fog-aws 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +4 -1
- data/lib/fog/aws/dns.rb +1 -1
- data/lib/fog/aws/iam.rb +57 -20
- data/lib/fog/aws/iam/default_policies.json +1574 -0
- data/lib/fog/aws/iam/default_policies.rb +15 -0
- data/lib/fog/aws/iam/default_policy_versions.json +3372 -0
- data/lib/fog/aws/iam/paged_collection.rb +54 -0
- data/lib/fog/aws/models/compute/flavors.rb +95 -35
- data/lib/fog/aws/models/elb/load_balancer.rb +9 -10
- data/lib/fog/aws/models/elb/policies.rb +24 -9
- data/lib/fog/aws/models/elb/policy.rb +9 -10
- data/lib/fog/aws/models/iam/group.rb +33 -2
- data/lib/fog/aws/models/iam/groups.rb +2 -22
- data/lib/fog/aws/models/iam/managed_policies.rb +63 -0
- data/lib/fog/aws/models/iam/managed_policy.rb +38 -0
- data/lib/fog/aws/models/iam/policies.rb +19 -15
- data/lib/fog/aws/models/iam/user.rb +34 -2
- data/lib/fog/aws/parsers/iam/list_managed_policies.rb +25 -0
- data/lib/fog/aws/parsers/iam/policy_version.rb +33 -0
- data/lib/fog/aws/region_methods.rb +1 -1
- data/lib/fog/aws/requests/compute/allocate_address.rb +21 -19
- data/lib/fog/aws/requests/iam/attach_group_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/attach_user_policy.rb +30 -4
- data/lib/fog/aws/requests/iam/create_access_key.rb +6 -5
- data/lib/fog/aws/requests/iam/detach_group_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/detach_user_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/get_policy.rb +57 -0
- data/lib/fog/aws/requests/iam/get_policy_version.rb +59 -0
- data/lib/fog/aws/requests/iam/get_user.rb +7 -0
- data/lib/fog/aws/requests/iam/list_attached_group_policies.rb +89 -0
- data/lib/fog/aws/requests/iam/list_attached_user_policies.rb +89 -0
- data/lib/fog/aws/requests/iam/list_policies.rb +47 -2
- data/lib/fog/aws/signaturev4.rb +14 -12
- data/lib/fog/aws/version.rb +1 -1
- data/tests/models/iam/managed_policies_tests.rb +67 -0
- data/tests/models/iam/users_tests.rb +20 -0
- data/tests/requests/compute/address_tests.rb +33 -20
- data/tests/signaturev4_tests.rb +7 -0
- metadata +14 -2
@@ -23,10 +23,41 @@ module Fog
|
|
23
23
|
merge_attributes(:users => self.users + [user])
|
24
24
|
end
|
25
25
|
|
26
|
-
def attach(
|
26
|
+
def attach(policy_or_arn)
|
27
27
|
requires :name
|
28
28
|
|
29
|
-
|
29
|
+
arn = if policy_or_arn.respond_to?(:arn)
|
30
|
+
policy_or_arn.arn
|
31
|
+
else
|
32
|
+
policy_or_arn
|
33
|
+
end
|
34
|
+
|
35
|
+
service.attach_group_policy(self.name, arn)
|
36
|
+
end
|
37
|
+
|
38
|
+
def attached_policies
|
39
|
+
requires :name
|
40
|
+
|
41
|
+
service.managed_policies(:group_name => self.name)
|
42
|
+
end
|
43
|
+
|
44
|
+
def destroy
|
45
|
+
requires :name
|
46
|
+
|
47
|
+
service.delete_group(self.name)
|
48
|
+
true
|
49
|
+
end
|
50
|
+
|
51
|
+
def detach(policy_or_arn)
|
52
|
+
requires :name
|
53
|
+
|
54
|
+
arn = if policy_or_arn.respond_to?(:arn)
|
55
|
+
policy_or_arn.arn
|
56
|
+
else
|
57
|
+
policy_or_arn
|
58
|
+
end
|
59
|
+
|
60
|
+
service.detach_group_policy(self.name, arn)
|
30
61
|
end
|
31
62
|
|
32
63
|
def save
|
@@ -1,19 +1,16 @@
|
|
1
1
|
require 'fog/aws/models/iam/group'
|
2
|
+
require 'fog/aws/iam/paged_collection'
|
2
3
|
|
3
4
|
module Fog
|
4
5
|
module AWS
|
5
6
|
class IAM
|
6
|
-
class Groups < Fog::
|
7
|
+
class Groups < Fog::AWS::IAM::PagedCollection
|
7
8
|
|
8
|
-
attribute :truncated, :aliases => 'IsTruncated', :type => :boolean
|
9
|
-
attribute :marker, :aliases => 'Marker'
|
10
9
|
attribute :username
|
11
10
|
|
12
11
|
model Fog::AWS::IAM::Group
|
13
12
|
|
14
13
|
def all(options = {})
|
15
|
-
merge_attributes(options)
|
16
|
-
|
17
14
|
data, records = if self.username
|
18
15
|
response = service.list_groups_for_user(self.username, options)
|
19
16
|
[response.body, response.body['GroupsForUser']]
|
@@ -36,23 +33,6 @@ module Fog
|
|
36
33
|
rescue Fog::AWS::IAM::NotFound
|
37
34
|
nil
|
38
35
|
end
|
39
|
-
|
40
|
-
def each
|
41
|
-
if !block_given?
|
42
|
-
self
|
43
|
-
else
|
44
|
-
subset = dup.all
|
45
|
-
|
46
|
-
subset.each { |f| yield f }
|
47
|
-
|
48
|
-
while subset.truncated
|
49
|
-
subset = subset.all('Marker' => subset.marker, 'MaxItems' => 1000)
|
50
|
-
subset.each { |f| yield f }
|
51
|
-
end
|
52
|
-
|
53
|
-
self
|
54
|
-
end
|
55
|
-
end
|
56
36
|
end
|
57
37
|
end
|
58
38
|
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
require 'fog/aws/models/iam/managed_policy'
|
2
|
+
require 'fog/aws/iam/paged_collection'
|
3
|
+
|
4
|
+
module Fog
|
5
|
+
module AWS
|
6
|
+
class IAM
|
7
|
+
class ManagedPolicies < Fog::AWS::IAM::PagedCollection
|
8
|
+
|
9
|
+
attribute :username
|
10
|
+
attribute :group_name
|
11
|
+
|
12
|
+
model Fog::AWS::IAM::ManagedPolicy
|
13
|
+
|
14
|
+
def all(options={})
|
15
|
+
data = if self.username
|
16
|
+
all_by_user(self.username, options)
|
17
|
+
elsif self.group_name
|
18
|
+
all_by_group(self.group_name, options)
|
19
|
+
else
|
20
|
+
all_policies(options)
|
21
|
+
end
|
22
|
+
|
23
|
+
load(data)
|
24
|
+
end
|
25
|
+
|
26
|
+
def get(identity)
|
27
|
+
response = service.get_policy(identity)
|
28
|
+
|
29
|
+
new(response.body['Policy'])
|
30
|
+
rescue Fog::AWS::IAM::NotFound
|
31
|
+
nil
|
32
|
+
end
|
33
|
+
|
34
|
+
protected
|
35
|
+
|
36
|
+
def all_by_user(username, options={})
|
37
|
+
body = service.list_attached_user_policies(username, page_params(options)).body
|
38
|
+
merge_attributes(body)
|
39
|
+
|
40
|
+
body['Policies'].map do |policy|
|
41
|
+
service.get_policy(policy['PolicyArn']).body['Policy']
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def all_by_group(group_name, options={})
|
46
|
+
body = service.list_attached_group_policies(group_name, page_params(options)).body
|
47
|
+
merge_attributes(body)
|
48
|
+
|
49
|
+
body['Policies'].map do |policy|
|
50
|
+
service.get_policy(policy['PolicyArn']).body['Policy']
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
def all_policies(options={})
|
55
|
+
body = service.list_policies(page_params(options)).body
|
56
|
+
merge_attributes(body)
|
57
|
+
|
58
|
+
body['Policies']
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
module Fog
|
2
|
+
module AWS
|
3
|
+
class IAM
|
4
|
+
class ManagedPolicy < Fog::Model
|
5
|
+
identity :id, :aliases => 'PolicyId'
|
6
|
+
|
7
|
+
attribute :arn, :aliases => 'Arn'
|
8
|
+
attribute :attachable, :aliases => 'IsAttachable', :type => :boolean
|
9
|
+
attribute :attachments, :aliases => 'AttachmentCount', :type => :integer
|
10
|
+
attribute :created_at, :aliases => 'CreateDate', :type => :time
|
11
|
+
attribute :default_version, :aliases => 'DefaultVersionId'
|
12
|
+
attribute :description, :aliases => 'Description'
|
13
|
+
attribute :name, :aliases => 'PolicyName'
|
14
|
+
attribute :path, :aliases => 'Path'
|
15
|
+
attribute :updated_at, :aliases => 'UpdateDate', :type => :time
|
16
|
+
|
17
|
+
def attach(user_or_username)
|
18
|
+
requires :arn
|
19
|
+
|
20
|
+
username = if user_or_username.respond_to?(:identity)
|
21
|
+
user_or_username.identity
|
22
|
+
else
|
23
|
+
user_or_username
|
24
|
+
end
|
25
|
+
|
26
|
+
service.attach_user_policy(username, self.arn)
|
27
|
+
end
|
28
|
+
|
29
|
+
def document
|
30
|
+
requires :arn, :default_version
|
31
|
+
|
32
|
+
service.get_policy_version(self.arn, self.default_version).
|
33
|
+
body['PolicyVersion']['Document']
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
end
|
@@ -1,21 +1,23 @@
|
|
1
1
|
require 'fog/aws/models/iam/policy'
|
2
|
+
require 'fog/aws/iam/paged_collection'
|
2
3
|
|
3
4
|
module Fog
|
4
5
|
module AWS
|
5
6
|
class IAM
|
6
|
-
class Policies < Fog::
|
7
|
+
class Policies < Fog::AWS::IAM::PagedCollection
|
8
|
+
|
7
9
|
model Fog::AWS::IAM::Policy
|
8
10
|
|
9
11
|
attribute :username
|
10
12
|
attribute :group_name
|
11
13
|
|
12
|
-
def all
|
14
|
+
def all(options={})
|
13
15
|
requires_one :username, :group_name
|
14
16
|
|
15
17
|
policies = if self.username
|
16
|
-
all_by_user(self.username)
|
17
|
-
else
|
18
|
-
all_by_group(self.group_name)
|
18
|
+
all_by_user(self.username, options)
|
19
|
+
else self.group_name
|
20
|
+
all_by_group(self.group_name, options)
|
19
21
|
end
|
20
22
|
|
21
23
|
load(policies) # data is an array of attribute hashes
|
@@ -24,13 +26,13 @@ module Fog
|
|
24
26
|
def get(identity)
|
25
27
|
requires_one :username, :group_name
|
26
28
|
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
29
|
+
response = if self.username
|
30
|
+
service.get_user_policy(identity, self.username)
|
31
|
+
else self.group_name
|
32
|
+
service.get_group_policy(identity, self.group_name)
|
33
|
+
end
|
32
34
|
|
33
|
-
new(
|
35
|
+
new(response.body['Policy'])
|
34
36
|
rescue Fog::AWS::IAM::NotFound
|
35
37
|
nil
|
36
38
|
end
|
@@ -44,16 +46,18 @@ module Fog
|
|
44
46
|
# AWS method get_user_policy and list_group_policies only returns an array of policy names, this is kind of useless,
|
45
47
|
# that's why it has to loop through the list to get the details of each element. I don't like it because it makes this method slow
|
46
48
|
|
47
|
-
def all_by_group(group_name)
|
48
|
-
response = service.list_group_policies(group_name)
|
49
|
+
def all_by_group(group_name, options={})
|
50
|
+
response = service.list_group_policies(group_name, page_params(options))
|
51
|
+
merge_attributes(response.body)
|
49
52
|
|
50
53
|
response.body['PolicyNames'].map do |policy_name|
|
51
54
|
service.get_group_policy(policy_name, group_name).body['Policy']
|
52
55
|
end
|
53
56
|
end
|
54
57
|
|
55
|
-
def all_by_user(username)
|
56
|
-
response = service.list_user_policies(username)
|
58
|
+
def all_by_user(username, options={})
|
59
|
+
response = service.list_user_policies(username, page_params(options))
|
60
|
+
merge_attributes(response.body)
|
57
61
|
|
58
62
|
response.body['PolicyNames'].map do |policy_name|
|
59
63
|
service.get_user_policy(policy_name, username).body['Policy']
|
@@ -15,6 +15,36 @@ module Fog
|
|
15
15
|
service.access_keys(:username => id)
|
16
16
|
end
|
17
17
|
|
18
|
+
def attach(policy_or_arn)
|
19
|
+
requires :identity
|
20
|
+
|
21
|
+
arn = if policy_or_arn.respond_to?(:arn)
|
22
|
+
policy_or_arn.arn
|
23
|
+
else
|
24
|
+
policy_or_arn
|
25
|
+
end
|
26
|
+
|
27
|
+
service.attach_user_policy(self.identity, arn)
|
28
|
+
end
|
29
|
+
|
30
|
+
def detach(policy_or_arn)
|
31
|
+
requires :identity
|
32
|
+
|
33
|
+
arn = if policy_or_arn.respond_to?(:arn)
|
34
|
+
policy_or_arn.arn
|
35
|
+
else
|
36
|
+
policy_or_arn
|
37
|
+
end
|
38
|
+
|
39
|
+
service.detach_user_policy(self.identity, arn)
|
40
|
+
end
|
41
|
+
|
42
|
+
def attached_policies
|
43
|
+
requires :identity
|
44
|
+
|
45
|
+
service.managed_policies(:username => self.identity)
|
46
|
+
end
|
47
|
+
|
18
48
|
def destroy
|
19
49
|
requires :id
|
20
50
|
|
@@ -23,13 +53,15 @@ module Fog
|
|
23
53
|
end
|
24
54
|
|
25
55
|
def groups
|
56
|
+
requires :identity
|
57
|
+
|
26
58
|
service.groups(:username => self.identity)
|
27
59
|
end
|
28
60
|
|
29
61
|
def policies
|
30
|
-
requires :
|
62
|
+
requires :identity
|
31
63
|
|
32
|
-
service.policies(:username =>
|
64
|
+
service.policies(:username => self.identity)
|
33
65
|
end
|
34
66
|
|
35
67
|
def password=(password)
|
@@ -14,12 +14,37 @@ module Fog
|
|
14
14
|
@response['Policies'] << policy
|
15
15
|
end
|
16
16
|
|
17
|
+
def start_element(name,attrs = [])
|
18
|
+
case name
|
19
|
+
when 'AttachedPolicies'
|
20
|
+
@stack << name
|
21
|
+
when 'AttachedPolicy'
|
22
|
+
@policy = fresh_policy
|
23
|
+
when 'member'
|
24
|
+
if @stack.last == 'AttachedPolicies'
|
25
|
+
@policy = fresh_policy
|
26
|
+
end
|
27
|
+
end
|
28
|
+
super
|
29
|
+
end
|
30
|
+
|
17
31
|
def end_element(name)
|
18
32
|
case name
|
19
33
|
when 'RequestId', 'Marker'
|
20
34
|
@response[name] = value
|
21
35
|
when 'IsTruncated'
|
22
36
|
@response[name] = (value == 'true')
|
37
|
+
when 'PolicyArn', 'PolicyName'
|
38
|
+
@policy[name] = value
|
39
|
+
when 'AttachedPolicies'
|
40
|
+
if @stack.last == 'AttachedPolicies'
|
41
|
+
@stack.pop
|
42
|
+
end
|
43
|
+
when 'member'
|
44
|
+
if @stack.last == 'AttachedPolicies'
|
45
|
+
finished_policy(@policy)
|
46
|
+
@policy = nil
|
47
|
+
end
|
23
48
|
end
|
24
49
|
super
|
25
50
|
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
module Fog
|
2
|
+
module Parsers
|
3
|
+
module AWS
|
4
|
+
module IAM
|
5
|
+
class PolicyVersion < Fog::Parsers::Base
|
6
|
+
def reset
|
7
|
+
super
|
8
|
+
@version = {}
|
9
|
+
@response = { 'PolicyVersion' => @version }
|
10
|
+
end
|
11
|
+
|
12
|
+
def end_element(name)
|
13
|
+
case name
|
14
|
+
when 'RequestId'
|
15
|
+
@response[name] = value
|
16
|
+
when 'VersionId'
|
17
|
+
@version[name] = value
|
18
|
+
when 'IsDefaultVersion'
|
19
|
+
@version[name] = (value == 'true')
|
20
|
+
when 'Document'
|
21
|
+
@version[name] = if decoded_string = URI.decode(value)
|
22
|
+
Fog::JSON.decode(decoded_string) rescue value
|
23
|
+
else
|
24
|
+
value
|
25
|
+
end
|
26
|
+
end
|
27
|
+
super
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
@@ -1,7 +1,7 @@
|
|
1
1
|
module Fog
|
2
2
|
module AWS
|
3
3
|
module RegionMethods
|
4
|
-
def validate_aws_region
|
4
|
+
def validate_aws_region(host, region)
|
5
5
|
if host.end_with?('.amazonaws.com') && !['ap-northeast-1', 'ap-southeast-1', 'ap-southeast-2', 'eu-west-1', 'us-east-1', 'us-west-1', 'us-west-2', 'sa-east-1', 'us-gov-west-1', 'eu-central-1'].include?(region)
|
6
6
|
raise ArgumentError, "Unknown region: #{region.inspect}"
|
7
7
|
end
|
@@ -27,27 +27,29 @@ module Fog
|
|
27
27
|
|
28
28
|
class Mock
|
29
29
|
def allocate_address(domain = 'standard')
|
30
|
-
|
30
|
+
unless describe_addresses.body['addressesSet'].size < self.data[:limits][:addresses]
|
31
|
+
raise Fog::Compute::AWS::Error, "AddressLimitExceeded => Too many addresses allocated"
|
32
|
+
end
|
33
|
+
|
31
34
|
response = Excon::Response.new
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
response
|
46
|
-
else
|
47
|
-
response.status = 400
|
48
|
-
response.body = "<?xml version=\"1.0\"?><Response><Errors><Error><Code>AddressLimitExceeded</Code><Message>Too many addresses allocated</Message></Error></Errors><RequestID>#{Fog::AWS::Mock.request_id}</RequestID></Response>"
|
49
|
-
raise(Excon::Errors.status_error({:expects => 200}, response))
|
35
|
+
response.status = 200
|
36
|
+
|
37
|
+
domain = domain == 'vpc' ? 'vpc' : 'standard'
|
38
|
+
public_ip = Fog::AWS::Mock.ip_address
|
39
|
+
|
40
|
+
data = {
|
41
|
+
'instanceId' => nil,
|
42
|
+
'publicIp' => public_ip,
|
43
|
+
'domain' => domain
|
44
|
+
}
|
45
|
+
|
46
|
+
if domain == 'vpc'
|
47
|
+
data['allocationId'] = "eipalloc-#{Fog::Mock.random_hex(8)}"
|
50
48
|
end
|
49
|
+
|
50
|
+
self.data[:addresses][public_ip] = data
|
51
|
+
response.body = data.reject {|k, v| k == 'instanceId' }.merge('requestId' => Fog::AWS::Mock.request_id)
|
52
|
+
response
|
51
53
|
end
|
52
54
|
end
|
53
55
|
end
|