fog-aws 0.4.0 → 0.4.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +4 -1
- data/lib/fog/aws/dns.rb +1 -1
- data/lib/fog/aws/iam.rb +57 -20
- data/lib/fog/aws/iam/default_policies.json +1574 -0
- data/lib/fog/aws/iam/default_policies.rb +15 -0
- data/lib/fog/aws/iam/default_policy_versions.json +3372 -0
- data/lib/fog/aws/iam/paged_collection.rb +54 -0
- data/lib/fog/aws/models/compute/flavors.rb +95 -35
- data/lib/fog/aws/models/elb/load_balancer.rb +9 -10
- data/lib/fog/aws/models/elb/policies.rb +24 -9
- data/lib/fog/aws/models/elb/policy.rb +9 -10
- data/lib/fog/aws/models/iam/group.rb +33 -2
- data/lib/fog/aws/models/iam/groups.rb +2 -22
- data/lib/fog/aws/models/iam/managed_policies.rb +63 -0
- data/lib/fog/aws/models/iam/managed_policy.rb +38 -0
- data/lib/fog/aws/models/iam/policies.rb +19 -15
- data/lib/fog/aws/models/iam/user.rb +34 -2
- data/lib/fog/aws/parsers/iam/list_managed_policies.rb +25 -0
- data/lib/fog/aws/parsers/iam/policy_version.rb +33 -0
- data/lib/fog/aws/region_methods.rb +1 -1
- data/lib/fog/aws/requests/compute/allocate_address.rb +21 -19
- data/lib/fog/aws/requests/iam/attach_group_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/attach_user_policy.rb +30 -4
- data/lib/fog/aws/requests/iam/create_access_key.rb +6 -5
- data/lib/fog/aws/requests/iam/detach_group_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/detach_user_policy.rb +26 -0
- data/lib/fog/aws/requests/iam/get_policy.rb +57 -0
- data/lib/fog/aws/requests/iam/get_policy_version.rb +59 -0
- data/lib/fog/aws/requests/iam/get_user.rb +7 -0
- data/lib/fog/aws/requests/iam/list_attached_group_policies.rb +89 -0
- data/lib/fog/aws/requests/iam/list_attached_user_policies.rb +89 -0
- data/lib/fog/aws/requests/iam/list_policies.rb +47 -2
- data/lib/fog/aws/signaturev4.rb +14 -12
- data/lib/fog/aws/version.rb +1 -1
- data/tests/models/iam/managed_policies_tests.rb +67 -0
- data/tests/models/iam/users_tests.rb +20 -0
- data/tests/requests/compute/address_tests.rb +33 -20
- data/tests/signaturev4_tests.rb +7 -0
- metadata +14 -2
@@ -17,7 +17,7 @@ module Fog
|
|
17
17
|
# * response<~Excon::Response>:
|
18
18
|
# * body<~Hash>:
|
19
19
|
# * 'RequestId'<~String> - Id of the request
|
20
|
-
# * 'IsTruncated'<~Boolean>
|
20
|
+
# * 'IsTruncated'<~Boolean>
|
21
21
|
# * 'Marker'<~String>
|
22
22
|
# * 'Policies'<~Array>:
|
23
23
|
# * Arn
|
@@ -41,7 +41,52 @@ module Fog
|
|
41
41
|
end
|
42
42
|
end
|
43
43
|
|
44
|
-
|
44
|
+
class Mock
|
45
|
+
def list_policies(options={})
|
46
|
+
limit = options['MaxItems']
|
47
|
+
marker = options['Marker']
|
48
|
+
|
49
|
+
if limit
|
50
|
+
if limit > 1_000
|
51
|
+
raise Fog::AWS::IAM::Error.new(
|
52
|
+
"ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value less than or equal to 1000"
|
53
|
+
)
|
54
|
+
elsif limit < 1
|
55
|
+
raise Fog::AWS::IAM::Error.new(
|
56
|
+
"ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value greater than or equal to 1"
|
57
|
+
)
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
data_set = if marker
|
62
|
+
self.data[:markers][marker] || []
|
63
|
+
else
|
64
|
+
self.data[:managed_policies].values
|
65
|
+
end
|
66
|
+
|
67
|
+
data = data_set.slice!(0, limit || 100)
|
68
|
+
truncated = data_set.size > 0
|
69
|
+
marker = truncated && Base64.encode64("metadata/l/#{account_id}/#{UUID.uuid}")
|
70
|
+
|
71
|
+
response = Excon::Response.new
|
72
|
+
|
73
|
+
body = {
|
74
|
+
'Policies' => data,
|
75
|
+
'IsTruncated' => truncated,
|
76
|
+
'RequestId' => Fog::AWS::Mock.request_id
|
77
|
+
}
|
78
|
+
|
79
|
+
if marker
|
80
|
+
self.data[:markers][marker] = data_set
|
81
|
+
body.merge!('Marker' => marker)
|
82
|
+
end
|
83
|
+
|
84
|
+
response.body = body
|
85
|
+
response.status = 200
|
86
|
+
|
87
|
+
response
|
88
|
+
end
|
89
|
+
end
|
45
90
|
end
|
46
91
|
end
|
47
92
|
end
|
data/lib/fog/aws/signaturev4.rb
CHANGED
@@ -79,18 +79,20 @@ DATA
|
|
79
79
|
protected
|
80
80
|
|
81
81
|
def canonical_path(path)
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
82
|
+
unless @service == 's3' #S3 implements signature v4 different - paths are not canonialized
|
83
|
+
#leading and trailing repeated slashes are collapsed, but not ones that appear elsewhere
|
84
|
+
path = path.gsub(%r{\A/+},'/').gsub(%r{/+\z},'/')
|
85
|
+
components = path.split('/',-1)
|
86
|
+
path = components.inject([]) do |acc, component|
|
87
|
+
case component
|
88
|
+
when '.' #canonicalize by removing .
|
89
|
+
when '..' then acc.pop#canonicalize by reducing ..
|
90
|
+
else
|
91
|
+
acc << component
|
92
|
+
end
|
93
|
+
acc
|
94
|
+
end.join('/')
|
95
|
+
end
|
94
96
|
path.empty? ? '/' : path
|
95
97
|
end
|
96
98
|
|
data/lib/fog/aws/version.rb
CHANGED
@@ -0,0 +1,67 @@
|
|
1
|
+
Shindo.tests("Fog::Compute[:iam] | managed_policies", ['aws','iam']) do
|
2
|
+
|
3
|
+
iam = Fog::AWS[:iam]
|
4
|
+
|
5
|
+
tests('#all').succeeds do
|
6
|
+
iam.managed_policies.size == 100
|
7
|
+
end
|
8
|
+
|
9
|
+
tests('#each').succeeds do
|
10
|
+
policies = []
|
11
|
+
|
12
|
+
iam.managed_policies.each { |policy| policies << policy }
|
13
|
+
|
14
|
+
policies.size > 100
|
15
|
+
end
|
16
|
+
|
17
|
+
policy = iam.managed_policies.get("arn:aws:iam::aws:policy/IAMReadOnlyAccess")
|
18
|
+
|
19
|
+
tests("#document").succeeds do
|
20
|
+
policy.document == {
|
21
|
+
"Version" => "2012-10-17",
|
22
|
+
"Statement" => [
|
23
|
+
{
|
24
|
+
"Effect" => "Allow",
|
25
|
+
"Action" => [ "iam:GenerateCredentialReport", "iam:Get*", "iam:List*" ],
|
26
|
+
"Resource" => "*"
|
27
|
+
}
|
28
|
+
]
|
29
|
+
}
|
30
|
+
end
|
31
|
+
|
32
|
+
tests("users") do
|
33
|
+
user = iam.users.create(:id => uniq_id("fog-test-user"))
|
34
|
+
|
35
|
+
tests("#attach").succeeds do
|
36
|
+
user.attach(policy)
|
37
|
+
|
38
|
+
user.attached_policies.map(&:identity) == [policy.identity]
|
39
|
+
end
|
40
|
+
|
41
|
+
tests("#detach").succeeds do
|
42
|
+
user.detach(policy)
|
43
|
+
|
44
|
+
user.attached_policies.map(&:identity) == []
|
45
|
+
end
|
46
|
+
|
47
|
+
user.destroy
|
48
|
+
end
|
49
|
+
|
50
|
+
tests("groups") do
|
51
|
+
group = iam.groups.create(:name => uniq_id("fog-test-group"))
|
52
|
+
|
53
|
+
tests("#attach").succeeds do
|
54
|
+
group.attach(policy)
|
55
|
+
|
56
|
+
group.attached_policies.map(&:identity) == [policy.identity]
|
57
|
+
end
|
58
|
+
|
59
|
+
tests("#detach").succeeds do
|
60
|
+
group.detach(policy)
|
61
|
+
|
62
|
+
group.attached_policies.map(&:identity) == []
|
63
|
+
end
|
64
|
+
|
65
|
+
group.destroy
|
66
|
+
end
|
67
|
+
end
|
@@ -56,6 +56,26 @@ Shindo.tests("Fog::Compute[:iam] | users", ['aws','iam']) do
|
|
56
56
|
user.access_keys.empty?
|
57
57
|
end
|
58
58
|
|
59
|
+
# test that users create in mock and be signed in via access key and share data
|
60
|
+
if Fog.mocking?
|
61
|
+
tests("mocking access key usage") do
|
62
|
+
access_key = user.access_keys.create
|
63
|
+
|
64
|
+
user_client = Fog::AWS::IAM.new(
|
65
|
+
:aws_access_key_id => access_key.identity,
|
66
|
+
:aws_secret_access_key => access_key.secret_access_key
|
67
|
+
)
|
68
|
+
|
69
|
+
tests("sets correct data").succeeds do
|
70
|
+
user_client.users.size > 1
|
71
|
+
end
|
72
|
+
|
73
|
+
tests("set current user name").succeeds do
|
74
|
+
user_client.current_user_name == user.identity
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
78
|
+
|
59
79
|
tests('#password=nil', 'without a password').succeeds do
|
60
80
|
user.password = nil
|
61
81
|
user.password_created_at.nil?
|
@@ -1,4 +1,5 @@
|
|
1
1
|
Shindo.tests('Fog::Compute[:aws] | address requests', ['aws']) do
|
2
|
+
compute = Fog::Compute[:aws]
|
2
3
|
|
3
4
|
@addresses_format = {
|
4
5
|
'addressesSet' => [{
|
@@ -10,7 +11,7 @@ Shindo.tests('Fog::Compute[:aws] | address requests', ['aws']) do
|
|
10
11
|
}],
|
11
12
|
'requestId' => String
|
12
13
|
}
|
13
|
-
@server =
|
14
|
+
@server = compute.servers.create
|
14
15
|
@server.wait_for { ready? }
|
15
16
|
@ip_address = @server.public_ip_address
|
16
17
|
|
@@ -21,81 +22,93 @@ Shindo.tests('Fog::Compute[:aws] | address requests', ['aws']) do
|
|
21
22
|
@vpc_allocation_id = nil
|
22
23
|
|
23
24
|
tests('#allocate_address').formats({'domain' => String, 'publicIp' => String, 'requestId' => String}) do
|
24
|
-
data =
|
25
|
+
data = compute.allocate_address.body
|
25
26
|
@public_ip = data['publicIp']
|
26
27
|
data
|
27
28
|
end
|
28
29
|
|
29
30
|
tests("#allocate_address('vpc')").formats({'domain' => String, 'publicIp' => String, 'allocationId' => String, 'requestId' => String}) do
|
30
|
-
data =
|
31
|
+
data = compute.allocate_address('vpc').body
|
31
32
|
@vpc_public_ip = data['publicIp']
|
32
33
|
@vpc_allocation_id = data['allocationId']
|
33
34
|
data
|
34
35
|
end
|
35
36
|
|
36
37
|
tests('#describe_addresses').formats(@addresses_format) do
|
37
|
-
|
38
|
+
compute.describe_addresses.body
|
38
39
|
end
|
39
40
|
|
40
41
|
tests("#describe_addresses('public-ip' => #{@public_ip}')").formats(@addresses_format) do
|
41
|
-
|
42
|
+
compute.describe_addresses('public-ip' => @public_ip).body
|
42
43
|
end
|
43
44
|
|
44
45
|
tests("#associate_addresses('#{@server.identity}', '#{@public_ip}')").formats(AWS::Compute::Formats::BASIC) do
|
45
|
-
|
46
|
+
compute.associate_address(@server.identity, @public_ip).body
|
46
47
|
end
|
47
48
|
|
48
49
|
tests("#associate_addresses({:instance_id=>'#{@server.identity}', :public_ip=>'#{@public_ip}'})").formats(AWS::Compute::Formats::BASIC) do
|
49
|
-
|
50
|
+
compute.associate_address({:instance_id=>@server.identity,:public_ip=> @public_ip}).body
|
50
51
|
end
|
51
52
|
|
52
53
|
tests("#dissassociate_address('#{@public_ip}')").formats(AWS::Compute::Formats::BASIC) do
|
53
|
-
|
54
|
+
compute.disassociate_address(@public_ip).body
|
54
55
|
end
|
55
56
|
|
56
57
|
tests("#associate_addresses('#{@server.id}', nil, nil, '#{@vpc_allocation_id}')").formats(AWS::Compute::Formats::BASIC) do
|
57
|
-
|
58
|
+
compute.associate_address(@server.id, nil, nil, @vpc_allocation_id).body
|
58
59
|
end
|
59
60
|
|
60
61
|
tests("#associate_addresses({:instance_id=>'#{@server.id}', :allocation_id=>'#{@vpc_allocation_id}'})").formats(AWS::Compute::Formats::BASIC) do
|
61
|
-
|
62
|
+
compute.associate_address({:instance_id=>@server.id, :allocation_id=>@vpc_allocation_id}).body
|
62
63
|
end
|
63
64
|
|
64
65
|
tests("#release_address('#{@public_ip}')").formats(AWS::Compute::Formats::BASIC) do
|
65
|
-
|
66
|
+
compute.release_address(@public_ip).body
|
66
67
|
end
|
67
68
|
|
68
69
|
tests("#release_address('#{@vpc_allocation_id}')").formats(AWS::Compute::Formats::BASIC) do
|
69
|
-
|
70
|
+
compute.release_address(@vpc_allocation_id).body
|
70
71
|
end
|
71
72
|
end
|
73
|
+
|
72
74
|
tests('failure') do
|
73
75
|
|
74
|
-
@address
|
75
|
-
@vpc_address =
|
76
|
+
@address = compute.addresses.create
|
77
|
+
@vpc_address = compute.addresses.create(:domain => 'vpc')
|
76
78
|
|
77
79
|
tests("#associate_addresses({:instance_id =>'i-00000000', :public_ip => '#{@address.identity}')}").raises(Fog::Compute::AWS::NotFound) do
|
78
|
-
|
80
|
+
compute.associate_address({:instance_id => 'i-00000000', :public_ip => @address.identity})
|
79
81
|
end
|
80
82
|
|
81
83
|
tests("#associate_addresses({:instance_id =>'#{@server.identity}', :public_ip => '127.0.0.1'})").raises(Fog::Compute::AWS::Error) do
|
82
|
-
|
84
|
+
compute.associate_address({:instance_id => @server.identity, :public_ip => '127.0.0.1'})
|
83
85
|
end
|
84
86
|
|
85
87
|
tests("#associate_addresses({:instance_id =>'i-00000000', :public_ip => '127.0.0.1'})").raises(Fog::Compute::AWS::NotFound) do
|
86
|
-
|
88
|
+
compute.associate_address({:instance_id =>'i-00000000', :public_ip =>'127.0.0.1'})
|
87
89
|
end
|
88
90
|
|
89
91
|
tests("#disassociate_addresses('127.0.0.1') raises BadRequest error").raises(Fog::Compute::AWS::Error) do
|
90
|
-
|
92
|
+
compute.disassociate_address('127.0.0.1')
|
91
93
|
end
|
92
94
|
|
93
95
|
tests("#release_address('127.0.0.1')").raises(Fog::Compute::AWS::Error) do
|
94
|
-
|
96
|
+
compute.release_address('127.0.0.1')
|
95
97
|
end
|
96
98
|
|
97
99
|
tests("#release_address('#{@vpc_address.identity}')").raises(Fog::Compute::AWS::Error) do
|
98
|
-
|
100
|
+
compute.release_address(@vpc_address.identity)
|
101
|
+
end
|
102
|
+
|
103
|
+
if Fog.mocking?
|
104
|
+
old_limit = compute.data[:limits][:addresses]
|
105
|
+
|
106
|
+
tests("#allocate_address", "limit exceeded").raises(Fog::Compute::AWS::Error) do
|
107
|
+
compute.data[:limits][:addresses] = 0
|
108
|
+
compute.allocate_address
|
109
|
+
end
|
110
|
+
|
111
|
+
compute.data[:limits][:addresses] = old_limit
|
99
112
|
end
|
100
113
|
|
101
114
|
@address.destroy
|
data/tests/signaturev4_tests.rb
CHANGED
@@ -96,5 +96,12 @@ Shindo.tests('AWS | signaturev4', ['aws']) do
|
|
96
96
|
end
|
97
97
|
end
|
98
98
|
|
99
|
+
tests("s3 signer does not normalize path") do
|
100
|
+
signer=Fog::AWS::SignatureV4.new('AKIDEXAMPLE', 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY', 'us-east-1','s3')
|
101
|
+
returns(signer.sign({:query => {}, :headers => {'Host' => 'host.foo.com', 'Date' => 'Mon, 09 Sep 2011 23:36:00 GMT'}, :method => :get, :path => '//foo/../bar/./'}, @now)) do
|
102
|
+
'AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/20110909/us-east-1/s3/aws4_request, SignedHeaders=date;host, Signature=72407ad06b8e5750360f42e8aad9f33a0be363bcfeecdcae0aea58c99709fb4a'
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
99
106
|
Fog::Time.now = ::Time.now
|
100
107
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fog-aws
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Josh Lane
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2015-
|
12
|
+
date: 2015-06-15 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: bundler
|
@@ -149,6 +149,10 @@ files:
|
|
149
149
|
- lib/fog/aws/federation.rb
|
150
150
|
- lib/fog/aws/glacier.rb
|
151
151
|
- lib/fog/aws/iam.rb
|
152
|
+
- lib/fog/aws/iam/default_policies.json
|
153
|
+
- lib/fog/aws/iam/default_policies.rb
|
154
|
+
- lib/fog/aws/iam/default_policy_versions.json
|
155
|
+
- lib/fog/aws/iam/paged_collection.rb
|
152
156
|
- lib/fog/aws/kms.rb
|
153
157
|
- lib/fog/aws/mock.rb
|
154
158
|
- lib/fog/aws/models/auto_scaling/activities.rb
|
@@ -255,6 +259,8 @@ files:
|
|
255
259
|
- lib/fog/aws/models/iam/access_keys.rb
|
256
260
|
- lib/fog/aws/models/iam/group.rb
|
257
261
|
- lib/fog/aws/models/iam/groups.rb
|
262
|
+
- lib/fog/aws/models/iam/managed_policies.rb
|
263
|
+
- lib/fog/aws/models/iam/managed_policy.rb
|
258
264
|
- lib/fog/aws/models/iam/policies.rb
|
259
265
|
- lib/fog/aws/models/iam/policy.rb
|
260
266
|
- lib/fog/aws/models/iam/role.rb
|
@@ -510,6 +516,7 @@ files:
|
|
510
516
|
- lib/fog/aws/parsers/iam/list_users.rb
|
511
517
|
- lib/fog/aws/parsers/iam/login_profile.rb
|
512
518
|
- lib/fog/aws/parsers/iam/policy_parser.rb
|
519
|
+
- lib/fog/aws/parsers/iam/policy_version.rb
|
513
520
|
- lib/fog/aws/parsers/iam/role_parser.rb
|
514
521
|
- lib/fog/aws/parsers/iam/single_policy.rb
|
515
522
|
- lib/fog/aws/parsers/iam/single_role.rb
|
@@ -997,6 +1004,8 @@ files:
|
|
997
1004
|
- lib/fog/aws/requests/iam/get_group_policy.rb
|
998
1005
|
- lib/fog/aws/requests/iam/get_instance_profile.rb
|
999
1006
|
- lib/fog/aws/requests/iam/get_login_profile.rb
|
1007
|
+
- lib/fog/aws/requests/iam/get_policy.rb
|
1008
|
+
- lib/fog/aws/requests/iam/get_policy_version.rb
|
1000
1009
|
- lib/fog/aws/requests/iam/get_role.rb
|
1001
1010
|
- lib/fog/aws/requests/iam/get_role_policy.rb
|
1002
1011
|
- lib/fog/aws/requests/iam/get_server_certificate.rb
|
@@ -1004,6 +1013,8 @@ files:
|
|
1004
1013
|
- lib/fog/aws/requests/iam/get_user_policy.rb
|
1005
1014
|
- lib/fog/aws/requests/iam/list_access_keys.rb
|
1006
1015
|
- lib/fog/aws/requests/iam/list_account_aliases.rb
|
1016
|
+
- lib/fog/aws/requests/iam/list_attached_group_policies.rb
|
1017
|
+
- lib/fog/aws/requests/iam/list_attached_user_policies.rb
|
1007
1018
|
- lib/fog/aws/requests/iam/list_group_policies.rb
|
1008
1019
|
- lib/fog/aws/requests/iam/list_groups.rb
|
1009
1020
|
- lib/fog/aws/requests/iam/list_groups_for_user.rb
|
@@ -1293,6 +1304,7 @@ files:
|
|
1293
1304
|
- tests/models/glacier/model_tests.rb
|
1294
1305
|
- tests/models/iam/access_keys_tests.rb
|
1295
1306
|
- tests/models/iam/groups_tests.rb
|
1307
|
+
- tests/models/iam/managed_policies_tests.rb
|
1296
1308
|
- tests/models/iam/policies_tests.rb
|
1297
1309
|
- tests/models/iam/roles_tests.rb
|
1298
1310
|
- tests/models/iam/users_tests.rb
|