convection 0.2.20 → 0.2.21
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/convection/model/template/resource/aws_events_rule.rb +30 -0
- data/lib/convection/model/template/resource/aws_iam_role.rb +10 -0
- data/lib/convection/model/template/resource/aws_lambda_permission.rb +21 -0
- data/lib/convection/model/template/resource_property/aws_events_rule_target.rb +18 -0
- data/test/convection/model/test_permission.rb +31 -0
- data/test/convection/model/test_trust.rb +28 -0
- metadata +9 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 074ce594bd457dfa3a9174a47b5a9813f7a1d740
|
4
|
+
data.tar.gz: 589968f7d3487cb35d9d0166ab09b3bff11ffdc6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 094c835c822791ea64c117a8c61e11d42a27d2aa32eecf70525ab26d33384612af68ee20a8c5422a78f3948fd94fa21091a4e9fe894038fb08a8207c23954d36
|
7
|
+
data.tar.gz: eab4ff96aa467afb8113a65cc20cbcbdfe537718041efaa56609d9e0c4b3ad01cb450b0aeaeeb16aceb26717b2ac79d2eff9b96eefc8b264b4cb5a85e7939496
|
@@ -0,0 +1,30 @@
|
|
1
|
+
require_relative '../resource'
|
2
|
+
|
3
|
+
module Convection
|
4
|
+
module Model
|
5
|
+
class Template
|
6
|
+
class Resource
|
7
|
+
##
|
8
|
+
# AWS::Events::Rule
|
9
|
+
##
|
10
|
+
class EventsRule < Resource
|
11
|
+
type 'AWS::Events::Rule'
|
12
|
+
property :description, 'Description'
|
13
|
+
property :domain, 'Domain'
|
14
|
+
property :event_pattern, 'EventPattern', :type => :hash
|
15
|
+
property :name, 'Name'
|
16
|
+
property :role_arn, 'RoleArn'
|
17
|
+
property :schedule_expression, 'ScheduleExpression'
|
18
|
+
property :state, 'State'
|
19
|
+
property :targets, 'Targets', :type => :array
|
20
|
+
|
21
|
+
def target(&block)
|
22
|
+
target = ResourceProperty::EventsRuleTarget.new(self)
|
23
|
+
target.instance_exec(&block) if block
|
24
|
+
targets << target
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -24,6 +24,16 @@ module Convection
|
|
24
24
|
@template.resources[profile.name] = profile
|
25
25
|
end
|
26
26
|
|
27
|
+
## Add a canned trust policy for any AWS service
|
28
|
+
def trust_service(name, &block)
|
29
|
+
@trust_relationship = Model::Mixin::Policy.new(:name => "trust-#{name}-service", :template => @template)
|
30
|
+
trust_relationship.allow do
|
31
|
+
action 'sts:AssumeRole'
|
32
|
+
principal :Service => "#{name}.amazonaws.com"
|
33
|
+
end
|
34
|
+
trust_relationship.instance_exec(&block) if block
|
35
|
+
end
|
36
|
+
|
27
37
|
## Add a canned trust policy for EC2 instances
|
28
38
|
def trust_ec2_instances(&block)
|
29
39
|
@trust_relationship = Model::Mixin::Policy.new(:name => 'trust-ec2-instances', :template => @template)
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require_relative '../resource'
|
2
|
+
|
3
|
+
module Convection
|
4
|
+
module Model
|
5
|
+
class Template
|
6
|
+
class Resource
|
7
|
+
##
|
8
|
+
# AWS::Lambda::Permission
|
9
|
+
##
|
10
|
+
class LambdaPermission < Resource
|
11
|
+
type 'AWS::Lambda::Permission'
|
12
|
+
property :action, 'Action'
|
13
|
+
property :function_name, 'FunctionName'
|
14
|
+
property :principal, 'Principal'
|
15
|
+
property :source_account, 'SourceAccount'
|
16
|
+
property :source_arn, 'SourceArn'
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
require_relative '../resource_property'
|
2
|
+
|
3
|
+
module Convection
|
4
|
+
module Model
|
5
|
+
class Template
|
6
|
+
class ResourceProperty
|
7
|
+
# Represents an {http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html
|
8
|
+
# CloudWatch Events Rule Target}
|
9
|
+
class EventsRuleTarget < ResourceProperty
|
10
|
+
property :arn, 'Arn'
|
11
|
+
property :id, 'Id'
|
12
|
+
property :input, 'Input'
|
13
|
+
property :input_path, 'InputPath'
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -0,0 +1,31 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
require 'json'
|
3
|
+
|
4
|
+
class TestLambdaPermission < Minitest::Test
|
5
|
+
def setup
|
6
|
+
@template = ::Convection.template do
|
7
|
+
description 'Lambda Permission Test Template'
|
8
|
+
|
9
|
+
lambda_permission 'LambdaInvokePermission' do
|
10
|
+
action 'lambda:InvokeFunction'
|
11
|
+
function_name get_att('MyLambdaFunction', 'Arn')
|
12
|
+
principal 's3.amazonaws.com'
|
13
|
+
source_account fn_ref('AWS::AccountId')
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
|
18
|
+
def from_json
|
19
|
+
JSON.parse(@template.to_json)
|
20
|
+
end
|
21
|
+
|
22
|
+
def test_lambda_permission
|
23
|
+
# Expected JSON:
|
24
|
+
json = from_json['Resources']['LambdaInvokePermission']
|
25
|
+
properties = json['Properties']
|
26
|
+
|
27
|
+
assert_equal properties['Action'], 'lambda:InvokeFunction'
|
28
|
+
assert_equal properties['FunctionName'], 'Fn::GetAtt' => %w(MyLambdaFunction Arn)
|
29
|
+
assert_equal properties['SourceAccount'], 'Ref' => 'AWS::AccountId'
|
30
|
+
end
|
31
|
+
end
|
@@ -0,0 +1,28 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
require 'json'
|
3
|
+
|
4
|
+
class TestTrust < Minitest::Test
|
5
|
+
def setup
|
6
|
+
@template = ::Convection.template do
|
7
|
+
description 'Trust Test Template'
|
8
|
+
|
9
|
+
iam_role 'FooRole' do
|
10
|
+
trust_service 'bar'
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
14
|
+
|
15
|
+
def from_json
|
16
|
+
JSON.parse(@template.to_json)
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_trust
|
20
|
+
json = from_json['Resources']['FooRole']['Properties']
|
21
|
+
doc = json['AssumeRolePolicyDocument']
|
22
|
+
refute doc.nil?, 'No policy document present in JSON'
|
23
|
+
stmt = doc['Statement']
|
24
|
+
|
25
|
+
trust_bar = stmt.any? { |s| s['Principal']['Service'] == 'bar.amazonaws.com' }
|
26
|
+
assert_equal true, trust_bar, 'Expected to find [bar.amazonaws.com] in document'
|
27
|
+
end
|
28
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: convection
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.21
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- John Manero
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-04-
|
11
|
+
date: 2016-04-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk
|
@@ -161,6 +161,7 @@ files:
|
|
161
161
|
- lib/convection/model/template/resource/aws_elasticbeanstalk_configurationtemplate.rb
|
162
162
|
- lib/convection/model/template/resource/aws_elasticbeanstalk_environment.rb
|
163
163
|
- lib/convection/model/template/resource/aws_elb.rb
|
164
|
+
- lib/convection/model/template/resource/aws_events_rule.rb
|
164
165
|
- lib/convection/model/template/resource/aws_iam_access_key.rb
|
165
166
|
- lib/convection/model/template/resource/aws_iam_group.rb
|
166
167
|
- lib/convection/model/template/resource/aws_iam_instance_profile.rb
|
@@ -170,6 +171,7 @@ files:
|
|
170
171
|
- lib/convection/model/template/resource/aws_iam_user.rb
|
171
172
|
- lib/convection/model/template/resource/aws_kms_key.rb
|
172
173
|
- lib/convection/model/template/resource/aws_lambda_function.rb
|
174
|
+
- lib/convection/model/template/resource/aws_lambda_permission.rb
|
173
175
|
- lib/convection/model/template/resource/aws_logs_loggroup.rb
|
174
176
|
- lib/convection/model/template/resource/aws_rds_db_instance.rb
|
175
177
|
- lib/convection/model/template/resource/aws_rds_db_parameter_group.rb
|
@@ -200,6 +202,7 @@ files:
|
|
200
202
|
- lib/convection/model/template/resource_property/aws_ec2_block_store_block_device.rb
|
201
203
|
- lib/convection/model/template/resource_property/aws_ec2_mount_point.rb
|
202
204
|
- lib/convection/model/template/resource_property/aws_ec2_network_interface.rb
|
205
|
+
- lib/convection/model/template/resource_property/aws_events_rule_target.rb
|
203
206
|
- lib/convection/model/template/resource_property/aws_lambda_function_code.rb
|
204
207
|
- lib/convection/model/template/resource_property/aws_lambda_vpc_config.rb
|
205
208
|
- lib/convection/version.rb
|
@@ -207,8 +210,10 @@ files:
|
|
207
210
|
- test/convection/model/test_elasticache.rb
|
208
211
|
- test/convection/model/test_lambdas.rb
|
209
212
|
- test/convection/model/test_loggroups.rb
|
213
|
+
- test/convection/model/test_permission.rb
|
210
214
|
- test/convection/model/test_rds.rb
|
211
215
|
- test/convection/model/test_template.rb
|
216
|
+
- test/convection/model/test_trust.rb
|
212
217
|
- test/convection/model/test_validation.rb
|
213
218
|
- test/convection/model/test_vpc_endpoint.rb
|
214
219
|
- test/test_helper.rb
|
@@ -241,8 +246,10 @@ test_files:
|
|
241
246
|
- test/convection/model/test_elasticache.rb
|
242
247
|
- test/convection/model/test_lambdas.rb
|
243
248
|
- test/convection/model/test_loggroups.rb
|
249
|
+
- test/convection/model/test_permission.rb
|
244
250
|
- test/convection/model/test_rds.rb
|
245
251
|
- test/convection/model/test_template.rb
|
252
|
+
- test/convection/model/test_trust.rb
|
246
253
|
- test/convection/model/test_validation.rb
|
247
254
|
- test/convection/model/test_vpc_endpoint.rb
|
248
255
|
- test/test_helper.rb
|