RubyGems - codepipeline - Versions diffs - 0.1.0 → 0.2.0 - Mend

codepipeline 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (220) hide show

checksums.yaml +4 -4
data/.gitignore +16 -11
data/.gitmodules +9 -0
data/.rspec +1 -1
data/CHANGELOG.md +16 -0
data/Gemfile +3 -1
data/Gemfile.lock +111 -0
data/Guardfile +19 -0
data/LICENSE.txt +18 -17
data/README.md +44 -20
data/Rakefile +10 -2
data/codepipe.gemspec +38 -0
data/docs/.gitignore +4 -0
data/docs/CNAME +1 -0
data/docs/Gemfile +3 -0
data/docs/LICENSE +21 -0
data/docs/README.md +25 -0
data/docs/_config.yml +73 -0
data/docs/_docs/contributing.md +99 -0
data/docs/_docs/conventions.md +43 -0
data/docs/_docs/deploy.md +72 -0
data/docs/_docs/dsl.md +13 -0
data/docs/_docs/dsl/approve.md +62 -0
data/docs/_docs/dsl/pipeline.md +56 -0
data/docs/_docs/dsl/pipeline/action.md +28 -0
data/docs/_docs/dsl/pipeline/codebuild.md +62 -0
data/docs/_docs/dsl/pipeline/prefix-and-suffix.md +57 -0
data/docs/_docs/dsl/role.md +79 -0
data/docs/_docs/dsl/schedule.md +29 -0
data/docs/_docs/dsl/sns.md +27 -0
data/docs/_docs/dsl/webhook.md +31 -0
data/docs/_docs/ecs-deploy.md +24 -0
data/docs/_docs/examples/different-branches.md +50 -0
data/docs/_docs/install.md +14 -0
data/docs/_docs/next-steps.md +16 -0
data/docs/_docs/settings.md +34 -0
data/docs/_docs/start.md +31 -0
data/docs/_includes/commands.html +92 -0
data/docs/_includes/content.html +25 -0
data/docs/_includes/edit-on-github.html +9 -0
data/docs/_includes/footer.html +41 -0
data/docs/_includes/google_analytics.html +10 -0
data/docs/_includes/head.html +45 -0
data/docs/_includes/js.html +15 -0
data/docs/_includes/nav.html +17 -0
data/docs/_includes/prev_next.md +19 -0
data/docs/_includes/reference.md +1 -0
data/docs/_includes/subnav.html +46 -0
data/docs/_includes/tutorials.md +38 -0
data/docs/_layouts/default.html +12 -0
data/docs/_reference/pipe-completion.md +44 -0
data/docs/_reference/pipe-completion_script.md +25 -0
data/docs/_reference/pipe-delete.md +25 -0
data/docs/_reference/pipe-deploy.md +26 -0
data/docs/_reference/pipe-init.md +25 -0
data/docs/_reference/pipe-start.md +25 -0
data/docs/_reference/pipe-version.md +21 -0
data/docs/_sass/_bootstrap-overrides.scss +40 -0
data/docs/_sass/_contact.scss +49 -0
data/docs/_sass/_cta.scss +37 -0
data/docs/_sass/_download.scss +31 -0
data/docs/_sass/_features.scss +47 -0
data/docs/_sass/_footer.scss +49 -0
data/docs/_sass/_global.scss +102 -0
data/docs/_sass/_main.scss +364 -0
data/docs/_sass/_masthead.scss +70 -0
data/docs/_sass/_mixins.scss +79 -0
data/docs/_sass/_navbar.scss +92 -0
data/docs/_sass/_syntax.scss +65 -0
data/docs/_sass/_table.scss +34 -0
data/docs/_sass/_timeline.scss +207 -0
data/docs/_sass/_variables.scss +24 -0
data/docs/bin/web +8 -0
data/docs/docs.md +24 -0
data/docs/dsl/pipeline.md +76 -0
data/docs/dsl/role.md +66 -0
data/docs/dsl/schedule.md +20 -0
data/docs/img/docs/codepipeline-output.png +0 -0
data/docs/img/logos/boltops-logo-full.png +0 -0
data/docs/img/logos/boltops-logo.png +0 -0
data/docs/img/logos/project-logo.png +0 -0
data/docs/index.html +35 -0
data/docs/js/nav.js +39 -0
data/docs/js/new-age.js +38 -0
data/docs/js/new-age.min.js +6 -0
data/docs/new-age.scss +20 -0
data/docs/quick-start.md +73 -0
data/docs/reference.md +12 -0
data/docs/support.md +22 -0
data/docs/vendor/bootstrap/css/bootstrap-grid.css +1339 -0
data/docs/vendor/bootstrap/css/bootstrap-grid.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap-grid.min.css +1 -0
data/docs/vendor/bootstrap/css/bootstrap-grid.min.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap-reboot.css +459 -0
data/docs/vendor/bootstrap/css/bootstrap-reboot.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap-reboot.min.css +1 -0
data/docs/vendor/bootstrap/css/bootstrap-reboot.min.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap.css +9320 -0
data/docs/vendor/bootstrap/css/bootstrap.css.map +1 -0
data/docs/vendor/bootstrap/css/bootstrap.min.css +6 -0
data/docs/vendor/bootstrap/css/bootstrap.min.css.map +1 -0
data/docs/vendor/bootstrap/js/bootstrap.js +3535 -0
data/docs/vendor/bootstrap/js/bootstrap.min.js +7 -0
data/docs/vendor/font-awesome/css/font-awesome.css +2337 -0
data/docs/vendor/font-awesome/css/font-awesome.min.css +4 -0
data/docs/vendor/font-awesome/fonts/FontAwesome.otf +0 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.eot +0 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.svg +2671 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.ttf +0 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.woff +0 -0
data/docs/vendor/font-awesome/fonts/fontawesome-webfont.woff2 +0 -0
data/docs/vendor/font-awesome/less/animated.less +34 -0
data/docs/vendor/font-awesome/less/bordered-pulled.less +25 -0
data/docs/vendor/font-awesome/less/core.less +12 -0
data/docs/vendor/font-awesome/less/fixed-width.less +6 -0
data/docs/vendor/font-awesome/less/font-awesome.less +18 -0
data/docs/vendor/font-awesome/less/icons.less +789 -0
data/docs/vendor/font-awesome/less/larger.less +13 -0
data/docs/vendor/font-awesome/less/list.less +19 -0
data/docs/vendor/font-awesome/less/mixins.less +60 -0
data/docs/vendor/font-awesome/less/path.less +15 -0
data/docs/vendor/font-awesome/less/rotated-flipped.less +20 -0
data/docs/vendor/font-awesome/less/screen-reader.less +5 -0
data/docs/vendor/font-awesome/less/stacked.less +20 -0
data/docs/vendor/font-awesome/less/variables.less +799 -0
data/docs/vendor/font-awesome/scss/_animated.scss +34 -0
data/docs/vendor/font-awesome/scss/_bordered-pulled.scss +25 -0
data/docs/vendor/font-awesome/scss/_core.scss +12 -0
data/docs/vendor/font-awesome/scss/_fixed-width.scss +6 -0
data/docs/vendor/font-awesome/scss/_icons.scss +789 -0
data/docs/vendor/font-awesome/scss/_larger.scss +13 -0
data/docs/vendor/font-awesome/scss/_list.scss +19 -0
data/docs/vendor/font-awesome/scss/_mixins.scss +60 -0
data/docs/vendor/font-awesome/scss/_path.scss +15 -0
data/docs/vendor/font-awesome/scss/_rotated-flipped.scss +20 -0
data/docs/vendor/font-awesome/scss/_screen-reader.scss +5 -0
data/docs/vendor/font-awesome/scss/_stacked.scss +20 -0
data/docs/vendor/font-awesome/scss/_variables.scss +799 -0
data/docs/vendor/font-awesome/scss/font-awesome.scss +18 -0
data/docs/vendor/jquery-easing/jquery.easing.compatibility.js +59 -0
data/docs/vendor/jquery-easing/jquery.easing.js +166 -0
data/docs/vendor/jquery-easing/jquery.easing.min.js +1 -0
data/docs/vendor/jquery/jquery.js +10253 -0
data/docs/vendor/jquery/jquery.min.js +4 -0
data/docs/vendor/simple-line-icons/css/simple-line-icons.css +778 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.eot +0 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.svg +200 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.ttf +0 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.woff +0 -0
data/docs/vendor/simple-line-icons/fonts/Simple-Line-Icons.woff2 +0 -0
data/docs/vendor/simple-line-icons/less/simple-line-icons.less +982 -0
data/docs/vendor/simple-line-icons/scss/simple-line-icons.scss +979 -0
data/docs/vendor/tether/tether.js +1811 -0
data/docs/vendor/tether/tether.min.js +1 -0
data/exe/codepipeline +14 -0
data/exe/pipe +14 -0
data/lib/codepipe.rb +23 -0
data/lib/codepipe/autoloader.rb +21 -0
data/lib/codepipe/aws_services.rb +20 -0
data/lib/codepipe/aws_services/helpers.rb +71 -0
data/lib/codepipe/build.rb +13 -0
data/lib/codepipe/cli.rb +60 -0
data/lib/codepipe/command.rb +82 -0
data/lib/codepipe/completer.rb +159 -0
data/lib/codepipe/completer/script.rb +6 -0
data/lib/codepipe/completer/script.sh +10 -0
data/lib/codepipe/core.rb +63 -0
data/lib/codepipe/create.rb +12 -0
data/lib/codepipe/delete.rb +27 -0
data/lib/codepipe/deploy.rb +40 -0
data/lib/codepipe/dsl/pipeline.rb +37 -0
data/lib/codepipe/dsl/pipeline/approve.rb +34 -0
data/lib/codepipe/dsl/pipeline/codebuild.rb +57 -0
data/lib/codepipe/dsl/pipeline/github.rb +36 -0
data/lib/codepipe/dsl/role.rb +50 -0
data/lib/codepipe/dsl/schedule.rb +30 -0
data/lib/codepipe/dsl/sns.rb +15 -0
data/lib/codepipe/dsl/ssm.rb +22 -0
data/lib/codepipe/dsl/webhook.rb +27 -0
data/lib/codepipe/evaluate.rb +47 -0
data/lib/codepipe/help.rb +9 -0
data/lib/codepipe/help/completion.md +22 -0
data/lib/codepipe/help/completion_script.md +3 -0
data/lib/codepipe/help/hello.md +5 -0
data/lib/codepipe/init.rb +57 -0
data/lib/codepipe/pipeline.rb +61 -0
data/lib/codepipe/pipeline/s3_bucket.rb +88 -0
data/lib/codepipe/role.rb +181 -0
data/lib/codepipe/schedule.rb +99 -0
data/lib/codepipe/sequence.rb +66 -0
data/lib/codepipe/setting.rb +79 -0
data/lib/codepipe/sns.rb +43 -0
data/lib/codepipe/stack.rb +95 -0
data/lib/codepipe/start.rb +83 -0
data/lib/codepipe/update.rb +12 -0
data/lib/codepipe/version.rb +3 -0
data/lib/codepipe/webhook.rb +60 -0
data/lib/codepipeline.rb +1 -6
data/lib/template/.codepipeline/pipeline.rb.tt +33 -0
data/lib/template/.codepipeline/schedule.rb +3 -0
data/lib/template/.codepipeline/settings.yml +9 -0
data/lib/template/.codepipeline/sns.rb +14 -0
data/spec/fixtures/app/.codepipeline/pipeline.rb +12 -0
data/spec/fixtures/app/.codepipeline/schedule.rb +1 -0
data/spec/fixtures/app/.codepipeline/webhook.rb +1 -0
data/spec/fixtures/pipelines/approve.rb +22 -0
data/spec/fixtures/pipelines/approve_existing_sns.rb +24 -0
data/spec/lib/cli_spec.rb +18 -0
data/spec/lib/pipeline/approve_spec.rb +32 -0
data/spec/lib/pipeline_spec.rb +12 -0
data/spec/lib/role_spec.rb +12 -0
data/spec/lib/schedule_spec.rb +12 -0
data/spec/lib/webhook_spec.rb +12 -0
data/spec/spec_helper.rb +35 -0
metadata +419 -22
data/.travis.yml +0 -7
data/bin/console +0 -14
data/bin/setup +0 -8
data/codepipeline.gemspec +0 -27
data/lib/codepipeline/version.rb +0 -3

data/lib/codepipe/dsl/webhook.rb ADDED

@@ -0,0 +1,27 @@
+module Codepipe::Dsl
+  module Webhook
+    include Ssm
+    # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-webhook.html
+    PROPERTIES = %w[
+      authentication
+      authentication_configuration
+      filters
+      name
+      register_with_third_party
+      target_action
+      target_pipeline
+      target_pipeline_version
+    ]
+    PROPERTIES.each do |prop|
+      define_method(prop) do |v|
+        @properties[prop.to_sym] = v
+      end
+    end
+    def secret_token(v)
+      @secret_token = v
+    end
+    alias_method :github_token, :secret_token
+  end
+end

data/lib/codepipe/evaluate.rb ADDED

@@ -0,0 +1,47 @@
+module Codepipe
+  module Evaluate
+    def evaluate(path)
+      source_code = IO.read(path)
+      begin
+        instance_eval(source_code, path)
+      rescue Exception => e
+        if e.class == SystemExit # allow exit to happen normally
+          raise
+        else
+          task_definition_error(e)
+          puts "\nFull error:"
+          raise
+        end
+      end
+    end
+  private
+    # Prints out a user friendly task_definition error message
+    def task_definition_error(e)
+      error_info = e.backtrace.first
+      path, line_no, _ = error_info.split(':')
+      line_no = line_no.to_i
+      puts "Error evaluating #{path}:".color(:red)
+      puts e.message
+      puts "Here's the line in #{path} with the error:\n\n"
+      contents = IO.read(path)
+      content_lines = contents.split("\n")
+      context = 5 # lines of context
+      top, bottom = [line_no-context-1, 0].max, line_no+context-1
+      spacing = content_lines.size.to_s.size
+      content_lines[top..bottom].each_with_index do |line_content, index|
+        line_number = top+index+1
+        if line_number == line_no
+          printf("%#{spacing}d %s\n".color(:red), line_number, line_content)
+        else
+          printf("%#{spacing}d %s\n", line_number, line_content)
+        end
+      end
+    end
+    def lookup_codepipeline_file(name)
+      [".codepipeline", @options[:type], name].compact.join("/")
+    end
+  end
+end

data/lib/codepipe/help.rb ADDED

@@ -0,0 +1,9 @@
+module Codepipe::Help
+  class << self
+    def text(namespaced_command)
+      path = namespaced_command.to_s.gsub(':','/')
+      path = File.expand_path("../help/#{path}.md", __FILE__)
+      IO.read(path) if File.exist?(path)
+    end
+  end
+end

data/lib/codepipe/help/completion.md ADDED

@@ -0,0 +1,22 @@
+Example:
+    codepipe completion
+Prints words for TAB auto-completion.
+Examples:
+    codepipe completion
+    codepipe completion hello
+    codepipe completion hello name
+To enable, TAB auto-completion add the following to your profile:
+    eval $(codepipe completion_script)
+Auto-completion example usage:
+    codepipe [TAB]
+    codepipe hello [TAB]
+    codepipe hello name [TAB]
+    codepipe hello name --[TAB]

data/lib/codepipe/help/completion_script.md ADDED

@@ -0,0 +1,3 @@
+To use, add the following to your `~/.bashrc` or `~/.profile`
+    eval $(codepipe completion_script)

data/lib/codepipe/help/hello.md ADDED

@@ -0,0 +1,5 @@
+Examples:
+    codepipe hello
+    codepipe hello NAME
+    codepipe hello NAME --from me

data/lib/codepipe/init.rb ADDED

@@ -0,0 +1,57 @@
+module Codepipe
+  class Init < Sequence
+    # Ugly, this is how I can get the options from to match with this Thor::Group
+    def self.cli_options
+      [
+        [:name, desc: "CodePipeline project name."],
+        [:force, type: :boolean, desc: "Bypass overwrite are you sure prompt for existing files."],
+        [:template, desc: "Custom template to use."],
+        [:template_mode, desc: "Template mode: replace or additive."],
+      ]
+    end
+    cli_options.each { |o| class_option(*o) }
+    def setup_template_repo
+      return unless @options[:template]&.include?('/')
+      sync_template_repo
+    end
+    def set_source_path
+      return unless @options[:template]
+      custom_template = "#{ENV['HOME']}/.codepipeline/templates/#{full_repo_name}"
+      if @options[:template_mode] == "replace" # replace the template entirely
+        override_source_paths(custom_template)
+      else # additive: modify on top of default template
+        default_template = File.expand_path("../../template", __FILE__)
+        override_source_paths([custom_template, default_template])
+      end
+    end
+    def copy_project
+      puts "Initialize codepipeline project in .codepipeline"
+      if @options[:template]
+        directory ".", ".codepipeline", exclude_pattern: /.git/
+      else
+        directory ".", exclude_pattern: /.git/
+      end
+    end
+  private
+    def project_name
+      inferred_name = File.basename(Dir.pwd).gsub('_','-').gsub(/[^0-9a-zA-Z,-]/, '')
+      @options[:name] || inferred_name
+    end
+    def project_github_repo
+      default = "user/repo"
+      return default unless File.exist?(".git/config") && git_installed?
+      url = `git config --get remote.origin.url`.strip
+      repo = url.sub('git@github.com:','').sub(/\.git$/,'')
+      repo == '' ? default : repo
+    end
+  end
+end

data/lib/codepipe/pipeline.rb ADDED

@@ -0,0 +1,61 @@
+module Codepipe
+  class Pipeline
+    extend Memoist
+    include Dsl::Pipeline
+    include Evaluate
+    def initialize(options={})
+      @options = options
+      @pipeline_path = options[:pipeline_path] || get_pipeline_path
+      @properties = default_properties # defaults make pipeline.rb simpler
+      @stages = []
+    end
+    def run
+      evaluate(@pipeline_path)
+      @properties[:stages] ||= @stages
+      set_source_branch!
+      resource = {
+        pipeline: {
+          type: "AWS::CodePipeline::Pipeline",
+          properties: @properties
+        }
+      }
+      CfnCamelizer.transform(resource)
+    end
+    def default_properties
+      {
+        name: @options[:full_pipeline_name],
+        role_arn: { "Fn::GetAtt": "IamRole.Arn" },
+        artifact_store: {
+          type: "S3",
+          location: s3_bucket, # auto creates s3 bucket
+        }
+      }
+    end
+    # cli branch option always takes highest precedence
+    def set_source_branch!
+      return unless @options[:branch]
+      source_stage = @properties[:stages].first
+      action = source_stage[:actions].first
+      action[:configuration][:branch] = @options[:branch]
+    end
+    def exist?
+      File.exist?(@pipeline_path)
+    end
+    def s3_bucket
+      S3Bucket.name
+    end
+  private
+    def get_pipeline_path
+      lookup_codepipeline_file "pipeline.rb"
+    end
+  end
+end

data/lib/codepipe/pipeline/s3_bucket.rb ADDED

@@ -0,0 +1,88 @@
+require "aws-sdk-s3"
+class Codepipe::Pipeline
+  class S3Bucket
+    extend Memoist
+    include Codepipe::AwsServices
+    class << self
+      extend Memoist
+      def name
+        new.name
+      end
+      memoize :name
+    end
+    def name
+      ensure_exists(bucket_name)
+      bucket_name
+    end
+    memoize :name
+    def bucket_name
+      "codepipeline-#{aws.region}-#{aws.account}"
+    end
+    def ensure_exists(name)
+      return if exists?(name) || ENV['TEST']
+      s3.create_bucket(bucket: name)
+      policy = {
+        "Version": "2012-10-17",
+        "Id": "SSEAndSSLPolicy",
+        "Statement": [
+          {
+            "Sid": "DenyUnEncryptedObjectUploads",
+            "Effect": "Deny",
+            "Principal": "*",
+            "Action": "s3:PutObject",
+            "Resource": "arn:aws:s3:::#{name}/*",
+            "Condition": {
+              "StringNotEquals": {
+                "s3:x-amz-server-side-encryption": "aws:kms"
+              }
+            }
+          },
+          {
+              "Sid": "DenyInsecureConnections",
+              "Effect": "Deny",
+              "Principal": "*",
+              "Action": "s3:*",
+              "Resource": "arn:aws:s3:::#{name}/*",
+              "Condition": {
+                  "Bool": {
+                      "aws:SecureTransport": "false"
+                  }
+              }
+          }
+        ]
+      }
+      s3.put_bucket_policy(
+        bucket: name,
+        policy: JSON.dump(policy),
+      )
+    rescue Aws::S3::Errors::BucketAlreadyExists => e
+      puts "ERROR #{e.class}: #{e.message}".color(:red)
+      puts "Bucket name: #{name}"
+      exit 1
+    end
+    def exists?(name)
+      begin
+        s3.head_bucket(bucket: name)
+        true
+      rescue Aws::S3::Errors::BucketAlreadyOwnedByYou, Aws::S3::Errors::Http301Error
+        # These exceptions indicate bucket already exists
+        # Aws::S3::Errors::Http301Error could be inaccurate but compromising for simplicity
+        true
+      rescue
+        false
+      end
+    end
+  private
+    def aws
+      AwsData.new
+    end
+    memoize :aws
+  end
+end

data/lib/codepipe/role.rb ADDED

@@ -0,0 +1,181 @@
+require "yaml"
+module Codepipe
+  class Role
+    include Codepipe::Dsl::Role
+    include Evaluate
+    def initialize(options={})
+      @options = options
+      @role_path = options[:role_path] || get_role_path
+      @properties = default_properties
+    end
+    def run
+      evaluate(@role_path) if File.exist?(@role_path)
+      @properties[:policies] = [{
+        policy_name: "CodePipelineAccess",
+        policy_document: {
+          version: "2012-10-17",
+          statement: derived_iam_statements
+        }
+      }]
+      @properties[:managed_policy_arns] = @managed_policy_arns if @managed_policy_arns && !@managed_policy_arns.empty?
+      resource = {
+        logical_id => {
+          type: "AWS::IAM::Role",
+          properties: @properties
+        }
+      }
+      CfnCamelizer.transform(resource)
+    end
+    def logical_id
+      "IamRole"
+    end
+  private
+    def get_role_path
+      lookup_codepipeline_file("role.rb")
+    end
+    def default_properties
+      {
+        assume_role_policy_document: {
+          statement: [{
+            action: ["sts:AssumeRole"],
+            effect: "Allow",
+            principal: {
+              service: principal_services
+            }
+          }],
+          version: "2012-10-17"
+        },
+        path: "/"
+      }
+    end
+    def principal_services
+      ["codepipeline.amazonaws.com"]
+    end
+    def derived_iam_statements
+      @iam_statements || default_iam_statements
+    end
+    def default_iam_statements
+      # Based on the one created by CodePipeline Console
+      [{
+        "action"=>["iam:PassRole"],
+        "resource"=>"*",
+        "effect"=>"Allow",
+        "condition"=>
+          {"string_equals_if_exists"=>
+            {"iam:passed_to_service"=>
+              ["cloudformation.amazonaws.com",
+               "elasticbeanstalk.amazonaws.com",
+               "ec2.amazonaws.com",
+               "ecs-tasks.amazonaws.com"]
+            }
+          }
+      },{
+        "action"=>
+          ["codecommit:CancelUploadArchive",
+           "codecommit:GetBranch",
+           "codecommit:GetCommit",
+           "codecommit:GetUploadArchiveStatus",
+           "codecommit:UploadArchive"],
+          "resource"=>"*",
+          "effect"=>"Allow"
+      },{
+        "action"=>
+         ["codedeploy:CreateDeployment",
+          "codedeploy:GetApplication",
+          "codedeploy:GetApplicationRevision",
+          "codedeploy:GetDeployment",
+          "codedeploy:GetDeploymentConfig",
+          "codedeploy:RegisterApplicationRevision"],
+          "resource"=>"*",
+          "effect"=>"Allow"
+      },{
+        "action"=>
+          ["elasticbeanstalk:*",
+           "ec2:*",
+           "elasticloadbalancing:*",
+           "autoscaling:*",
+           "cloudwatch:*",
+           "s3:*",
+           "sns:*",
+           "cloudformation:*",
+           "rds:*",
+           "sqs:*",
+           "ecs:*"],
+        "resource"=>"*",
+        "effect"=>"Allow"
+      },{
+        "action"=>["lambda:InvokeFunction", "lambda:ListFunctions"],
+        "resource"=>"*",
+        "effect"=>"Allow"
+      },{
+        "action"=>
+           ["opsworks:CreateDeployment",
+            "opsworks:DescribeApps",
+            "opsworks:DescribeCommands",
+            "opsworks:DescribeDeployments",
+            "opsworks:DescribeInstances",
+            "opsworks:DescribeStacks",
+            "opsworks:UpdateApp",
+            "opsworks:UpdateStack"],
+          "resource"=>"*",
+          "effect"=>"Allow"
+      },{
+        "action"=>
+         ["cloudformation:CreateStack",
+          "cloudformation:DeleteStack",
+          "cloudformation:DescribeStacks",
+          "cloudformation:UpdateStack",
+          "cloudformation:CreateChangeSet",
+          "cloudformation:DeleteChangeSet",
+          "cloudformation:DescribeChangeSet",
+          "cloudformation:ExecuteChangeSet",
+          "cloudformation:SetStackPolicy",
+          "cloudformation:ValidateTemplate"],
+        "resource"=>"*",
+        "effect"=>"Allow"
+      },{
+        "action"=>["codebuild:BatchGetBuilds", "codebuild:StartBuild"],
+        "resource"=>"*",
+        "effect"=>"Allow"
+      },{
+        "action"=>
+          ["devicefarm:ListProjects",
+           "devicefarm:ListDevicePools",
+           "devicefarm:GetRun",
+           "devicefarm:GetUpload",
+           "devicefarm:CreateUpload",
+           "devicefarm:ScheduleRun"],
+          "resource"=>"*",
+          "effect"=>"Allow",
+      },{
+        "action"=>
+          ["servicecatalog:ListProvisioningArtifacts",
+           "servicecatalog:CreateProvisioningArtifact",
+           "servicecatalog:DescribeProvisioningArtifact",
+           "servicecatalog:DeleteProvisioningArtifact",
+           "servicecatalog:UpdateProduct"],
+        "resource"=>"*",
+        "effect"=>"Allow",
+      },{
+        "action"=>["cloudformation:ValidateTemplate"],
+        "resource"=>"*",
+        "effect"=>"Allow",
+      },{
+        "action"=>["ecr:DescribeImages"],
+        "resource"=>"*",
+        "effect"=>"Allow",
+      }]
+    end
+  end
+end