fog-aws 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/fog/aws/dns.rb +14 -1
- data/lib/fog/aws/iam.rb +9 -0
- data/lib/fog/aws/models/compute/flavors.rb +50 -0
- data/lib/fog/aws/models/dns/records.rb +14 -20
- data/lib/fog/aws/models/dns/zones.rb +1 -1
- data/lib/fog/aws/models/storage/file.rb +28 -3
- data/lib/fog/aws/models/storage/files.rb +5 -0
- data/lib/fog/aws/parsers/.DS_Store +0 -0
- data/lib/fog/aws/parsers/iam/list_managed_policies.rb +29 -0
- data/lib/fog/aws/parsers/iam/policy_parser.rb +57 -0
- data/lib/fog/aws/parsers/iam/single_policy.rb +27 -0
- data/lib/fog/aws/rds.rb +3 -1
- data/lib/fog/aws/requests/.DS_Store +0 -0
- data/lib/fog/aws/requests/compute/authorize_security_group_ingress.rb +67 -62
- data/lib/fog/aws/requests/compute/delete_security_group.rb +42 -28
- data/lib/fog/aws/requests/dns/change_resource_record_sets.rb +20 -20
- data/lib/fog/aws/requests/dns/create_hosted_zone.rb +1 -3
- data/lib/fog/aws/requests/dns/delete_hosted_zone.rb +5 -7
- data/lib/fog/aws/requests/dns/get_change.rb +11 -16
- data/lib/fog/aws/requests/dns/get_hosted_zone.rb +1 -3
- data/lib/fog/aws/requests/dns/list_resource_record_sets.rb +7 -12
- data/lib/fog/aws/requests/dynamodb/scan.rb +2 -1
- data/lib/fog/aws/requests/iam/attach_group_policy.rb +32 -0
- data/lib/fog/aws/requests/iam/attach_role_policy.rb +32 -0
- data/lib/fog/aws/requests/iam/attach_user_policy.rb +32 -0
- data/lib/fog/aws/requests/iam/create_policy.rb +47 -0
- data/lib/fog/aws/requests/iam/delete_policy.rb +30 -0
- data/lib/fog/aws/requests/iam/detach_group_policy.rb +32 -0
- data/lib/fog/aws/requests/iam/detach_role_policy.rb +32 -0
- data/lib/fog/aws/requests/iam/detach_user_policy.rb +32 -0
- data/lib/fog/aws/requests/iam/list_policies.rb +47 -0
- data/lib/fog/aws/requests/storage/head_object_url.rb +40 -0
- data/lib/fog/aws/storage.rb +1 -0
- data/lib/fog/aws/version.rb +1 -1
- data/tests/models/compute/security_group_tests.rb +11 -1
- data/tests/models/storage/file_tests.rb +29 -0
- data/tests/requests/compute/security_group_tests.rb +9 -0
- data/tests/requests/dns/dns_tests.rb +29 -42
- data/tests/requests/iam/managed_policy_tests.rb +91 -0
- data/tests/requests/storage/object_tests.rb +6 -0
- metadata +18 -2
@@ -0,0 +1,30 @@
|
|
1
|
+
module Fog
|
2
|
+
module AWS
|
3
|
+
class IAM
|
4
|
+
class Real
|
5
|
+
require 'fog/aws/parsers/iam/basic'
|
6
|
+
|
7
|
+
# Deletes a manged policy
|
8
|
+
#
|
9
|
+
# ==== Parameters
|
10
|
+
# * policy_arn<~String>: arn of the policy
|
11
|
+
#
|
12
|
+
# ==== Returns
|
13
|
+
# * response<~Excon::Response>:
|
14
|
+
# * body<~Hash>:
|
15
|
+
# * 'RequestId'<~String> - Id of the request
|
16
|
+
#
|
17
|
+
# ==== See Also
|
18
|
+
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html
|
19
|
+
#
|
20
|
+
def delete_policy(policy_arn)
|
21
|
+
request(
|
22
|
+
'Action' => 'DeletePolicy',
|
23
|
+
'PolicyArn' => policy_arn,
|
24
|
+
:parser => Fog::Parsers::AWS::IAM::Basic.new
|
25
|
+
)
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module Fog
|
2
|
+
module AWS
|
3
|
+
class IAM
|
4
|
+
class Real
|
5
|
+
require 'fog/aws/parsers/iam/basic'
|
6
|
+
|
7
|
+
# Detaches a managed policy from a group
|
8
|
+
#
|
9
|
+
# ==== Parameters
|
10
|
+
# * group_name<~String>: name of the group
|
11
|
+
# * policy_arn<~String>: arn of the managed policy
|
12
|
+
#
|
13
|
+
# ==== Returns
|
14
|
+
# * response<~Excon::Response>:
|
15
|
+
# * body<~Hash>:
|
16
|
+
# * 'RequestId'<~String> - Id of the request
|
17
|
+
#
|
18
|
+
# ==== See Also
|
19
|
+
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html
|
20
|
+
#
|
21
|
+
def detach_group_policy(group_name, policy_arn)
|
22
|
+
request(
|
23
|
+
'Action' => 'DetachGroupPolicy',
|
24
|
+
'GroupName' => group_name,
|
25
|
+
'PolicyArn' => policy_arn,
|
26
|
+
:parser => Fog::Parsers::AWS::IAM::Basic.new
|
27
|
+
)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module Fog
|
2
|
+
module AWS
|
3
|
+
class IAM
|
4
|
+
class Real
|
5
|
+
require 'fog/aws/parsers/iam/basic'
|
6
|
+
|
7
|
+
# Detaches a managed policy from a role
|
8
|
+
#
|
9
|
+
# ==== Parameters
|
10
|
+
# * role_name<~String>: name of the role
|
11
|
+
# * policy_arn<~String>: arn of the managed policy
|
12
|
+
#
|
13
|
+
# ==== Returns
|
14
|
+
# * response<~Excon::Response>:
|
15
|
+
# * body<~Hash>:
|
16
|
+
# * 'RequestId'<~String> - Id of the request
|
17
|
+
#
|
18
|
+
# ==== See Also
|
19
|
+
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachRolePolicy.html
|
20
|
+
#
|
21
|
+
def detach_role_policy(role_name, policy_arn)
|
22
|
+
request(
|
23
|
+
'Action' => 'DetachRolePolicy',
|
24
|
+
'RoleName' => role_name,
|
25
|
+
'PolicyArn' => policy_arn,
|
26
|
+
:parser => Fog::Parsers::AWS::IAM::Basic.new
|
27
|
+
)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module Fog
|
2
|
+
module AWS
|
3
|
+
class IAM
|
4
|
+
class Real
|
5
|
+
require 'fog/aws/parsers/iam/basic'
|
6
|
+
|
7
|
+
# Detaches a managed policy to a user
|
8
|
+
#
|
9
|
+
# ==== Parameters
|
10
|
+
# * user_name<~String>: name of the user
|
11
|
+
# * policy_arn<~String>: arn of the managed policy
|
12
|
+
#
|
13
|
+
# ==== Returns
|
14
|
+
# * response<~Excon::Response>:
|
15
|
+
# * body<~Hash>:
|
16
|
+
# * 'RequestId'<~String> - Id of the request
|
17
|
+
#
|
18
|
+
# ==== See Also
|
19
|
+
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachUserPolicy.html
|
20
|
+
#
|
21
|
+
def detach_user_policy(user_name, policy_arn)
|
22
|
+
request(
|
23
|
+
'Action' => 'DetachUserPolicy',
|
24
|
+
'UserName' => user_name,
|
25
|
+
'PolicyArn' => policy_arn,
|
26
|
+
:parser => Fog::Parsers::AWS::IAM::Basic.new
|
27
|
+
)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
@@ -0,0 +1,47 @@
|
|
1
|
+
module Fog
|
2
|
+
module AWS
|
3
|
+
class IAM
|
4
|
+
class Real
|
5
|
+
require 'fog/aws/parsers/iam/list_managed_policies'
|
6
|
+
|
7
|
+
# Lists managed policies
|
8
|
+
#
|
9
|
+
# ==== Parameters
|
10
|
+
# * options <~Hash>: options that filter the result set
|
11
|
+
# * Marker <~String>
|
12
|
+
# * MaxItems <~Integer>
|
13
|
+
# * OnlyAttached <~Boolean>
|
14
|
+
# * PathPrefix <~String>
|
15
|
+
# * Scope <~String>
|
16
|
+
# ==== Returns
|
17
|
+
# * response<~Excon::Response>:
|
18
|
+
# * body<~Hash>:
|
19
|
+
# * 'RequestId'<~String> - Id of the request
|
20
|
+
# * 'IsTruncated'<~Boolean>
|
21
|
+
# * 'Marker'<~String>
|
22
|
+
# * 'Policies'<~Array>:
|
23
|
+
# * Arn
|
24
|
+
# * AttachmentCount
|
25
|
+
# * CreateDate
|
26
|
+
# * DefaultVersionId
|
27
|
+
# * Description
|
28
|
+
# * IsAttachable
|
29
|
+
# * Path
|
30
|
+
# * PolicyId
|
31
|
+
# * PolicyName
|
32
|
+
# * UpdateDate
|
33
|
+
# ==== See Also
|
34
|
+
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicies.html
|
35
|
+
#
|
36
|
+
def list_policies(options={})
|
37
|
+
request({
|
38
|
+
'Action' => 'ListPolicies',
|
39
|
+
:parser => Fog::Parsers::AWS::IAM::ListManagedPolicies.new
|
40
|
+
}.merge(options))
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
module Fog
|
2
|
+
module Storage
|
3
|
+
class AWS
|
4
|
+
module HeadObjectUrl
|
5
|
+
def head_object_url(bucket_name, object_name, expires, options = {})
|
6
|
+
unless bucket_name
|
7
|
+
raise ArgumentError.new('bucket_name is required')
|
8
|
+
end
|
9
|
+
unless object_name
|
10
|
+
raise ArgumentError.new('object_name is required')
|
11
|
+
end
|
12
|
+
signed_url(options.merge({
|
13
|
+
:bucket_name => bucket_name,
|
14
|
+
:object_name => object_name,
|
15
|
+
:method => 'HEAD'
|
16
|
+
}), expires)
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
class Real
|
21
|
+
# An expiring head request url from S3
|
22
|
+
#
|
23
|
+
# @param bucket_name [String] Name of bucket containing object
|
24
|
+
# @param object_name [String] Name of object to get expiring url for
|
25
|
+
# @param expires [Time] An expiry time for this url
|
26
|
+
#
|
27
|
+
# @return [Excon::Response] response:
|
28
|
+
# * body [String] - url for object
|
29
|
+
#
|
30
|
+
# @see http://docs.amazonwebservices.com/AmazonS3/latest/dev/S3_QSAuth.html
|
31
|
+
|
32
|
+
include HeadObjectUrl
|
33
|
+
end
|
34
|
+
|
35
|
+
class Mock # :nodoc:all
|
36
|
+
include HeadObjectUrl
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
data/lib/fog/aws/storage.rb
CHANGED
data/lib/fog/aws/version.rb
CHANGED
@@ -39,7 +39,6 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
|
|
39
39
|
"#{@other_group.owner_id}:#{@other_group.group_id}", # deprecated form
|
40
40
|
@other_group.group_id,
|
41
41
|
{@other_group.owner_id => @other_group.group_id},
|
42
|
-
{@other_user_id => @other_users_group_id}
|
43
42
|
]
|
44
43
|
|
45
44
|
group_forms.each do |group_arg|
|
@@ -58,6 +57,17 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
|
|
58
57
|
end
|
59
58
|
end
|
60
59
|
|
60
|
+
[
|
61
|
+
{ @other_user_id => @other_users_group_id }
|
62
|
+
].each do |group_arg|
|
63
|
+
test("does not authorize port range access by an invalid security group #{group_arg.inspect}") do
|
64
|
+
raises(Fog::Compute::AWS::NotFound, "The security group '#{@other_users_group_id}' does not exist") {
|
65
|
+
@other_group.reload
|
66
|
+
@group.authorize_port_range(5000..6000, {:group => group_arg})
|
67
|
+
}
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
61
71
|
@other_group.destroy
|
62
72
|
@group.destroy
|
63
73
|
end
|
@@ -74,6 +74,35 @@ Shindo.tests("Storage[:aws] | file", ["aws"]) do
|
|
74
74
|
|
75
75
|
end
|
76
76
|
|
77
|
+
tests("multipart upload with customer encryption").returns(true) do
|
78
|
+
pending if Fog.mocking?
|
79
|
+
|
80
|
+
encryption_key = OpenSSL::Cipher.new("AES-256-ECB").random_key
|
81
|
+
|
82
|
+
# A 6MB file
|
83
|
+
@large_file = Tempfile.new("fog-test-aws-s3-multipart")
|
84
|
+
6.times { @large_file.write("x" * (1024**2)) }
|
85
|
+
@large_file.rewind
|
86
|
+
|
87
|
+
tests("#save(:multipart_chunk_size => 5242880)").succeeds do
|
88
|
+
@directory.files.create(
|
89
|
+
:key => 'multipart-encrypted-upload',
|
90
|
+
:body => @large_file,
|
91
|
+
:multipart_chunk_size => 5242880,
|
92
|
+
:encryption => "AES256",
|
93
|
+
:encryption_key => encryption_key
|
94
|
+
)
|
95
|
+
end
|
96
|
+
|
97
|
+
@large_file.close
|
98
|
+
|
99
|
+
@directory.files.get('multipart-encrypted-upload',
|
100
|
+
'x-amz-server-side-encryption-customer-algorithm' => 'AES256',
|
101
|
+
'x-amz-server-side-encryption-customer-key' => Base64.encode64(encryption_key).chomp!,
|
102
|
+
'x-amz-server-side-encryption-customer-key-MD5' => Base64.encode64(Digest::MD5.digest(encryption_key.to_s)).chomp!
|
103
|
+
).body == "x" * 6*1024**2
|
104
|
+
end
|
105
|
+
|
77
106
|
acl = Fog::Storage[:aws].get_object_acl(@directory.key, @instance.key).body["AccessControlList"]
|
78
107
|
|
79
108
|
tests("#acl").returns(acl) do
|
@@ -408,6 +408,15 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
|
|
408
408
|
Fog::Compute[:aws].delete_security_group('not_a_group_name')
|
409
409
|
end
|
410
410
|
|
411
|
+
@rds_security_group = Fog::AWS[:rds].security_groups.create(:id => "rdsgroup", :description => 'fog rds test')
|
412
|
+
|
413
|
+
tests("#delete_security_group('when authorized to an rds firewall')").raises(Fog::Compute::AWS::Error) do
|
414
|
+
@rds_security_group.authorize_ec2_security_group(@security_group.name)
|
415
|
+
Fog::Compute[:aws].delete_security_group(@security_group.name)
|
416
|
+
end
|
417
|
+
|
418
|
+
@rds_security_group.destroy
|
419
|
+
|
411
420
|
@security_group.destroy
|
412
421
|
@other_security_group.destroy
|
413
422
|
|
@@ -119,13 +119,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
|
|
119
119
|
change_batch << resource_record_set
|
120
120
|
options = { :comment => 'add A record to domain'}
|
121
121
|
response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
|
122
|
-
if response.status == 200
|
123
|
-
change_id = response.body['Id']
|
124
|
-
status = response.body['Status']
|
125
|
-
@new_records << resource_record
|
126
|
-
end
|
127
122
|
|
128
|
-
response.
|
123
|
+
Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
|
124
|
+
|
125
|
+
@new_records << resource_record
|
126
|
+
|
127
|
+
@r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
|
129
128
|
}
|
130
129
|
|
131
130
|
test("add a CNAME resource record") {
|
@@ -139,13 +138,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
|
|
139
138
|
change_batch << resource_record_set
|
140
139
|
options = { :comment => 'add CNAME record to domain'}
|
141
140
|
response = @r53_connection.change_resource_record_sets( @zone_id, change_batch, options)
|
142
|
-
if response.status == 200
|
143
|
-
change_id = response.body['Id']
|
144
|
-
status = response.body['Status']
|
145
|
-
@new_records << resource_record
|
146
|
-
end
|
147
141
|
|
148
|
-
response.
|
142
|
+
Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
|
143
|
+
|
144
|
+
@new_records << resource_record
|
145
|
+
|
146
|
+
@r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
|
149
147
|
}
|
150
148
|
|
151
149
|
test("add a MX resource record") {
|
@@ -159,13 +157,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
|
|
159
157
|
change_batch << resource_record_set
|
160
158
|
options = { :comment => 'add MX record to domain'}
|
161
159
|
response = @r53_connection.change_resource_record_sets( @zone_id, change_batch, options)
|
162
|
-
if response.status == 200
|
163
|
-
change_id = response.body['Id']
|
164
|
-
status = response.body['Status']
|
165
|
-
@new_records << resource_record
|
166
|
-
end
|
167
160
|
|
168
|
-
response.
|
161
|
+
Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
|
162
|
+
|
163
|
+
@new_records << resource_record
|
164
|
+
|
165
|
+
@r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
|
169
166
|
}
|
170
167
|
|
171
168
|
test("add an ALIAS resource record") {
|
@@ -195,47 +192,37 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
|
|
195
192
|
puts "DNS Name (ELB): #{dns_name}"
|
196
193
|
puts "Zone ID for Route 53: #{@zone_id}"
|
197
194
|
|
198
|
-
sleep 120 unless Fog.mocking?
|
199
195
|
response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
|
200
|
-
if response.status == 200
|
201
|
-
change_id = response.body['Id']
|
202
|
-
status = response.body['Status']
|
203
|
-
@new_records << resource_record
|
204
|
-
end
|
205
196
|
|
206
|
-
response.
|
197
|
+
Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
|
198
|
+
|
199
|
+
@new_records << resource_record
|
200
|
+
|
201
|
+
@r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
|
207
202
|
}
|
208
203
|
|
204
|
+
|
209
205
|
tests("list resource records").formats(AWS::DNS::Formats::LIST_RESOURCE_RECORD_SETS) {
|
210
206
|
# get resource records for zone
|
211
207
|
@r53_connection.list_resource_record_sets(@zone_id).body
|
212
208
|
}
|
213
209
|
|
214
210
|
test("delete #{@new_records.count} resource records") {
|
215
|
-
|
211
|
+
change_batch = @new_records.map { |record| record.merge(:action => 'DELETE') }
|
212
|
+
options = { :comment => 'remove records from domain'}
|
216
213
|
|
217
|
-
change_batch = []
|
218
|
-
@new_records.each { |record|
|
219
|
-
resource_record_set = record.merge( :action => 'DELETE')
|
220
|
-
change_batch << resource_record_set
|
221
|
-
}
|
222
|
-
options = { :comment => 'remove records from domain'}
|
223
214
|
response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
|
224
|
-
if response.status != 200
|
225
|
-
result = false
|
226
|
-
break
|
227
|
-
end
|
228
215
|
|
229
|
-
|
216
|
+
Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
|
217
|
+
|
218
|
+
@r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
|
230
219
|
}
|
231
220
|
|
232
221
|
test("delete hosted zone #{@zone_id}") {
|
233
222
|
# cleanup the ELB as well
|
234
223
|
@elb_connection.delete_load_balancer("fog")
|
235
224
|
|
236
|
-
|
237
|
-
|
238
|
-
response.status == 200
|
225
|
+
@r53_connection.delete_hosted_zone(@zone_id).status == 200
|
239
226
|
}
|
240
227
|
|
241
228
|
end
|
@@ -243,13 +230,13 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
|
|
243
230
|
tests('failure') do
|
244
231
|
tests('create hosted zone using invalid domain name').raises(Excon::Errors::BadRequest) do
|
245
232
|
pending if Fog.mocking?
|
246
|
-
|
233
|
+
@r53_connection.create_hosted_zone('invalid-domain')
|
247
234
|
end
|
248
235
|
|
249
236
|
tests('get hosted zone using invalid ID').raises(Excon::Errors::NotFound) do
|
250
237
|
pending if Fog.mocking?
|
251
238
|
zone_id = 'dummy-id'
|
252
|
-
|
239
|
+
@r53_connection.get_hosted_zone(zone_id)
|
253
240
|
end
|
254
241
|
|
255
242
|
end
|