RubyGems - codepipeline - Versions diffs - 0.1.0 → 0.2.0 - Mend

codepipeline 0.1.0 → 0.2.0

Files changed (220) hide show

checksums.yaml +4 -4
data/.gitignore +16 -11
data/.gitmodules +9 -0
data/.rspec +1 -1
data/CHANGELOG.md +16 -0
data/Gemfile +3 -1
data/Gemfile.lock +111 -0
data/Guardfile +19 -0
data/LICENSE.txt +18 -17
data/README.md +44 -20
data/Rakefile +10 -2
data/codepipe.gemspec +38 -0
data/docs/.gitignore +4 -0
data/docs/CNAME +1 -0
data/docs/Gemfile +3 -0
data/docs/LICENSE +21 -0
data/docs/README.md +25 -0
data/docs/_config.yml +73 -0
data/docs/_docs/contributing.md +99 -0
data/docs/_docs/conventions.md +43 -0
data/docs/_docs/deploy.md +72 -0
data/docs/_docs/dsl.md +13 -0
data/docs/_docs/dsl/approve.md +62 -0
data/docs/_docs/dsl/pipeline.md +56 -0
data/docs/_docs/dsl/pipeline/action.md +28 -0
data/docs/_docs/dsl/pipeline/codebuild.md +62 -0
data/docs/_docs/dsl/pipeline/prefix-and-suffix.md +57 -0
data/docs/_docs/dsl/role.md +79 -0
data/docs/_docs/dsl/schedule.md +29 -0
data/docs/_docs/dsl/sns.md +27 -0
data/docs/_docs/dsl/webhook.md +31 -0
data/docs/_docs/ecs-deploy.md +24 -0
data/docs/_docs/examples/different-branches.md +50 -0
data/docs/_docs/install.md +14 -0
data/docs/_docs/next-steps.md +16 -0
data/docs/_docs/settings.md +34 -0
data/docs/_docs/start.md +31 -0
data/docs/_includes/commands.html +92 -0
data/docs/_includes/content.html +25 -0
data/docs/_includes/edit-on-github.html +9 -0
data/docs/_includes/footer.html +41 -0
data/docs/_includes/google_analytics.html +10 -0
data/docs/_includes/head.html +45 -0
data/docs/_includes/js.html +15 -0
data/docs/_includes/nav.html +17 -0
data/docs/_includes/prev_next.md +19 -0
data/docs/_includes/reference.md +1 -0
data/docs/_includes/subnav.html +46 -0
data/docs/_includes/tutorials.md +38 -0
data/docs/_layouts/default.html +12 -0
data/docs/_reference/pipe-completion.md +44 -0
data/docs/_reference/pipe-completion_script.md +25 -0
data/docs/_reference/pipe-delete.md +25 -0
data/docs/_reference/pipe-deploy.md +26 -0
data/docs/_reference/pipe-init.md +25 -0
data/docs/_reference/pipe-start.md +25 -0
data/docs/_reference/pipe-version.md +21 -0
data/docs/_sass/_bootstrap-overrides.scss +40 -0
data/docs/_sass/_contact.scss +49 -0
data/docs/_sass/_cta.scss +37 -0
data/docs/_sass/_download.scss +31 -0
data/docs/_sass/_features.scss +47 -0
data/docs/_sass/_footer.scss +49 -0
data/docs/_sass/_global.scss +102 -0
data/docs/_sass/_main.scss +364 -0
data/docs/_sass/_masthead.scss +70 -0
data/docs/_sass/_mixins.scss +79 -0
data/docs/_sass/_navbar.scss +92 -0
data/docs/_sass/_syntax.scss +65 -0
data/docs/_sass/_table.scss +34 -0
data/docs/_sass/_timeline.scss +207 -0
data/docs/_sass/_variables.scss +24 -0
data/docs/bin/web +8 -0
data/docs/docs.md +24 -0
data/docs/dsl/pipeline.md +76 -0
data/docs/dsl/role.md +66 -0
data/docs/dsl/schedule.md +20 -0
data/docs/img/docs/codepipeline-output.png +0 -0
data/docs/img/logos/boltops-logo-full.png +0 -0
data/docs/img/logos/boltops-logo.png +0 -0
data/docs/img/logos/project-logo.png +0 -0
data/docs/index.html +35 -0
data/docs/js/nav.js +39 -0
data/docs/js/new-age.js +38 -0
data/docs/js/new-age.min.js +6 -0
data/docs/new-age.scss +20 -0
data/docs/quick-start.md +73 -0
data/docs/reference.md +12 -0
data/docs/support.md +22 -0
data/docs/vendor/bootstrap/css/bootstrap-grid.css +1339 -0
data/docs/vendor/bootstrap/css/bootstrap-grid.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap-grid.min.css +1 -0
data/docs/vendor/bootstrap/css/bootstrap-grid.min.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap-reboot.css +459 -0
data/docs/vendor/bootstrap/css/bootstrap-reboot.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap-reboot.min.css +1 -0
data/docs/vendor/bootstrap/css/bootstrap-reboot.min.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap.css +9320 -0
data/docs/vendor/bootstrap/css/bootstrap.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap.min.css +6 -0
data/docs/vendor/bootstrap/css/bootstrap.min.css.map +1 -0
data/docs/vendor/bootstrap/js/bootstrap.js +3535 -0
data/docs/vendor/bootstrap/js/bootstrap.min.js +7 -0
data/docs/vendor/font-awesome/css/font-awesome.css +2337 -0
data/docs/vendor/font-awesome/css/font-awesome.min.css +4 -0
data/docs/vendor/font-awesome/fonts/FontAwesome.otf +0 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.eot +0 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.svg +2671 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.ttf +0 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.woff +0 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.woff2 +0 -0
data/docs/vendor/font-awesome/less/animated.less +34 -0
data/docs/vendor/font-awesome/less/bordered-pulled.less +25 -0
data/docs/vendor/font-awesome/less/core.less +12 -0
data/docs/vendor/font-awesome/less/fixed-width.less +6 -0
data/docs/vendor/font-awesome/less/font-awesome.less +18 -0
data/docs/vendor/font-awesome/less/icons.less +789 -0
data/docs/vendor/font-awesome/less/larger.less +13 -0
data/docs/vendor/font-awesome/less/list.less +19 -0
data/docs/vendor/font-awesome/less/mixins.less +60 -0
data/docs/vendor/font-awesome/less/path.less +15 -0
data/docs/vendor/font-awesome/less/rotated-flipped.less +20 -0
data/docs/vendor/font-awesome/less/screen-reader.less +5 -0
data/docs/vendor/font-awesome/less/stacked.less +20 -0
data/docs/vendor/font-awesome/less/variables.less +799 -0
data/docs/vendor/font-awesome/scss/_animated.scss +34 -0
data/docs/vendor/font-awesome/scss/_bordered-pulled.scss +25 -0
data/docs/vendor/font-awesome/scss/_core.scss +12 -0
data/docs/vendor/font-awesome/scss/_fixed-width.scss +6 -0
data/docs/vendor/font-awesome/scss/_icons.scss +789 -0
data/docs/vendor/font-awesome/scss/_larger.scss +13 -0
data/docs/vendor/font-awesome/scss/_list.scss +19 -0
data/docs/vendor/font-awesome/scss/_mixins.scss +60 -0
data/docs/vendor/font-awesome/scss/_path.scss +15 -0
data/docs/vendor/font-awesome/scss/_rotated-flipped.scss +20 -0
data/docs/vendor/font-awesome/scss/_screen-reader.scss +5 -0
data/docs/vendor/font-awesome/scss/_stacked.scss +20 -0
data/docs/vendor/font-awesome/scss/_variables.scss +799 -0
data/docs/vendor/font-awesome/scss/font-awesome.scss +18 -0
data/docs/vendor/jquery-easing/jquery.easing.compatibility.js +59 -0
data/docs/vendor/jquery-easing/jquery.easing.js +166 -0
data/docs/vendor/jquery-easing/jquery.easing.min.js +1 -0
data/docs/vendor/jquery/jquery.js +10253 -0
data/docs/vendor/jquery/jquery.min.js +4 -0
data/docs/vendor/simple-line-icons/css/simple-line-icons.css +778 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.eot +0 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.svg +200 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.ttf +0 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.woff +0 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.woff2 +0 -0
data/docs/vendor/simple-line-icons/less/simple-line-icons.less +982 -0
data/docs/vendor/simple-line-icons/scss/simple-line-icons.scss +979 -0
data/docs/vendor/tether/tether.js +1811 -0
data/docs/vendor/tether/tether.min.js +1 -0
data/exe/codepipeline +14 -0
data/exe/pipe +14 -0
data/lib/codepipe.rb +23 -0
data/lib/codepipe/autoloader.rb +21 -0
data/lib/codepipe/aws_services.rb +20 -0
data/lib/codepipe/aws_services/helpers.rb +71 -0
data/lib/codepipe/build.rb +13 -0
data/lib/codepipe/cli.rb +60 -0
data/lib/codepipe/command.rb +82 -0
data/lib/codepipe/completer.rb +159 -0
data/lib/codepipe/completer/script.rb +6 -0
data/lib/codepipe/completer/script.sh +10 -0
data/lib/codepipe/core.rb +63 -0
data/lib/codepipe/create.rb +12 -0
data/lib/codepipe/delete.rb +27 -0
data/lib/codepipe/deploy.rb +40 -0
data/lib/codepipe/dsl/pipeline.rb +37 -0
data/lib/codepipe/dsl/pipeline/approve.rb +34 -0
data/lib/codepipe/dsl/pipeline/codebuild.rb +57 -0
data/lib/codepipe/dsl/pipeline/github.rb +36 -0
data/lib/codepipe/dsl/role.rb +50 -0
data/lib/codepipe/dsl/schedule.rb +30 -0
data/lib/codepipe/dsl/sns.rb +15 -0
data/lib/codepipe/dsl/ssm.rb +22 -0
data/lib/codepipe/dsl/webhook.rb +27 -0
data/lib/codepipe/evaluate.rb +47 -0
data/lib/codepipe/help.rb +9 -0
data/lib/codepipe/help/completion.md +22 -0
data/lib/codepipe/help/completion_script.md +3 -0
data/lib/codepipe/help/hello.md +5 -0
data/lib/codepipe/init.rb +57 -0
data/lib/codepipe/pipeline.rb +61 -0
data/lib/codepipe/pipeline/s3_bucket.rb +88 -0
data/lib/codepipe/role.rb +181 -0
data/lib/codepipe/schedule.rb +99 -0
data/lib/codepipe/sequence.rb +66 -0
data/lib/codepipe/setting.rb +79 -0
data/lib/codepipe/sns.rb +43 -0
data/lib/codepipe/stack.rb +95 -0
data/lib/codepipe/start.rb +83 -0
data/lib/codepipe/update.rb +12 -0
data/lib/codepipe/version.rb +3 -0
data/lib/codepipe/webhook.rb +60 -0
data/lib/codepipeline.rb +1 -6
data/lib/template/.codepipeline/pipeline.rb.tt +33 -0
data/lib/template/.codepipeline/schedule.rb +3 -0
data/lib/template/.codepipeline/settings.yml +9 -0
data/lib/template/.codepipeline/sns.rb +14 -0
data/spec/fixtures/app/.codepipeline/pipeline.rb +12 -0
data/spec/fixtures/app/.codepipeline/schedule.rb +1 -0
data/spec/fixtures/app/.codepipeline/webhook.rb +1 -0
data/spec/fixtures/pipelines/approve.rb +22 -0
data/spec/fixtures/pipelines/approve_existing_sns.rb +24 -0
data/spec/lib/cli_spec.rb +18 -0
data/spec/lib/pipeline/approve_spec.rb +32 -0
data/spec/lib/pipeline_spec.rb +12 -0
data/spec/lib/role_spec.rb +12 -0
data/spec/lib/schedule_spec.rb +12 -0
data/spec/lib/webhook_spec.rb +12 -0
data/spec/spec_helper.rb +35 -0
metadata +419 -22
data/.travis.yml +0 -7
data/bin/console +0 -14
data/bin/setup +0 -8
data/codepipeline.gemspec +0 -27
data/lib/codepipeline/version.rb +0 -3

@@ -0,0 +1,27 @@
+module Codepipe::Dsl
+  module Webhook
+    include Ssm
+    # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-webhook.html
+    PROPERTIES = %w[
+      authentication
+      authentication_configuration
+      filters
+      name
+      register_with_third_party
+      target_action
+      target_pipeline
+      target_pipeline_version
+    ]
+    PROPERTIES.each do |prop|
+      define_method(prop) do |v|
+        @properties[prop.to_sym] = v
+      end
+    end
+    def secret_token(v)
+      @secret_token = v
+    end
+    alias_method :github_token, :secret_token
+  end
+end

data/lib/codepipe/evaluate.rb ADDED

@@ -0,0 +1,47 @@
+module Codepipe
+  module Evaluate
+    def evaluate(path)
+      source_code = IO.read(path)
+      begin
+        instance_eval(source_code, path)
+      rescue Exception => e
+        if e.class == SystemExit # allow exit to happen normally
+          raise
+        else
+          task_definition_error(e)
+          puts "\nFull error:"
+          raise
+        end
+      end
+    end
+  private
+    # Prints out a user friendly task_definition error message
+    def task_definition_error(e)
+      error_info = e.backtrace.first
+      path, line_no, _ = error_info.split(':')
+      line_no = line_no.to_i
+      puts "Error evaluating #{path}:".color(:red)
+      puts e.message
+      puts "Here's the line in #{path} with the error:\n\n"
+      contents = IO.read(path)
+      content_lines = contents.split("\n")
+      context = 5 # lines of context
+      top, bottom = [line_no-context-1, 0].max, line_no+context-1
+      spacing = content_lines.size.to_s.size
+      content_lines[top..bottom].each_with_index do |line_content, index|
+        line_number = top+index+1
+        if line_number == line_no
+          printf("%#{spacing}d %s\n".color(:red), line_number, line_content)
+        else
+          printf("%#{spacing}d %s\n", line_number, line_content)
+        end
+      end
+    end
+    def lookup_codepipeline_file(name)
+      [".codepipeline", @options[:type], name].compact.join("/")
+    end
+  end
+end

data/lib/codepipe/help.rb ADDED

@@ -0,0 +1,9 @@
+module Codepipe::Help
+  class << self
+    def text(namespaced_command)
+      path = namespaced_command.to_s.gsub(':','/')
+      path = File.expand_path("../help/#{path}.md", __FILE__)
+      IO.read(path) if File.exist?(path)
+    end
+  end
+end

data/lib/codepipe/help/completion.md ADDED

@@ -0,0 +1,22 @@
+Example:
+    codepipe completion
+Prints words for TAB auto-completion.
+Examples:
+    codepipe completion
+    codepipe completion hello
+    codepipe completion hello name
+To enable, TAB auto-completion add the following to your profile:
+    eval $(codepipe completion_script)
+Auto-completion example usage:
+    codepipe [TAB]
+    codepipe hello [TAB]
+    codepipe hello name [TAB]
+    codepipe hello name --[TAB]

data/lib/codepipe/help/completion_script.md ADDED

@@ -0,0 +1,3 @@
+To use, add the following to your `~/.bashrc` or `~/.profile`
+    eval $(codepipe completion_script)

data/lib/codepipe/help/hello.md ADDED

@@ -0,0 +1,5 @@
+Examples:
+    codepipe hello
+    codepipe hello NAME
+    codepipe hello NAME --from me

data/lib/codepipe/init.rb ADDED

@@ -0,0 +1,57 @@
+module Codepipe
+  class Init < Sequence
+    # Ugly, this is how I can get the options from to match with this Thor::Group
+    def self.cli_options
+      [
+        [:name, desc: "CodePipeline project name."],
+        [:force, type: :boolean, desc: "Bypass overwrite are you sure prompt for existing files."],
+        [:template, desc: "Custom template to use."],
+        [:template_mode, desc: "Template mode: replace or additive."],
+      ]
+    end
+    cli_options.each { |o| class_option(*o) }
+    def setup_template_repo
+      return unless @options[:template]&.include?('/')
+      sync_template_repo
+    end
+    def set_source_path
+      return unless @options[:template]
+      custom_template = "#{ENV['HOME']}/.codepipeline/templates/#{full_repo_name}"
+      if @options[:template_mode] == "replace" # replace the template entirely
+        override_source_paths(custom_template)
+      else # additive: modify on top of default template
+        default_template = File.expand_path("../../template", __FILE__)
+        override_source_paths([custom_template, default_template])
+      end
+    end
+    def copy_project
+      puts "Initialize codepipeline project in .codepipeline"
+      if @options[:template]
+        directory ".", ".codepipeline", exclude_pattern: /.git/
+      else
+        directory ".", exclude_pattern: /.git/
+      end
+    end
+  private
+    def project_name
+      inferred_name = File.basename(Dir.pwd).gsub('_','-').gsub(/[^0-9a-zA-Z,-]/, '')
+      @options[:name] || inferred_name
+    end
+    def project_github_repo
+      default = "user/repo"
+      return default unless File.exist?(".git/config") && git_installed?
+      url = `git config --get remote.origin.url`.strip
+      repo = url.sub('git@github.com:','').sub(/\.git$/,'')
+      repo == '' ? default : repo
+    end
+  end
+end

data/lib/codepipe/pipeline.rb ADDED

@@ -0,0 +1,61 @@
+module Codepipe
+  class Pipeline
+    extend Memoist
+    include Dsl::Pipeline
+    include Evaluate
+    def initialize(options={})
+      @options = options
+      @pipeline_path = options[:pipeline_path] || get_pipeline_path
+      @properties = default_properties # defaults make pipeline.rb simpler
+      @stages = []
+    end
+    def run
+      evaluate(@pipeline_path)
+      @properties[:stages] ||= @stages
+      set_source_branch!
+      resource = {
+        pipeline: {
+          type: "AWS::CodePipeline::Pipeline",
+          properties: @properties
+        }
+      }
+      CfnCamelizer.transform(resource)
+    end
+    def default_properties
+      {
+        name: @options[:full_pipeline_name],
+        role_arn: { "Fn::GetAtt": "IamRole.Arn" },
+        artifact_store: {
+          type: "S3",
+          location: s3_bucket, # auto creates s3 bucket
+        }
+      }
+    end
+    # cli branch option always takes highest precedence
+    def set_source_branch!
+      return unless @options[:branch]
+      source_stage = @properties[:stages].first
+      action = source_stage[:actions].first
+      action[:configuration][:branch] = @options[:branch]
+    end
+    def exist?
+      File.exist?(@pipeline_path)
+    end
+    def s3_bucket
+      S3Bucket.name
+    end
+  private
+    def get_pipeline_path
+      lookup_codepipeline_file "pipeline.rb"
+    end
+  end
+end

data/lib/codepipe/pipeline/s3_bucket.rb ADDED

@@ -0,0 +1,88 @@
+require "aws-sdk-s3"
+class Codepipe::Pipeline
+  class S3Bucket
+    extend Memoist
+    include Codepipe::AwsServices
+    class << self
+      extend Memoist
+      def name
+        new.name
+      end
+      memoize :name
+    end
+    def name
+      ensure_exists(bucket_name)
+      bucket_name
+    end
+    memoize :name
+    def bucket_name
+      "codepipeline-#{aws.region}-#{aws.account}"
+    end
+    def ensure_exists(name)
+      return if exists?(name) || ENV['TEST']
+      s3.create_bucket(bucket: name)
+      policy = {
+        "Version": "2012-10-17",
+        "Id": "SSEAndSSLPolicy",
+        "Statement": [
+          {
+            "Sid": "DenyUnEncryptedObjectUploads",
+            "Effect": "Deny",
+            "Principal": "*",
+            "Action": "s3:PutObject",
+            "Resource": "arn:aws:s3:::#{name}/*",
+            "Condition": {
+              "StringNotEquals": {
+                "s3:x-amz-server-side-encryption": "aws:kms"
+              }
+            }
+          },
+          {
+              "Sid": "DenyInsecureConnections",
+              "Effect": "Deny",
+              "Principal": "*",
+              "Action": "s3:*",
+              "Resource": "arn:aws:s3:::#{name}/*",
+              "Condition": {
+                  "Bool": {
+                      "aws:SecureTransport": "false"
+                  }
+              }
+          }
+        ]
+      }
+      s3.put_bucket_policy(
+        bucket: name,
+        policy: JSON.dump(policy),
+      )
+    rescue Aws::S3::Errors::BucketAlreadyExists => e
+      puts "ERROR #{e.class}: #{e.message}".color(:red)
+      puts "Bucket name: #{name}"
+      exit 1
+    end
+    def exists?(name)
+      begin
+        s3.head_bucket(bucket: name)
+        true
+      rescue Aws::S3::Errors::BucketAlreadyOwnedByYou, Aws::S3::Errors::Http301Error
+        # These exceptions indicate bucket already exists
+        # Aws::S3::Errors::Http301Error could be inaccurate but compromising for simplicity
+        true
+      rescue
+        false
+      end
+    end
+  private
+    def aws
+      AwsData.new
+    end
+    memoize :aws
+  end
+end

data/lib/codepipe/role.rb ADDED

@@ -0,0 +1,181 @@
+require "yaml"
+module Codepipe
+  class Role
+    include Codepipe::Dsl::Role
+    include Evaluate
+    def initialize(options={})
+      @options = options
+      @role_path = options[:role_path] || get_role_path
+      @properties = default_properties
+    end
+    def run
+      evaluate(@role_path) if File.exist?(@role_path)
+      @properties[:policies] = [{
+        policy_name: "CodePipelineAccess",
+        policy_document: {
+          version: "2012-10-17",
+          statement: derived_iam_statements
+        }
+      }]
+      @properties[:managed_policy_arns] = @managed_policy_arns if @managed_policy_arns && !@managed_policy_arns.empty?
+      resource = {
+        logical_id => {
+          type: "AWS::IAM::Role",
+          properties: @properties
+        }
+      }
+      CfnCamelizer.transform(resource)
+    end
+    def logical_id
+      "IamRole"
+    end
+  private
+    def get_role_path
+      lookup_codepipeline_file("role.rb")
+    end
+    def default_properties
+      {
+        assume_role_policy_document: {
+          statement: [{
+            action: ["sts:AssumeRole"],
+            effect: "Allow",
+            principal: {
+              service: principal_services
+            }
+          }],
+          version: "2012-10-17"
+        },
+        path: "/"
+      }
+    end
+    def principal_services
+      ["codepipeline.amazonaws.com"]
+    end
+    def derived_iam_statements
+      @iam_statements || default_iam_statements
+    end
+    def default_iam_statements
+      # Based on the one created by CodePipeline Console
+      [{
+        "action"=>["iam:PassRole"],
+        "resource"=>"*",
+        "effect"=>"Allow",
+        "condition"=>
+          {"string_equals_if_exists"=>
+            {"iam:passed_to_service"=>
+              ["cloudformation.amazonaws.com",
+               "elasticbeanstalk.amazonaws.com",
+               "ec2.amazonaws.com",
+               "ecs-tasks.amazonaws.com"]
+            }
+          }
+      },{
+        "action"=>
+          ["codecommit:CancelUploadArchive",
+           "codecommit:GetBranch",
+           "codecommit:GetCommit",
+           "codecommit:GetUploadArchiveStatus",
+           "codecommit:UploadArchive"],
+          "resource"=>"*",
+          "effect"=>"Allow"
+      },{
+        "action"=>
+         ["codedeploy:CreateDeployment",
+          "codedeploy:GetApplication",
+          "codedeploy:GetApplicationRevision",
+          "codedeploy:GetDeployment",
+          "codedeploy:GetDeploymentConfig",
+          "codedeploy:RegisterApplicationRevision"],
+          "resource"=>"*",
+          "effect"=>"Allow"
+      },{
+        "action"=>
+          ["elasticbeanstalk:*",
+           "ec2:*",
+           "elasticloadbalancing:*",
+           "autoscaling:*",
+           "cloudwatch:*",
+           "s3:*",
+           "sns:*",
+           "cloudformation:*",
+           "rds:*",
+           "sqs:*",
+           "ecs:*"],
+        "resource"=>"*",
+        "effect"=>"Allow"
+      },{
+        "action"=>["lambda:InvokeFunction", "lambda:ListFunctions"],
+        "resource"=>"*",
+        "effect"=>"Allow"
+      },{
+        "action"=>
+           ["opsworks:CreateDeployment",
+            "opsworks:DescribeApps",
+            "opsworks:DescribeCommands",
+            "opsworks:DescribeDeployments",
+            "opsworks:DescribeInstances",
+            "opsworks:DescribeStacks",
+            "opsworks:UpdateApp",
+            "opsworks:UpdateStack"],
+          "resource"=>"*",
+          "effect"=>"Allow"
+      },{
+        "action"=>
+         ["cloudformation:CreateStack",
+          "cloudformation:DeleteStack",
+          "cloudformation:DescribeStacks",
+          "cloudformation:UpdateStack",
+          "cloudformation:CreateChangeSet",
+          "cloudformation:DeleteChangeSet",
+          "cloudformation:DescribeChangeSet",
+          "cloudformation:ExecuteChangeSet",
+          "cloudformation:SetStackPolicy",
+          "cloudformation:ValidateTemplate"],
+        "resource"=>"*",
+        "effect"=>"Allow"
+      },{
+        "action"=>["codebuild:BatchGetBuilds", "codebuild:StartBuild"],
+        "resource"=>"*",
+        "effect"=>"Allow"
+      },{
+        "action"=>
+          ["devicefarm:ListProjects",
+           "devicefarm:ListDevicePools",
+           "devicefarm:GetRun",
+           "devicefarm:GetUpload",
+           "devicefarm:CreateUpload",
+           "devicefarm:ScheduleRun"],
+          "resource"=>"*",
+          "effect"=>"Allow",
+      },{
+        "action"=>
+          ["servicecatalog:ListProvisioningArtifacts",
+           "servicecatalog:CreateProvisioningArtifact",
+           "servicecatalog:DescribeProvisioningArtifact",
+           "servicecatalog:DeleteProvisioningArtifact",
+           "servicecatalog:UpdateProduct"],
+        "resource"=>"*",
+        "effect"=>"Allow",
+      },{
+        "action"=>["cloudformation:ValidateTemplate"],
+        "resource"=>"*",
+        "effect"=>"Allow",
+      },{
+        "action"=>["ecr:DescribeImages"],
+        "resource"=>"*",
+        "effect"=>"Allow",
+      }]
+    end
+  end
+end