fog-aws 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. checksums.yaml +4 -4
  2. data/lib/fog/aws/dns.rb +14 -1
  3. data/lib/fog/aws/iam.rb +9 -0
  4. data/lib/fog/aws/models/compute/flavors.rb +50 -0
  5. data/lib/fog/aws/models/dns/records.rb +14 -20
  6. data/lib/fog/aws/models/dns/zones.rb +1 -1
  7. data/lib/fog/aws/models/storage/file.rb +28 -3
  8. data/lib/fog/aws/models/storage/files.rb +5 -0
  9. data/lib/fog/aws/parsers/.DS_Store +0 -0
  10. data/lib/fog/aws/parsers/iam/list_managed_policies.rb +29 -0
  11. data/lib/fog/aws/parsers/iam/policy_parser.rb +57 -0
  12. data/lib/fog/aws/parsers/iam/single_policy.rb +27 -0
  13. data/lib/fog/aws/rds.rb +3 -1
  14. data/lib/fog/aws/requests/.DS_Store +0 -0
  15. data/lib/fog/aws/requests/compute/authorize_security_group_ingress.rb +67 -62
  16. data/lib/fog/aws/requests/compute/delete_security_group.rb +42 -28
  17. data/lib/fog/aws/requests/dns/change_resource_record_sets.rb +20 -20
  18. data/lib/fog/aws/requests/dns/create_hosted_zone.rb +1 -3
  19. data/lib/fog/aws/requests/dns/delete_hosted_zone.rb +5 -7
  20. data/lib/fog/aws/requests/dns/get_change.rb +11 -16
  21. data/lib/fog/aws/requests/dns/get_hosted_zone.rb +1 -3
  22. data/lib/fog/aws/requests/dns/list_resource_record_sets.rb +7 -12
  23. data/lib/fog/aws/requests/dynamodb/scan.rb +2 -1
  24. data/lib/fog/aws/requests/iam/attach_group_policy.rb +32 -0
  25. data/lib/fog/aws/requests/iam/attach_role_policy.rb +32 -0
  26. data/lib/fog/aws/requests/iam/attach_user_policy.rb +32 -0
  27. data/lib/fog/aws/requests/iam/create_policy.rb +47 -0
  28. data/lib/fog/aws/requests/iam/delete_policy.rb +30 -0
  29. data/lib/fog/aws/requests/iam/detach_group_policy.rb +32 -0
  30. data/lib/fog/aws/requests/iam/detach_role_policy.rb +32 -0
  31. data/lib/fog/aws/requests/iam/detach_user_policy.rb +32 -0
  32. data/lib/fog/aws/requests/iam/list_policies.rb +47 -0
  33. data/lib/fog/aws/requests/storage/head_object_url.rb +40 -0
  34. data/lib/fog/aws/storage.rb +1 -0
  35. data/lib/fog/aws/version.rb +1 -1
  36. data/tests/models/compute/security_group_tests.rb +11 -1
  37. data/tests/models/storage/file_tests.rb +29 -0
  38. data/tests/requests/compute/security_group_tests.rb +9 -0
  39. data/tests/requests/dns/dns_tests.rb +29 -42
  40. data/tests/requests/iam/managed_policy_tests.rb +91 -0
  41. data/tests/requests/storage/object_tests.rb +6 -0
  42. metadata +18 -2
@@ -0,0 +1,30 @@
1
+ module Fog
2
+ module AWS
3
+ class IAM
4
+ class Real
5
+ require 'fog/aws/parsers/iam/basic'
6
+
7
+ # Deletes a manged policy
8
+ #
9
+ # ==== Parameters
10
+ # * policy_arn<~String>: arn of the policy
11
+ #
12
+ # ==== Returns
13
+ # * response<~Excon::Response>:
14
+ # * body<~Hash>:
15
+ # * 'RequestId'<~String> - Id of the request
16
+ #
17
+ # ==== See Also
18
+ # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html
19
+ #
20
+ def delete_policy(policy_arn)
21
+ request(
22
+ 'Action' => 'DeletePolicy',
23
+ 'PolicyArn' => policy_arn,
24
+ :parser => Fog::Parsers::AWS::IAM::Basic.new
25
+ )
26
+ end
27
+ end
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,32 @@
1
+ module Fog
2
+ module AWS
3
+ class IAM
4
+ class Real
5
+ require 'fog/aws/parsers/iam/basic'
6
+
7
+ # Detaches a managed policy from a group
8
+ #
9
+ # ==== Parameters
10
+ # * group_name<~String>: name of the group
11
+ # * policy_arn<~String>: arn of the managed policy
12
+ #
13
+ # ==== Returns
14
+ # * response<~Excon::Response>:
15
+ # * body<~Hash>:
16
+ # * 'RequestId'<~String> - Id of the request
17
+ #
18
+ # ==== See Also
19
+ # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html
20
+ #
21
+ def detach_group_policy(group_name, policy_arn)
22
+ request(
23
+ 'Action' => 'DetachGroupPolicy',
24
+ 'GroupName' => group_name,
25
+ 'PolicyArn' => policy_arn,
26
+ :parser => Fog::Parsers::AWS::IAM::Basic.new
27
+ )
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,32 @@
1
+ module Fog
2
+ module AWS
3
+ class IAM
4
+ class Real
5
+ require 'fog/aws/parsers/iam/basic'
6
+
7
+ # Detaches a managed policy from a role
8
+ #
9
+ # ==== Parameters
10
+ # * role_name<~String>: name of the role
11
+ # * policy_arn<~String>: arn of the managed policy
12
+ #
13
+ # ==== Returns
14
+ # * response<~Excon::Response>:
15
+ # * body<~Hash>:
16
+ # * 'RequestId'<~String> - Id of the request
17
+ #
18
+ # ==== See Also
19
+ # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachRolePolicy.html
20
+ #
21
+ def detach_role_policy(role_name, policy_arn)
22
+ request(
23
+ 'Action' => 'DetachRolePolicy',
24
+ 'RoleName' => role_name,
25
+ 'PolicyArn' => policy_arn,
26
+ :parser => Fog::Parsers::AWS::IAM::Basic.new
27
+ )
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,32 @@
1
+ module Fog
2
+ module AWS
3
+ class IAM
4
+ class Real
5
+ require 'fog/aws/parsers/iam/basic'
6
+
7
+ # Detaches a managed policy to a user
8
+ #
9
+ # ==== Parameters
10
+ # * user_name<~String>: name of the user
11
+ # * policy_arn<~String>: arn of the managed policy
12
+ #
13
+ # ==== Returns
14
+ # * response<~Excon::Response>:
15
+ # * body<~Hash>:
16
+ # * 'RequestId'<~String> - Id of the request
17
+ #
18
+ # ==== See Also
19
+ # http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachUserPolicy.html
20
+ #
21
+ def detach_user_policy(user_name, policy_arn)
22
+ request(
23
+ 'Action' => 'DetachUserPolicy',
24
+ 'UserName' => user_name,
25
+ 'PolicyArn' => policy_arn,
26
+ :parser => Fog::Parsers::AWS::IAM::Basic.new
27
+ )
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,47 @@
1
+ module Fog
2
+ module AWS
3
+ class IAM
4
+ class Real
5
+ require 'fog/aws/parsers/iam/list_managed_policies'
6
+
7
+ # Lists managed policies
8
+ #
9
+ # ==== Parameters
10
+ # * options <~Hash>: options that filter the result set
11
+ # * Marker <~String>
12
+ # * MaxItems <~Integer>
13
+ # * OnlyAttached <~Boolean>
14
+ # * PathPrefix <~String>
15
+ # * Scope <~String>
16
+ # ==== Returns
17
+ # * response<~Excon::Response>:
18
+ # * body<~Hash>:
19
+ # * 'RequestId'<~String> - Id of the request
20
+ # * 'IsTruncated'<~Boolean>
21
+ # * 'Marker'<~String>
22
+ # * 'Policies'<~Array>:
23
+ # * Arn
24
+ # * AttachmentCount
25
+ # * CreateDate
26
+ # * DefaultVersionId
27
+ # * Description
28
+ # * IsAttachable
29
+ # * Path
30
+ # * PolicyId
31
+ # * PolicyName
32
+ # * UpdateDate
33
+ # ==== See Also
34
+ # http://docs.aws.amazon.com/IAM/latest/APIReference/API_ListPolicies.html
35
+ #
36
+ def list_policies(options={})
37
+ request({
38
+ 'Action' => 'ListPolicies',
39
+ :parser => Fog::Parsers::AWS::IAM::ListManagedPolicies.new
40
+ }.merge(options))
41
+ end
42
+ end
43
+
44
+
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,40 @@
1
+ module Fog
2
+ module Storage
3
+ class AWS
4
+ module HeadObjectUrl
5
+ def head_object_url(bucket_name, object_name, expires, options = {})
6
+ unless bucket_name
7
+ raise ArgumentError.new('bucket_name is required')
8
+ end
9
+ unless object_name
10
+ raise ArgumentError.new('object_name is required')
11
+ end
12
+ signed_url(options.merge({
13
+ :bucket_name => bucket_name,
14
+ :object_name => object_name,
15
+ :method => 'HEAD'
16
+ }), expires)
17
+ end
18
+ end
19
+
20
+ class Real
21
+ # An expiring head request url from S3
22
+ #
23
+ # @param bucket_name [String] Name of bucket containing object
24
+ # @param object_name [String] Name of object to get expiring url for
25
+ # @param expires [Time] An expiry time for this url
26
+ #
27
+ # @return [Excon::Response] response:
28
+ # * body [String] - url for object
29
+ #
30
+ # @see http://docs.amazonwebservices.com/AmazonS3/latest/dev/S3_QSAuth.html
31
+
32
+ include HeadObjectUrl
33
+ end
34
+
35
+ class Mock # :nodoc:all
36
+ include HeadObjectUrl
37
+ end
38
+ end
39
+ end
40
+ end
@@ -88,6 +88,7 @@ module Fog
88
88
  request :get_service
89
89
  request :head_bucket
90
90
  request :head_object
91
+ request :head_object_url
91
92
  request :initiate_multipart_upload
92
93
  request :list_multipart_uploads
93
94
  request :list_parts
@@ -1,5 +1,5 @@
1
1
  module Fog
2
2
  module AWS
3
- VERSION = "0.1.0"
3
+ VERSION = "0.1.1"
4
4
  end
5
5
  end
@@ -39,7 +39,6 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
39
39
  "#{@other_group.owner_id}:#{@other_group.group_id}", # deprecated form
40
40
  @other_group.group_id,
41
41
  {@other_group.owner_id => @other_group.group_id},
42
- {@other_user_id => @other_users_group_id}
43
42
  ]
44
43
 
45
44
  group_forms.each do |group_arg|
@@ -58,6 +57,17 @@ Shindo.tests("Fog::Compute[:aws] | security_group", ['aws']) do
58
57
  end
59
58
  end
60
59
 
60
+ [
61
+ { @other_user_id => @other_users_group_id }
62
+ ].each do |group_arg|
63
+ test("does not authorize port range access by an invalid security group #{group_arg.inspect}") do
64
+ raises(Fog::Compute::AWS::NotFound, "The security group '#{@other_users_group_id}' does not exist") {
65
+ @other_group.reload
66
+ @group.authorize_port_range(5000..6000, {:group => group_arg})
67
+ }
68
+ end
69
+ end
70
+
61
71
  @other_group.destroy
62
72
  @group.destroy
63
73
  end
@@ -74,6 +74,35 @@ Shindo.tests("Storage[:aws] | file", ["aws"]) do
74
74
 
75
75
  end
76
76
 
77
+ tests("multipart upload with customer encryption").returns(true) do
78
+ pending if Fog.mocking?
79
+
80
+ encryption_key = OpenSSL::Cipher.new("AES-256-ECB").random_key
81
+
82
+ # A 6MB file
83
+ @large_file = Tempfile.new("fog-test-aws-s3-multipart")
84
+ 6.times { @large_file.write("x" * (1024**2)) }
85
+ @large_file.rewind
86
+
87
+ tests("#save(:multipart_chunk_size => 5242880)").succeeds do
88
+ @directory.files.create(
89
+ :key => 'multipart-encrypted-upload',
90
+ :body => @large_file,
91
+ :multipart_chunk_size => 5242880,
92
+ :encryption => "AES256",
93
+ :encryption_key => encryption_key
94
+ )
95
+ end
96
+
97
+ @large_file.close
98
+
99
+ @directory.files.get('multipart-encrypted-upload',
100
+ 'x-amz-server-side-encryption-customer-algorithm' => 'AES256',
101
+ 'x-amz-server-side-encryption-customer-key' => Base64.encode64(encryption_key).chomp!,
102
+ 'x-amz-server-side-encryption-customer-key-MD5' => Base64.encode64(Digest::MD5.digest(encryption_key.to_s)).chomp!
103
+ ).body == "x" * 6*1024**2
104
+ end
105
+
77
106
  acl = Fog::Storage[:aws].get_object_acl(@directory.key, @instance.key).body["AccessControlList"]
78
107
 
79
108
  tests("#acl").returns(acl) do
@@ -408,6 +408,15 @@ Shindo.tests('Fog::Compute[:aws] | security group requests', ['aws']) do
408
408
  Fog::Compute[:aws].delete_security_group('not_a_group_name')
409
409
  end
410
410
 
411
+ @rds_security_group = Fog::AWS[:rds].security_groups.create(:id => "rdsgroup", :description => 'fog rds test')
412
+
413
+ tests("#delete_security_group('when authorized to an rds firewall')").raises(Fog::Compute::AWS::Error) do
414
+ @rds_security_group.authorize_ec2_security_group(@security_group.name)
415
+ Fog::Compute[:aws].delete_security_group(@security_group.name)
416
+ end
417
+
418
+ @rds_security_group.destroy
419
+
411
420
  @security_group.destroy
412
421
  @other_security_group.destroy
413
422
 
@@ -119,13 +119,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
119
119
  change_batch << resource_record_set
120
120
  options = { :comment => 'add A record to domain'}
121
121
  response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
122
- if response.status == 200
123
- change_id = response.body['Id']
124
- status = response.body['Status']
125
- @new_records << resource_record
126
- end
127
122
 
128
- response.status == 200
123
+ Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
124
+
125
+ @new_records << resource_record
126
+
127
+ @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
129
128
  }
130
129
 
131
130
  test("add a CNAME resource record") {
@@ -139,13 +138,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
139
138
  change_batch << resource_record_set
140
139
  options = { :comment => 'add CNAME record to domain'}
141
140
  response = @r53_connection.change_resource_record_sets( @zone_id, change_batch, options)
142
- if response.status == 200
143
- change_id = response.body['Id']
144
- status = response.body['Status']
145
- @new_records << resource_record
146
- end
147
141
 
148
- response.status == 200
142
+ Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
143
+
144
+ @new_records << resource_record
145
+
146
+ @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
149
147
  }
150
148
 
151
149
  test("add a MX resource record") {
@@ -159,13 +157,12 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
159
157
  change_batch << resource_record_set
160
158
  options = { :comment => 'add MX record to domain'}
161
159
  response = @r53_connection.change_resource_record_sets( @zone_id, change_batch, options)
162
- if response.status == 200
163
- change_id = response.body['Id']
164
- status = response.body['Status']
165
- @new_records << resource_record
166
- end
167
160
 
168
- response.status == 200
161
+ Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
162
+
163
+ @new_records << resource_record
164
+
165
+ @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
169
166
  }
170
167
 
171
168
  test("add an ALIAS resource record") {
@@ -195,47 +192,37 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
195
192
  puts "DNS Name (ELB): #{dns_name}"
196
193
  puts "Zone ID for Route 53: #{@zone_id}"
197
194
 
198
- sleep 120 unless Fog.mocking?
199
195
  response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
200
- if response.status == 200
201
- change_id = response.body['Id']
202
- status = response.body['Status']
203
- @new_records << resource_record
204
- end
205
196
 
206
- response.status == 200
197
+ Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
198
+
199
+ @new_records << resource_record
200
+
201
+ @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
207
202
  }
208
203
 
204
+
209
205
  tests("list resource records").formats(AWS::DNS::Formats::LIST_RESOURCE_RECORD_SETS) {
210
206
  # get resource records for zone
211
207
  @r53_connection.list_resource_record_sets(@zone_id).body
212
208
  }
213
209
 
214
210
  test("delete #{@new_records.count} resource records") {
215
- result = true
211
+ change_batch = @new_records.map { |record| record.merge(:action => 'DELETE') }
212
+ options = { :comment => 'remove records from domain'}
216
213
 
217
- change_batch = []
218
- @new_records.each { |record|
219
- resource_record_set = record.merge( :action => 'DELETE')
220
- change_batch << resource_record_set
221
- }
222
- options = { :comment => 'remove records from domain'}
223
214
  response = @r53_connection.change_resource_record_sets(@zone_id, change_batch, options)
224
- if response.status != 200
225
- result = false
226
- break
227
- end
228
215
 
229
- result
216
+ Fog.wait_for { @r53_connection.get_change(response.body["Id"]).body["Status"] != "PENDING" }
217
+
218
+ @r53_connection.get_change(response.body["Id"]).body["Status"] == "INSYNC"
230
219
  }
231
220
 
232
221
  test("delete hosted zone #{@zone_id}") {
233
222
  # cleanup the ELB as well
234
223
  @elb_connection.delete_load_balancer("fog")
235
224
 
236
- response = @r53_connection.delete_hosted_zone(@zone_id)
237
-
238
- response.status == 200
225
+ @r53_connection.delete_hosted_zone(@zone_id).status == 200
239
226
  }
240
227
 
241
228
  end
@@ -243,13 +230,13 @@ Shindo.tests('Fog::DNS[:aws] | DNS requests', ['aws', 'dns']) do
243
230
  tests('failure') do
244
231
  tests('create hosted zone using invalid domain name').raises(Excon::Errors::BadRequest) do
245
232
  pending if Fog.mocking?
246
- response = @r53_connection.create_hosted_zone('invalid-domain')
233
+ @r53_connection.create_hosted_zone('invalid-domain')
247
234
  end
248
235
 
249
236
  tests('get hosted zone using invalid ID').raises(Excon::Errors::NotFound) do
250
237
  pending if Fog.mocking?
251
238
  zone_id = 'dummy-id'
252
- response = @r53_connection.get_hosted_zone(zone_id)
239
+ @r53_connection.get_hosted_zone(zone_id)
253
240
  end
254
241
 
255
242
  end