb +62 -68
  8. data/lib/cfndsl/aws/cloud_formation_template.rb +16 -0
  9. data/lib/cfndsl/aws/types.rb +12 -0
  10. data/lib/cfndsl/{aws_types.yaml → aws/types.yaml} +0 -0
  11. data/lib/cfndsl/{Conditions.rb → conditions.rb} +5 -7
  12. data/lib/cfndsl/creation_policy.rb +21 -0
  13. data/lib/cfndsl/errors.rb +29 -0
  14. data/lib/cfndsl/generate_types.rb +154 -0
  15. data/lib/cfndsl/jsonable.rb +214 -0
  16. data/lib/cfndsl/mappings.rb +23 -0
  17. data/lib/cfndsl/metadata.rb +16 -0
  18. data/lib/cfndsl/module.rb +52 -51
  19. data/lib/cfndsl/names.rb +5 -5
  20. data/lib/cfndsl/orchestration_template.rb +173 -0
  21. data/lib/cfndsl/os/heat_template.rb +16 -0
  22. data/lib/cfndsl/os/types.rb +12 -0
  23. data/lib/cfndsl/{os_types.yaml → os/types.yaml} +11 -11
  24. data/lib/cfndsl/{Outputs.rb → outputs.rb} +3 -4
  25. data/lib/cfndsl/{Parameters.rb → parameters.rb} +12 -13
  26. data/lib/cfndsl/plurals.rb +34 -0
  27. data/lib/cfndsl/properties.rb +21 -0
  28. data/lib/cfndsl/rake_task.rb +9 -7
  29. data/lib/cfndsl/ref_check.rb +44 -0
  30. data/lib/cfndsl/{Resources.rb → resources.rb} +13 -15
  31. data/lib/cfndsl/types.rb +151 -0
  32. data/lib/cfndsl/update_policy.rb +25 -0
  33. data/lib/cfndsl/version.rb +1 -1
  34. data/sample/autoscale.rb +152 -158
  35. data/sample/autoscale2.rb +151 -155
  36. data/sample/circular.rb +30 -33
  37. data/sample/codedeploy.rb +35 -36
  38. data/sample/config_service.rb +120 -0
  39. data/sample/ecs.rb +39 -39
  40. data/sample/iam_policies.rb +82 -0
  41. data/sample/lambda.rb +20 -24
  42. data/sample/s3.rb +11 -11
  43. data/sample/t1.rb +7 -9
  44. data/sample/vpc_example.rb +50 -0
  45. data/sample/vpc_with_vpn_example.rb +97 -0
  46. data/spec/cfndsl_spec.rb +22 -11
  47. data/spec/fixtures/heattest.rb +13 -14
  48. data/spec/fixtures/test.rb +56 -53
  49. metadata +36 -30
  50. data/lib/cfndsl/CloudFormationTemplate.rb +0 -267
  51. data/lib/cfndsl/CreationPolicy.rb +0 -25
  52. data/lib/cfndsl/Errors.rb +0 -31
  53. data/lib/cfndsl/JSONable.rb +0 -235
  54. data/lib/cfndsl/Mappings.rb +0 -25
  55. data/lib/cfndsl/Metadata.rb +0 -22
  56. data/lib/cfndsl/Plurals.rb +0 -35
  57. data/lib/cfndsl/Properties.rb +0 -25
  58. data/lib/cfndsl/RefCheck.rb +0 -48
  59. data/lib/cfndsl/Types.rb +0 -309
  60. data/lib/cfndsl/UpdatePolicy.rb +0 -29
  61. data/sample/config-service.rb +0 -119
  62. data/sample/iam-policies.rb +0 -82
  63. data/sample/vpc-example.rb +0 -51
  64. data/sample/vpc-with-vpn-example.rb +0 -97
@@ -1,29 +0,0 @@
1
- require 'cfndsl/JSONable'
2
-
3
- module CfnDsl
4
- class UpdatePolicyDefinition < JSONable
5
- ##
6
- # Handles autoscaling group update policy objects for Resources
7
- #
8
- # Usage
9
- # Resource("aaa") {
10
- # UpdatePolicy("AutoScalingRollingUpdate", {
11
- # "MinInstancesInService" => "1",
12
- # "MaxBatchSize" => "1",
13
- # "PauseTime" => "PT12M5S"
14
- # })
15
- # }
16
- #
17
- def initialize(value)
18
- @value = value;
19
- end
20
-
21
- def value
22
- return @value
23
- end
24
-
25
- def to_json(*a)
26
- @value.to_json(*a)
27
- end
28
- end
29
- end
@@ -1,119 +0,0 @@
1
- CloudFormation {
2
- AWSTemplateFormatVersion "2010-09-09"
3
-
4
- Description "Creates SNS, SQS, S3 bucket and enables AWS Config."
5
-
6
- Queue("ConfigServiceQueue") {
7
- QueueName "ConfigServiceQueue"
8
- }
9
-
10
- Bucket("ConfigServiceBucket") {
11
- }
12
-
13
- Policy("ConfigServiceS3BucketAccessPolicy") {
14
- PolicyName "ConfigServiceS3BucketAccessPolicy"
15
- PolicyDocument({
16
- "Version" => "2012-10-17",
17
- "Statement" =>
18
- [
19
- {
20
- "Effect" => "Allow",
21
- "Action" => ["s3:PutObject"],
22
- "Resource" => FnJoin("", ["arn:aws:s3:::", Ref("ConfigServiceBucket"), "/AWSLogs/" , Ref("AWS::AccountId") , "/*"]),
23
- "Condition" =>
24
- {
25
- "StringLike" =>
26
- {
27
- "s3:x-amz-acl" => "bucket-owner-full-control"
28
- }
29
- }
30
- },
31
- {
32
- "Effect" => "Allow",
33
- "Action" => ["s3:GetBucketAcl"],
34
- "Resource" => FnJoin("", ["arn:aws:s3:::", Ref("ConfigServiceBucket")])
35
- }
36
- ]
37
- })
38
- Role Ref("ConfigServiceIAMRole")
39
- }
40
-
41
- Role("ConfigServiceIAMRole") {
42
- AssumeRolePolicyDocument({
43
- "Version" => "2012-10-17",
44
- "Statement" => [
45
- {
46
- "Effect" => "Allow",
47
- "Principal" => {
48
- "Service" => "config.amazonaws.com"
49
- },
50
- "Action" => "sts:AssumeRole"
51
- }
52
- ]
53
- })
54
- ManagedPolicyArns([
55
- "arn:aws:iam::aws:policy/service-role/AWSConfigRole"
56
- ])
57
- }
58
-
59
- Topic("ConfigServiceTopic") {
60
- DisplayName "ConfigSvc"
61
- Subscription [{
62
- "Endpoint" => FnGetAtt("ConfigServiceQueue", "Arn"),
63
- "Protocol" => "sqs"
64
- }]
65
- }
66
-
67
- Policy("ConfigServiceSNSTopicAccessPolicy") {
68
- PolicyName "ConfigServiceSNSTopicAccessPolicy"
69
- PolicyDocument({
70
- "Version" => "2012-10-17",
71
- "Statement" =>
72
- [
73
- {
74
- "Effect" => "Allow",
75
- "Action" => "sns:Publish",
76
- "Resource" => Ref("ConfigServiceTopic")
77
- }
78
- ]
79
- })
80
- Role Ref("ConfigServiceIAMRole")
81
- }
82
-
83
- QueuePolicy("ConfigServiceQueuePolicy") {
84
- PolicyDocument({
85
- "Version" => "2012-10-17",
86
- "Statement" => [
87
- {
88
- "Sid" => "Allow-SendMessage-To-ConfigService-Queue-From-SNS-Topic",
89
- "Effect" => "Allow",
90
- "Principal" => "*",
91
- "Action" => ["sqs:SendMessage"],
92
- "Resource" => "*",
93
- "Condition" => {
94
- "ArnEquals" => {
95
- "aws:SourceArn" => Ref("ConfigServiceTopic")
96
- }
97
- }
98
- }
99
- ]
100
- })
101
- Queues [ Ref("ConfigServiceQueue") ]
102
- }
103
-
104
- DeliveryChannel("ConfigDeliveryChannel") {
105
- ConfigSnapshotDeliveryProperties({
106
- "DeliveryFrequency" => "Six_Hours"
107
- })
108
- S3BucketName Ref("ConfigServiceBucket")
109
- SnsTopicARN Ref("ConfigServiceTopic")
110
- }
111
-
112
- ConfigurationRecorder("ConfigRecorder") {
113
- Name "DefaultRecorder"
114
- RecordingGroup({
115
- "AllSupported" => true
116
- })
117
- RoleARN FnGetAtt("ConfigServiceIAMRole", "Arn")
118
- }
119
- }
@@ -1,82 +0,0 @@
1
- CloudFormation {
2
- AWSTemplateFormatVersion "2010-09-09"
3
-
4
- Description "Creates sample IAM policies"
5
-
6
- ManagedPolicy("AllowUserManagePasswordAccessKeys") {
7
- Description "Allows user to manage passwords and access keys"
8
- PolicyDocument({
9
- "Version" => "2012-10-17",
10
- "Statement" => [
11
- {
12
- "Effect" => "Allow",
13
- "Action" => [
14
- "iam:*LoginProfile",
15
- "iam:*AccessKey*",
16
- "iam:*SSHPublicKey*"
17
- ],
18
- "Resource" => FnJoin("", ["arn:aws:iam::", Ref("AWS::AccountId"), ":user/${aws:username}"])
19
- }
20
- ]
21
- })
22
- }
23
-
24
- ManagedPolicy("AllowUserManageVirtualMFA") {
25
- Description "Allows user to manage their virtual MFA device"
26
- PolicyDocument({
27
- "Version" => "2012-10-17",
28
- "Statement" => [
29
- {
30
- "Sid" => "AllowUsersToCreateEnableResyncTheirOwnVirtualMFADevice",
31
- "Effect" => "Allow",
32
- "Action" => [
33
- "iam:CreateVirtualMFADevice",
34
- "iam:EnableMFADevice",
35
- "iam:ResyncMFADevice"
36
- ],
37
- "Resource" => [
38
- FnJoin("", ["arn:aws:iam::", Ref("AWS::AccountId"), ":mfa/${aws:username}"]),
39
- FnJoin("", ["arn:aws:iam::", Ref("AWS::AccountId"), ":user/${aws:username}"])
40
- ]
41
- },
42
- {
43
- "Sid" => "AllowUsersToDeactivateDeleteTheirOwnVirtualMFADevice",
44
- "Effect" => "Allow",
45
- "Action" => [
46
- "iam:DeactivateMFADevice",
47
- "iam:DeleteVirtualMFADevice"
48
- ],
49
- "Resource" => [
50
- FnJoin("", ["arn:aws:iam::", Ref("AWS::AccountId"), ":mfa/${aws:username}"]),
51
- FnJoin("", ["arn:aws:iam::", Ref("AWS::AccountId"), ":user/${aws:username}"])
52
- ],
53
- "Condition" => {
54
- "Bool" => {
55
- "aws:MultiFactorAuthPresent" => true
56
- }
57
- }
58
- },
59
- {
60
- "Sid" => "AllowUsersToListMFADevicesandUsersForConsole",
61
- "Effect" => "Allow",
62
- "Action" => [
63
- "iam:ListMFADevices",
64
- "iam:ListVirtualMFADevices",
65
- "iam:ListUsers"
66
- ],
67
- "Resource" => "*"
68
- }
69
- ]
70
- })
71
- }
72
-
73
- Output("AllowUserManagePasswordAccessKeysPolicyArn") {
74
- Description "The ARN of the AllowUserManagePasswordAccessKeys IAM policy"
75
- Value Ref("AllowUserManagePasswordAccessKeys")
76
- }
77
-
78
- Output("AllowUserManageVirtualMFAPolicyArn") {
79
- Description "The ARN of the AllowUserManageVirtualMFA IAM policy"
80
- Value Ref("AllowUserManageVirtualMFA")
81
- }
82
- }
@@ -1,51 +0,0 @@
1
- require 'cfndsl'
2
-
3
- CloudFormation {
4
- Description "Creates an AWS VPC with a couple of subnets."
5
-
6
- VPC(:VPC) {
7
- EnableDnsSupport true
8
- EnableDnsHostnames true
9
- CidrBlock "10.1.0.0/16"
10
- addTag("Name", "Test VPC")
11
- }
12
-
13
- InternetGateway(:InternetGateway) {
14
- addTag("Name", "Test VPC Gateway")
15
- }
16
-
17
- VPCGatewayAttachment(:GatewayToInternet) {
18
- VpcId Ref(:VPC)
19
- InternetGatewayId Ref(:InternetGateway)
20
- }
21
-
22
- 10.times do |i|
23
- subnet = "subnet#{i}"
24
- route_table = subnet + "RouteTable"
25
- route_table_assoc = route_table + "Assoc"
26
-
27
- Subnet(subnet) {
28
- VpcId Ref(:VPC)
29
- CidrBlock "10.1.#{i}.0/24"
30
- addTag("Name", "test vpc #{subnet}")
31
- }
32
-
33
- RouteTable(route_table) {
34
- VpcId Ref(:VPC)
35
- addTag("Name", route_table)
36
- }
37
-
38
- SubnetRouteTableAssociation(route_table_assoc) {
39
- SubnetId Ref(subnet)
40
- RouteTableId Ref(route_table)
41
- }
42
-
43
- Route(subnet + "GatewayRoute" ) {
44
- DependsOn :GatewayToInternet
45
- RouteTableId Ref(route_table)
46
- DestinationCidrBlock "0.0.0.0/0"
47
- GatewayId Ref(:InternetGateway)
48
- }
49
- end
50
-
51
- }
@@ -1,97 +0,0 @@
1
- require 'cfndsl'
2
-
3
- CloudFormation {
4
- Description "Creates an AWS VPC with a couple of subnets."
5
-
6
- Parameter("VPNAddress") {
7
- Type "String"
8
- Description "IP Address range for your existing infrastructure"
9
- MinLength "9"
10
- MaxLength "18"
11
- AllowedPattern "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
12
- ConstraintDescription "must be a valid IP CIDR range of the form x.x.x.x/x."
13
- }
14
-
15
- Parameter("RouterIPAddress") {
16
- Type "String"
17
- Description "IP Address of your VPN device"
18
- MinLength "7"
19
- MaxLength "15"
20
- AllowedPattern "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})"
21
- ConstraintDescription "must be a valid IP address of the form x.x.x.x"
22
- }
23
-
24
- VPC(:VPC) {
25
- EnableDnsSupport true
26
- EnableDnsHostnames true
27
- CidrBlock "10.1.0.0/16"
28
- addTag("Name", "Test VPC")
29
- }
30
-
31
- InternetGateway(:InternetGateway) {
32
- addTag("Name", "Test VPC Gateway")
33
- }
34
-
35
- VPCGatewayAttachment(:GatewayToInternet) {
36
- VpcId Ref(:VPC)
37
- InternetGatewayId Ref(:InternetGateway)
38
- }
39
-
40
- 10.times do |i|
41
- subnet = "subnet#{i}"
42
- route_table = subnet + "RouteTable"
43
- route_table_assoc = route_table + "Assoc"
44
-
45
- Subnet(subnet) {
46
- VpcId Ref(:VPC)
47
- CidrBlock "10.1.#{i}.0/24"
48
- addTag("Name", "test vpc #{subnet}")
49
- }
50
-
51
- RouteTable(route_table) {
52
- VpcId Ref(:VPC)
53
- addTag("Name", route_table)
54
- }
55
-
56
- SubnetRouteTableAssociation(route_table_assoc) {
57
- SubnetId Ref(subnet)
58
- RouteTableId Ref(route_table)
59
- }
60
-
61
- Route(subnet + "GatewayRoute" ) {
62
- DependsOn :GatewayToInternet
63
- RouteTableId Ref(route_table)
64
- DestinationCidrBlock "0.0.0.0/0"
65
- GatewayId Ref(:InternetGateway)
66
- }
67
- end
68
-
69
- VPNGateway(:VirtualPrivateNetworkGateway) {
70
- Type "ipsec.1"
71
- addTag("Name", "Test VPN Gateway")
72
- }
73
-
74
- VPCGatewayAttachment(:VPNGatewayAttachment) {
75
- VpcId Ref(:VPC)
76
- VpnGatewayId Ref(:VirtualPrivateNetworkGateway)
77
- }
78
-
79
- CustomerGateway(:CustomerVPNGateway) {
80
- Type "ipsec.1"
81
- BgpAsn "65000"
82
- IpAddress Ref("RouterIPAddress")
83
- addTag("Name", "Test Customer VPN Gateway")
84
- }
85
-
86
- VPNConnection(:VPNConnection) {
87
- Type "ipsec.1"
88
- StaticRoutesOnly "true"
89
- CustomerGatewayId Ref(:CustomerVPNGateway)
90
- VpnGatewayId Ref(:VirtualPrivateNetworkGateway)
91
- }
92
-
93
- VPNConnectionRoute(:VPNConnectionRoute) {
94
- VpnConnectionId Ref(:VPNConnection)
95
- DestinationCidrBlock Ref("VPNAddress")
96
- }
97
- }