fog-aws 0.4.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +4 -1
- data/lib/fog/aws/dns.rb +1 -1
- data/lib/fog/aws/iam.rb +57 -20
- data/lib/fog/aws/iam/default_policies.json +1574 -0
- data/lib/fog/aws/iam/default_policies.rb +15 -0
- data/lib/fog/aws/iam/default_policy_versions.json +3372 -0
- data/lib/fog/aws/iam/paged_collection.rb +54 -0
- data/lib/fog/aws/models/compute/flavors.rb +95 -35
- data/lib/fog/aws/models/elb/load_balancer.rb +9 -10
- data/lib/fog/aws/models/elb/policies.rb +24 -9
- data/lib/fog/aws/models/elb/policy.rb +9 -10
- data/lib/fog/aws/models/iam/group.rb +33 -2
- data/lib/fog/aws/models/iam/groups.rb +2 -22
- data/lib/fog/aws/models/iam/managed_policies.rb +63 -0
- data/lib/fog/aws/models/iam/managed_policy.rb +38 -0
- data/lib/fog/aws/models/iam/policies.rb +19 -15
- data/lib/fog/aws/models/iam/user.rb +34 -2
- data/lib/fog/aws/parsers/iam/list_managed_policies.rb +25 -0
- data/lib/fog/aws/parsers/iam/policy_version.rb +33 -0
- data/lib/fog/aws/region_methods.rb +1 -1
- data/lib/fog/aws/requests/compute/allocate_address.rb +21 -19
- data/lib/fog/aws/requests/iam/attach_group_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/attach_user_policy.rb +30 -4
- data/lib/fog/aws/requests/iam/create_access_key.rb +6 -5
- data/lib/fog/aws/requests/iam/detach_group_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/detach_user_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/get_policy.rb +57 -0
- data/lib/fog/aws/requests/iam/get_policy_version.rb +59 -0
- data/lib/fog/aws/requests/iam/get_user.rb +7 -0
- data/lib/fog/aws/requests/iam/list_attached_group_policies.rb +89 -0
- data/lib/fog/aws/requests/iam/list_attached_user_policies.rb +89 -0
- data/lib/fog/aws/requests/iam/list_policies.rb +47 -2
- data/lib/fog/aws/signaturev4.rb +14 -12
- data/lib/fog/aws/version.rb +1 -1
- data/tests/models/iam/managed_policies_tests.rb +67 -0
- data/tests/models/iam/users_tests.rb +20 -0
- data/tests/requests/compute/address_tests.rb +33 -20
- data/tests/signaturev4_tests.rb +7 -0
- metadata +14 -2
@@ -23,10 +23,41 @@ module Fog
|
|
23
23
|
merge_attributes(:users => self.users + [user])
|
24
24
|
end
|
25
25
|
|
26
|
-
def attach(
|
26
|
+
def attach(policy_or_arn)
|
27
27
|
requires :name
|
28
28
|
|
29
|
-
|
29
|
+
arn = if policy_or_arn.respond_to?(:arn)
|
30
|
+
policy_or_arn.arn
|
31
|
+
else
|
32
|
+
policy_or_arn
|
33
|
+
end
|
34
|
+
|
35
|
+
service.attach_group_policy(self.name, arn)
|
36
|
+
end
|
37
|
+
|
38
|
+
def attached_policies
|
39
|
+
requires :name
|
40
|
+
|
41
|
+
service.managed_policies(:group_name => self.name)
|
42
|
+
end
|
43
|
+
|
44
|
+
def destroy
|
45
|
+
requires :name
|
46
|
+
|
47
|
+
service.delete_group(self.name)
|
48
|
+
true
|
49
|
+
end
|
50
|
+
|
51
|
+
def detach(policy_or_arn)
|
52
|
+
requires :name
|
53
|
+
|
54
|
+
arn = if policy_or_arn.respond_to?(:arn)
|
55
|
+
policy_or_arn.arn
|
56
|
+
else
|
57
|
+
policy_or_arn
|
58
|
+
end
|
59
|
+
|
60
|
+
service.detach_group_policy(self.name, arn)
|
30
61
|
end
|
31
62
|
|
32
63
|
def save
|
@@ -1,19 +1,16 @@
|
|
1
1
|
require 'fog/aws/models/iam/group'
|
2
|
+
require 'fog/aws/iam/paged_collection'
|
2
3
|
|
3
4
|
module Fog
|
4
5
|
module AWS
|
5
6
|
class IAM
|
6
|
-
class Groups < Fog::
|
7
|
+
class Groups < Fog::AWS::IAM::PagedCollection
|
7
8
|
|
8
|
-
attribute :truncated, :aliases => 'IsTruncated', :type => :boolean
|
9
|
-
attribute :marker, :aliases => 'Marker'
|
10
9
|
attribute :username
|
11
10
|
|
12
11
|
model Fog::AWS::IAM::Group
|
13
12
|
|
14
13
|
def all(options = {})
|
15
|
-
merge_attributes(options)
|
16
|
-
|
17
14
|
data, records = if self.username
|
18
15
|
response = service.list_groups_for_user(self.username, options)
|
19
16
|
[response.body, response.body['GroupsForUser']]
|
@@ -36,23 +33,6 @@ module Fog
|
|
36
33
|
rescue Fog::AWS::IAM::NotFound
|
37
34
|
nil
|
38
35
|
end
|
39
|
-
|
40
|
-
def each
|
41
|
-
if !block_given?
|
42
|
-
self
|
43
|
-
else
|
44
|
-
subset = dup.all
|
45
|
-
|
46
|
-
subset.each { |f| yield f }
|
47
|
-
|
48
|
-
while subset.truncated
|
49
|
-
subset = subset.all('Marker' => subset.marker, 'MaxItems' => 1000)
|
50
|
-
subset.each { |f| yield f }
|
51
|
-
end
|
52
|
-
|
53
|
-
self
|
54
|
-
end
|
55
|
-
end
|
56
36
|
end
|
57
37
|
end
|
58
38
|
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
require 'fog/aws/models/iam/managed_policy'
|
2
|
+
require 'fog/aws/iam/paged_collection'
|
3
|
+
|
4
|
+
module Fog
|
5
|
+
module AWS
|
6
|
+
class IAM
|
7
|
+
class ManagedPolicies < Fog::AWS::IAM::PagedCollection
|
8
|
+
|
9
|
+
attribute :username
|
10
|
+
attribute :group_name
|
11
|
+
|
12
|
+
model Fog::AWS::IAM::ManagedPolicy
|
13
|
+
|
14
|
+
def all(options={})
|
15
|
+
data = if self.username
|
16
|
+
all_by_user(self.username, options)
|
17
|
+
elsif self.group_name
|
18
|
+
all_by_group(self.group_name, options)
|
19
|
+
else
|
20
|
+
all_policies(options)
|
21
|
+
end
|
22
|
+
|
23
|
+
load(data)
|
24
|
+
end
|
25
|
+
|
26
|
+
def get(identity)
|
27
|
+
response = service.get_policy(identity)
|
28
|
+
|
29
|
+
new(response.body['Policy'])
|
30
|
+
rescue Fog::AWS::IAM::NotFound
|
31
|
+
nil
|
32
|
+
end
|
33
|
+
|
34
|
+
protected
|
35
|
+
|
36
|
+
def all_by_user(username, options={})
|
37
|
+
body = service.list_attached_user_policies(username, page_params(options)).body
|
38
|
+
merge_attributes(body)
|
39
|
+
|
40
|
+
body['Policies'].map do |policy|
|
41
|
+
service.get_policy(policy['PolicyArn']).body['Policy']
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def all_by_group(group_name, options={})
|
46
|
+
body = service.list_attached_group_policies(group_name, page_params(options)).body
|
47
|
+
merge_attributes(body)
|
48
|
+
|
49
|
+
body['Policies'].map do |policy|
|
50
|
+
service.get_policy(policy['PolicyArn']).body['Policy']
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def all_policies(options={})
|
55
|
+
body = service.list_policies(page_params(options)).body
|
56
|
+
merge_attributes(body)
|
57
|
+
|
58
|
+
body['Policies']
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
module Fog
|
2
|
+
module AWS
|
3
|
+
class IAM
|
4
|
+
class ManagedPolicy < Fog::Model
|
5
|
+
identity :id, :aliases => 'PolicyId'
|
6
|
+
|
7
|
+
attribute :arn, :aliases => 'Arn'
|
8
|
+
attribute :attachable, :aliases => 'IsAttachable', :type => :boolean
|
9
|
+
attribute :attachments, :aliases => 'AttachmentCount', :type => :integer
|
10
|
+
attribute :created_at, :aliases => 'CreateDate', :type => :time
|
11
|
+
attribute :default_version, :aliases => 'DefaultVersionId'
|
12
|
+
attribute :description, :aliases => 'Description'
|
13
|
+
attribute :name, :aliases => 'PolicyName'
|
14
|
+
attribute :path, :aliases => 'Path'
|
15
|
+
attribute :updated_at, :aliases => 'UpdateDate', :type => :time
|
16
|
+
|
17
|
+
def attach(user_or_username)
|
18
|
+
requires :arn
|
19
|
+
|
20
|
+
username = if user_or_username.respond_to?(:identity)
|
21
|
+
user_or_username.identity
|
22
|
+
else
|
23
|
+
user_or_username
|
24
|
+
end
|
25
|
+
|
26
|
+
service.attach_user_policy(username, self.arn)
|
27
|
+
end
|
28
|
+
|
29
|
+
def document
|
30
|
+
requires :arn, :default_version
|
31
|
+
|
32
|
+
service.get_policy_version(self.arn, self.default_version).
|
33
|
+
body['PolicyVersion']['Document']
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -1,21 +1,23 @@
|
|
1
1
|
require 'fog/aws/models/iam/policy'
|
2
|
+
require 'fog/aws/iam/paged_collection'
|
2
3
|
|
3
4
|
module Fog
|
4
5
|
module AWS
|
5
6
|
class IAM
|
6
|
-
class Policies < Fog::
|
7
|
+
class Policies < Fog::AWS::IAM::PagedCollection
|
8
|
+
|
7
9
|
model Fog::AWS::IAM::Policy
|
8
10
|
|
9
11
|
attribute :username
|
10
12
|
attribute :group_name
|
11
13
|
|
12
|
-
def all
|
14
|
+
def all(options={})
|
13
15
|
requires_one :username, :group_name
|
14
16
|
|
15
17
|
policies = if self.username
|
16
|
-
all_by_user(self.username)
|
17
|
-
else
|
18
|
-
all_by_group(self.group_name)
|
18
|
+
all_by_user(self.username, options)
|
19
|
+
else self.group_name
|
20
|
+
all_by_group(self.group_name, options)
|
19
21
|
end
|
20
22
|
|
21
23
|
load(policies) # data is an array of attribute hashes
|
@@ -24,13 +26,13 @@ module Fog
|
|
24
26
|
def get(identity)
|
25
27
|
requires_one :username, :group_name
|
26
28
|
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
29
|
+
response = if self.username
|
30
|
+
service.get_user_policy(identity, self.username)
|
31
|
+
else self.group_name
|
32
|
+
service.get_group_policy(identity, self.group_name)
|
33
|
+
end
|
32
34
|
|
33
|
-
new(
|
35
|
+
new(response.body['Policy'])
|
34
36
|
rescue Fog::AWS::IAM::NotFound
|
35
37
|
nil
|
36
38
|
end
|
@@ -44,16 +46,18 @@ module Fog
|
|
44
46
|
# AWS method get_user_policy and list_group_policies only returns an array of policy names, this is kind of useless,
|
45
47
|
# that's why it has to loop through the list to get the details of each element. I don't like it because it makes this method slow
|
46
48
|
|
47
|
-
def all_by_group(group_name)
|
48
|
-
response = service.list_group_policies(group_name)
|
49
|
+
def all_by_group(group_name, options={})
|
50
|
+
response = service.list_group_policies(group_name, page_params(options))
|
51
|
+
merge_attributes(response.body)
|
49
52
|
|
50
53
|
response.body['PolicyNames'].map do |policy_name|
|
51
54
|
service.get_group_policy(policy_name, group_name).body['Policy']
|
52
55
|
end
|
53
56
|
end
|
54
57
|
|
55
|
-
def all_by_user(username)
|
56
|
-
response = service.list_user_policies(username)
|
58
|
+
def all_by_user(username, options={})
|
59
|
+
response = service.list_user_policies(username, page_params(options))
|
60
|
+
merge_attributes(response.body)
|
57
61
|
|
58
62
|
response.body['PolicyNames'].map do |policy_name|
|
59
63
|
service.get_user_policy(policy_name, username).body['Policy']
|
@@ -15,6 +15,36 @@ module Fog
|
|
15
15
|
service.access_keys(:username => id)
|
16
16
|
end
|
17
17
|
|
18
|
+
def attach(policy_or_arn)
|
19
|
+
requires :identity
|
20
|
+
|
21
|
+
arn = if policy_or_arn.respond_to?(:arn)
|
22
|
+
policy_or_arn.arn
|
23
|
+
else
|
24
|
+
policy_or_arn
|
25
|
+
end
|
26
|
+
|
27
|
+
service.attach_user_policy(self.identity, arn)
|
28
|
+
end
|
29
|
+
|
30
|
+
def detach(policy_or_arn)
|
31
|
+
requires :identity
|
32
|
+
|
33
|
+
arn = if policy_or_arn.respond_to?(:arn)
|
34
|
+
policy_or_arn.arn
|
35
|
+
else
|
36
|
+
policy_or_arn
|
37
|
+
end
|
38
|
+
|
39
|
+
service.detach_user_policy(self.identity, arn)
|
40
|
+
end
|
41
|
+
|
42
|
+
def attached_policies
|
43
|
+
requires :identity
|
44
|
+
|
45
|
+
service.managed_policies(:username => self.identity)
|
46
|
+
end
|
47
|
+
|
18
48
|
def destroy
|
19
49
|
requires :id
|
20
50
|
|
@@ -23,13 +53,15 @@ module Fog
|
|
23
53
|
end
|
24
54
|
|
25
55
|
def groups
|
56
|
+
requires :identity
|
57
|
+
|
26
58
|
service.groups(:username => self.identity)
|
27
59
|
end
|
28
60
|
|
29
61
|
def policies
|
30
|
-
requires :
|
62
|
+
requires :identity
|
31
63
|
|
32
|
-
service.policies(:username =>
|
64
|
+
service.policies(:username => self.identity)
|
33
65
|
end
|
34
66
|
|
35
67
|
def password=(password)
|
@@ -14,12 +14,37 @@ module Fog
|
|
14
14
|
@response['Policies'] << policy
|
15
15
|
end
|
16
16
|
|
17
|
+
def start_element(name,attrs = [])
|
18
|
+
case name
|
19
|
+
when 'AttachedPolicies'
|
20
|
+
@stack << name
|
21
|
+
when 'AttachedPolicy'
|
22
|
+
@policy = fresh_policy
|
23
|
+
when 'member'
|
24
|
+
if @stack.last == 'AttachedPolicies'
|
25
|
+
@policy = fresh_policy
|
26
|
+
end
|
27
|
+
end
|
28
|
+
super
|
29
|
+
end
|
30
|
+
|
17
31
|
def end_element(name)
|
18
32
|
case name
|
19
33
|
when 'RequestId', 'Marker'
|
20
34
|
@response[name] = value
|
21
35
|
when 'IsTruncated'
|
22
36
|
@response[name] = (value == 'true')
|
37
|
+
when 'PolicyArn', 'PolicyName'
|
38
|
+
@policy[name] = value
|
39
|
+
when 'AttachedPolicies'
|
40
|
+
if @stack.last == 'AttachedPolicies'
|
41
|
+
@stack.pop
|
42
|
+
end
|
43
|
+
when 'member'
|
44
|
+
if @stack.last == 'AttachedPolicies'
|
45
|
+
finished_policy(@policy)
|
46
|
+
@policy = nil
|
47
|
+
end
|
23
48
|
end
|
24
49
|
super
|
25
50
|
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module Fog
|
2
|
+
module Parsers
|
3
|
+
module AWS
|
4
|
+
module IAM
|
5
|
+
class PolicyVersion < Fog::Parsers::Base
|
6
|
+
def reset
|
7
|
+
super
|
8
|
+
@version = {}
|
9
|
+
@response = { 'PolicyVersion' => @version }
|
10
|
+
end
|
11
|
+
|
12
|
+
def end_element(name)
|
13
|
+
case name
|
14
|
+
when 'RequestId'
|
15
|
+
@response[name] = value
|
16
|
+
when 'VersionId'
|
17
|
+
@version[name] = value
|
18
|
+
when 'IsDefaultVersion'
|
19
|
+
@version[name] = (value == 'true')
|
20
|
+
when 'Document'
|
21
|
+
@version[name] = if decoded_string = URI.decode(value)
|
22
|
+
Fog::JSON.decode(decoded_string) rescue value
|
23
|
+
else
|
24
|
+
value
|
25
|
+
end
|
26
|
+
end
|
27
|
+
super
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
module Fog
|
2
2
|
module AWS
|
3
3
|
module RegionMethods
|
4
|
-
def validate_aws_region
|
4
|
+
def validate_aws_region(host, region)
|
5
5
|
if host.end_with?('.amazonaws.com') && !['ap-northeast-1', 'ap-southeast-1', 'ap-southeast-2', 'eu-west-1', 'us-east-1', 'us-west-1', 'us-west-2', 'sa-east-1', 'us-gov-west-1', 'eu-central-1'].include?(region)
|
6
6
|
raise ArgumentError, "Unknown region: #{region.inspect}"
|
7
7
|
end
|
@@ -27,27 +27,29 @@ module Fog
|
|
27
27
|
|
28
28
|
class Mock
|
29
29
|
def allocate_address(domain = 'standard')
|
30
|
-
|
30
|
+
unless describe_addresses.body['addressesSet'].size < self.data[:limits][:addresses]
|
31
|
+
raise Fog::Compute::AWS::Error, "AddressLimitExceeded => Too many addresses allocated"
|
32
|
+
end
|
33
|
+
|
31
34
|
response = Excon::Response.new
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
response
|
46
|
-
else
|
47
|
-
response.status = 400
|
48
|
-
response.body = "<?xml version=\"1.0\"?><Response><Errors><Error><Code>AddressLimitExceeded</Code><Message>Too many addresses allocated</Message></Error></Errors><RequestID>#{Fog::AWS::Mock.request_id}</RequestID></Response>"
|
49
|
-
raise(Excon::Errors.status_error({:expects => 200}, response))
|
35
|
+
response.status = 200
|
36
|
+
|
37
|
+
domain = domain == 'vpc' ? 'vpc' : 'standard'
|
38
|
+
public_ip = Fog::AWS::Mock.ip_address
|
39
|
+
|
40
|
+
data = {
|
41
|
+
'instanceId' => nil,
|
42
|
+
'publicIp' => public_ip,
|
43
|
+
'domain' => domain
|
44
|
+
}
|
45
|
+
|
46
|
+
if domain == 'vpc'
|
47
|
+
data['allocationId'] = "eipalloc-#{Fog::Mock.random_hex(8)}"
|
50
48
|
end
|
49
|
+
|
50
|
+
self.data[:addresses][public_ip] = data
|
51
|
+
response.body = data.reject {|k, v| k == 'instanceId' }.merge('requestId' => Fog::AWS::Mock.request_id)
|
52
|
+
response
|
51
53
|
end
|
52
54
|
end
|
53
55
|
end
|