kumogata-template 0.0.3 → 0.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5847d3069a5760206ce6ed27a3e9a9a27346be30
-  data.tar.gz: 926e9616a61038c9e9e06e34381bf5e30a4f2acc
+  metadata.gz: 1522206975c39c028a0365c00c79cfc420ca51ca
+  data.tar.gz: b7667dc8232129044d0c49ae110fafe77cd87fcc
 SHA512:
-  metadata.gz: ab2d6adcc316341eab02451f3df6d6d1548f61cf6ca243bd7f8d31a2d1b6a1530ee4357a6acd76308fe678d7bb17223a8f3f8313ac10009770aaa2693fc8b5e5
-  data.tar.gz: e9d0fd9037cfdce7bcbf0f6fc7b902623bae96e0fb2351a9e4bcbc3f91810746321e61bffa92315acbd9ea69b951cdf0279fe66c1e3635bc0d63054fad41d4e8
+  metadata.gz: 41a3062c2066bc965e6a3d0e16e7f573a966dadf62dcf021f5b4a44148df8eeb90f2ba744b633206acd8fc7121b740f88ee2cba9ff040774931893d556c55653
+  data.tar.gz: 71eb8ee86ad0648e6f5be552d5861d9b3a10b6372c68ff2c48d32320dfb1ddd3a24827b543296f0507d8987d97af152870cfff7ad8a7704395a9a8cb265ee8ad

data/lib/kumogata/template/autoscaling.rb

@@ -3,6 +3,46 @@
 #
 require 'kumogata/template/helper'
 
+def _autoscaling_to_adjustment(value)
+  return value if value.nil?
+  case value.downcase
+  when "change"
+    "ChangeInCapacity"
+  when "exact"
+    "ExactCapacity"
+  when "percent"
+    "PercentChangeInCapacity"
+  else
+    value
+  end
+end
+
+def _autoscaling_to_metric(value)
+  return value if value.nil?
+  case value.downcase
+  when "min"
+    "Minimum"
+  when "max"
+    "Maximum"
+  when "avg"
+    "Average"
+  else
+    value
+  end
+end
+
+def _autoscaling_to_policy(value)
+  return value if value.nil?
+  case value.downcase
+  when "simple"
+    "SimpleScaling"
+  when "step"
+    "StepScaling"
+  else
+    value
+  end
+end
+
 def _autoscaling_metrics
   _{
     Granularity "1Minute"
@@ -42,8 +82,8 @@ def _autoscaling_step(args)
   scaling = args[:scaling] || 1
 
   _{
-    MetricIntervalLowerBound lower unless lower.empty?
-    MetricIntervalUpperBound upper unless upper.empty?
+    MetricIntervalLowerBound lower unless lower.to_s.empty?
+    MetricIntervalUpperBound upper unless upper.to_s.empty?
     ScalingAdjustment scaling
   }
 end
@@ -75,3 +115,26 @@ def _autoscaling_tags(args)
   end
   tags
 end
+
+def _autoscaling_terminations(args)
+  terminations = args[:terminations]
+  return [] if terminations.nil?
+
+  array = []
+  terminations.each do |termination|
+    array <<
+      case termination.downcase
+      when "old instance"
+        "OldestInstance"
+      when "new instance"
+        "NewestInstance"
+      when "old launch"
+        "OldestLaunchConfiguration"
+      when "close"
+        "ClosestToNextInstanceHour"
+      else
+        "Default"
+      end
+  end
+  array
+end

data/lib/kumogata/template/cloudwatch.rb

@@ -2,6 +2,24 @@
 # Helper - CloudWatch
 #
 
+def _cloudwatch_to_statistic(value)
+  return value if value.nil?
+  case value.downcase
+  when "sample"
+    "SampleCount"
+  when "avg"
+    "Average"
+  when "Sum"
+    "Sum"
+  when "min"
+    "Minimum"
+  when "max"
+    "Maximum"
+  else
+    value
+  end
+end
+
 def _cloudwatch_convert_operator(operator)
   case operator
   when ">="
@@ -9,13 +27,13 @@ def _cloudwatch_convert_operator(operator)
   when ">"
     "GreaterThanThreshold"
   when "<="
-    "LessThanThreshold"
-  when "<"
     "LessThanOrEqualToThreshold"
+  when "<"
+    "LessThanThreshold"
   else
     _valid_values(operator,
                   %w( GreaterThanOrEqualToThreshold GreaterThanThreshold
-                      LessThanThreshold LessThanOrEqualToThreshold ),
+                      LessThanOrEqualToThreshold LessThanThreshold ),
                   "GreaterThanThreshold")
   end
 end

data/lib/kumogata/template/const.rb

@@ -13,6 +13,7 @@ AWS_REGION = {
   sydney:     "ap-southeast-2",
   seoul:      "ap-northeast-2",
   saopaulo:   "sa-east-1",
+  mumbai:     "ap-south-1",
 }
 
 PORT = {
@@ -83,6 +84,10 @@ EC2_INSTANCE_TYPES =
    # i2.4xlarge  16    122         4 x 800
    # i2.8xlarge  32    244         8 x 800
    "i2.xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge",
+
+   # Model        vCPU   Mem (GiB)   SSD Storage (GB)  network Bandwidth
+   # x1.32xlargee  128   1,952        2 x 1,902 SSD      10 Gbps 10 Gbps
+   "x1.32xlarge",
   ]
 EC2_DEFAULT_INSTANCE_TYPE = "t2.medium"
 
@@ -173,3 +178,16 @@ EMR_DEFAULT_INSTANCE_TYPE = "c4.large"
 
 # http://docs.aws.amazon.com/ElasticMapReduce/latest/ReleaseGuide/emr-whatsnew.html
 EMR_DEFAULT_RELEASE = "emr-4.6.0"
+
+ELB_ACCESS_LOG_ACCOUNT_ID = {
+  "us-east-1": "127311923021",
+  "us-west-2": "797873946194",
+  "us-west-1": "027434742980",
+  "eu-west-1": "156460612806",
+  "eu-central-1": "054676820928",
+  "ap-southeast-1": "114774131450",
+  "ap-northeast-1": "582318560864",
+  "ap-southeast-2": "783225319266",
+  "ap-northeast-2": "600734575887",
+  "sa-east-1": "507241528517",
+}

data/lib/kumogata/template/ec2.rb

@@ -34,7 +34,7 @@ def _ec2_security_group_egress(args)
   destination = _ref_string("destination", args, "security group")
   from = _ref_string("from", args)
   group = _ref_string("group", args, "security group")
-  ip = args[:ip_protocol] || "tcp"
+  ip = args[:ip] || "tcp"
   to = _ref_string("to", args)
   from = to if from.empty?
 
@@ -63,12 +63,13 @@ def _ec2_security_group_ingress(args)
   from = _ref_string("from", args)
   group_id = _ref_string("group", args, "security group")
   group_name = args[:group_name] || ""
-  ip = args[:ip_protocol] || "tcp"
+  ip = args[:ip] || "tcp"
   source_group_name = _ref_string("source_group_name", args, "security group")
   source_group_id = _ref_string("source_group_id", args, "security group")
   source_group_owner_id = _ref_string("source_group_owner_id", args, "account id")
   to = _ref_string("to", args)
   to = from if to.empty?
+  ip = -1 and from = 0 and to = 65535 if ip == "all"
 
   _{
     CidrIp cidr if source_group_name.empty? and source_group_id.empty?
@@ -109,12 +110,13 @@ def _ec2_block_device(args)
   }
 end
 
-def _ec2_network_interface(args)
+def _ec2_network_interface(args, is_spot = false)
   associate_public = _bool("associate_public", args, true)
   delete = _bool("delete", args, true)
   description = args[:description] || ""
   device = args[:device] || 0
   group_set = _ref_array("group_set", args, "security group")
+  groups = _ref_array("groups", args, "security group")
   network_interface = _ref_string("network", args)
   private_ip = args[:private_ip] || ""
   private_ips = args[:private_ips] || ""
@@ -126,9 +128,13 @@ def _ec2_network_interface(args)
     DeleteOnTermination delete
     Description description unless description.empty?
     DeviceIndex device
-    GroupSet group_set unless group_set.empty?
+    if is_spot
+      Groups groups unless groups.empty?
+    else
+      GroupSet group_set unless group_set.empty?
+    end
     NetworkInterfaceId network_interface unless network_interface.empty?
-    PrivateIpAddress private_ip unless private_ip.empty?
+    PrivateIpAddress private_ip if is_spot and !private_ip.empty?
     PrivateIpAddresses private_ips unless private_ips.empty?
     SecondaryPrivateIpAddressCount secondary_private_ip unless secondary_private_ip.empty?
     SubnetId subnet
@@ -163,3 +169,81 @@ def _ec2_protocol_number(protocol)
     -1
   end
 end
+
+def _ec2_spot_fleet_request(args)
+  allocation = _valid_values(args[:allocation], %w( lowestPrice diversified), "lowestPrice")
+  express = _valid_values(args[:express], %w( noTermination default), "")
+  iam = args[:iam]   # IAM Role "aws-ec2-spot-fleet-role" auto generated
+  launches = args[:launches].collect{|v| _ec2_spot_fleet_launches(v) }
+  price = args[:price] || 0.00
+  target = _ref_string("target", args, "")
+  target = 1 if target.empty?
+  terminate = _bool("terminate", args, false)
+  valid_from = (args.key? :valid_from) ? _timestamp_utc(args[:valid_from]) : ''
+  valid_until =
+    if args.key? :valid_until
+      _timestamp_utc(args[:valid_until])
+    elsif args.key? :valid_from
+      _timestamp_utc(args[:valid_from] + (60 * 60 * 24 * 365))
+    else
+      ''
+    end
+
+  _{
+    AllocationStrategy allocation
+    ExcessCapacityTerminationPolicy express unless express.empty?
+    IamFleetRole iam
+    LaunchSpecifications launches
+    SpotPrice price
+    TargetCapacity target
+    TerminateInstancesWithExpiration terminate
+    ValidFrom valid_from if args.key? :valid_from
+    ValidUntil valid_until if args.key? :valid_from or args.key? :valid_until
+  }
+end
+
+def _ec2_spot_fleet_launches(args)
+  block_devices = (args[:block_devices] || []).collect{|v| _ec2_block_device(v) }
+  ebs = _bool("ebs", args, false)
+  iam = _ref_string("iam", args, "iam instance profile")
+  iam = _ref_attr_string("iam", "Arn", args, "iam instance profile") if iam.empty?
+  instance_type = _ref_string("instance_type", args, "instance type")
+  image =_ec2_image(instance_type, args)
+  kernel = args[:kernel] || ""
+  key_name = _ref_string("key_name", args, "key name")
+  monitoring = _bool("monitoring", args, false)
+  network_interfaces = (args[:network_interfaces] || []).collect{|v| _ec2_network_interface(v, true) }
+  placement = _ref_string("placement", args)
+  ram_disk = args[:ram_disk] || ""
+  security_groups = _ref_array("security_groups", args, "security group")
+  subnet = _ref_string("subnet", args, "subnet")
+  user_data = _ref_string("user_data", args, "user data")
+  weighted = args[:weighted] || ""
+
+  _{
+    BlockDeviceMappings block_devices unless block_devices.empty?
+    EbsOptimized ebs
+    IamInstanceProfile do
+      Arn iam
+    end unless iam.empty?
+    ImageId image
+    InstanceType instance_type
+    KernelId kernel unless kernel.empty?
+    KeyName key_name unless key_name.empty?
+    Monitoring do
+      Enabled monitoring
+    end
+    NetworkInterfaces network_interfaces unless network_interfaces.empty?
+    Placement placement unless placement.empty?
+    RamdiskId ram_disk unless ram_disk.empty?
+    SecurityGroups security_groups unless security_groups.empty?
+    SubnetId subnet unless subnet.empty?
+    UserData do
+      Fn__Base64 (<<-EOS).undent
+#!/bin/bash
+#{user_data}
+EOS
+    end unless user_data.empty?
+    WeightedCapacity weighted if args.key? :weighted
+  }
+end

data/lib/kumogata/template/emr.rb

@@ -42,11 +42,28 @@ def _emr_configurations(args)
   array = []
   configurations.each do |configuration|
     classification = configuration[:classification] || ""
-    properties = configuration[:properties] || []
+    properties = configuration[:properties] || {}
+    configuring = _emr_configuring(configuration)
     array << _{
       Classification classification unless classification.empty?
-      ConfigurationProperties properties unless properties.empty?
-      #Configurations
+      ConfigurationProperties properties
+      Configurations configuring
+    }
+  end
+  array
+end
+
+def _emr_configuring(args)
+  configurations = args[:configurations] || []
+
+  array = []
+  configurations.each do |configuration|
+    classification = configuration[:classification] || ""
+    properties = configuration[:properties] || {}
+    array << _{
+      Classification classification unless classification.empty?
+      ConfigurationProperties properties
+      Configurations []
     }
   end
   array

data/lib/kumogata/template/ext/kumogata.rb

@@ -100,4 +100,72 @@ class Kumogata::Client
     template_path = File.join(template_path, "#{file}.rb") unless file.nil?
     template_path
   end
+
+  def evaluate_template(template, path_or_url)
+    key_converter = proc do |key|
+      key = key.to_s
+      unless @options.skip_replace_underscore?
+        key.gsub!('_', ':')
+        key.gsub!('__', '::')
+      end
+      key
+    end
+
+    value_converter = proc do |v|
+      case v
+      when Hash, Array
+        v
+      else
+        v.to_s
+      end
+    end
+
+    template = Dslh.eval(template.read, {
+      :key_conv   => key_converter,
+      :value_conv => value_converter,
+      :scope_hook => proc {|scope|
+        define_template_func(scope, path_or_url)
+      },
+      :filename   => path_or_url,
+    })
+
+    @outputs_filter.fetch!(template)
+    @post_processing.fetch!(template)
+
+    return template
+  end
+
+  def devaluate_template(template)
+    exclude_key = proc do |k|
+      k = k.to_s.gsub('::', '__')
+      k !~ /\A[_a-z]\w+\Z/i and k !~ %r|\A/\S*\Z|
+    end
+
+    key_conv = proc do |k|
+      k = k.to_s
+
+      if k =~ %r|\A/\S*\Z|
+        proc do |v, nested|
+          if nested
+            "_path(#{k.inspect}) #{v}"
+          else
+            "_path #{k.inspect}, #{v}"
+          end
+        end
+      else
+        k.gsub(':', '_')
+        k.gsub('::', '__')
+      end
+    end
+
+    value_conv = proc do |v|
+      if v.kind_of?(String) and v =~ /\A(?:0|[1-9]\d*)\Z/
+        v.to_i
+      else
+        v
+      end
+    end
+
+    Dslh.deval(template, :key_conv => key_conv, :value_conv => value_conv, :exclude_key => exclude_key)
+  end
 end

data/lib/kumogata/template/helper.rb

@@ -164,19 +164,12 @@ def _availability_zones(args, use_subnet = true)
   end
 end
 
-def _timestamp_utc(year = nil, month = nil, day = nil, hour = 0, min = 0)
-  time =
-    if year.nil?
-      Time.now
-    else
-      Time.local(year, month, day, hour, min)
-    end
-  time.utc.strftime("%Y-%m-%dT%H:%M:00Z")
+def _timestamp_utc(time = Time.now)
+  time.utc.strftime("%Y-%m-%dT%H:%M:%SZ")
 end
 
 def _timestamp_utc_from_string(time)
-  time = Time.strptime(time, "%Y-%m-%d %H:%M")
-  _timestamp_utc(time.year, time.month, time.day, time.hour, time.min)
+  _timestamp_utc(Time.strptime(time, "%Y-%m-%d %H:%M"))
 end
 
 def _maintenance_window(service, start_time)

data/lib/kumogata/template/iam.rb

@@ -3,6 +3,19 @@
 #
 require 'kumogata/template/helper'
 
+def _iam_to_policy(value)
+  case value
+  when 'admin'
+    'AdministratorAccess'
+  when 'power'
+    'PowerUserAccess'
+  when 'readonly'
+    'ReadOnlyAccess'
+  else
+    value
+  end
+end
+
 def _iam_policies(name, args)
   array = []
   policies = args["#{name}".to_sym] || []
@@ -45,12 +58,35 @@ def _iam_policy_document(name, args)
   array
 end
 
-def _iam_assume_role_policy_document(service)
+def _iam_assume_role_policy_document(args)
+  aws =
+    if args.key? :aws
+      _iam_arn("iam", args[:aws])
+    else
+      ""
+    end
+  service = args[:service] || ""
+  condition =
+    if args.key? :external_id
+      true
+    else
+      false
+    end
+  external_id = args[:external_id] || ""
+
   [
    _{
      Effect "Allow"
-     Principal _{ Service [ "#{service}.amazonaws.com" ] }
+     Principal _{
+       AWS aws unless aws.empty?
+       Service [ "#{service}.amazonaws.com" ] unless service.empty?
+     }
      Action [ "sts:AssumeRole" ]
+     Condition _{
+       StringEquals _{
+         sts_ExternalId external_id unless external_id.empty?
+       }
+     } if condition
    }
   ]
 end
@@ -85,12 +121,55 @@ def _iam_arn(service, resource)
 
   when "iam"
     if resource.key? :sts
-      "arn:aws:sts::#{account_id}:#{resource[:type]}/#{resource[:user]}"
+      "arn:aws:sts::#{resource[:account_id]}:#{resource[:type]}/#{resource[:user]}"
+    elsif resource.key? :policy
+      "arn:aws:iam::aws:policy/#{_iam_to_policy(resource[:policy])}"
+    elsif resource.key? :root
+      "#{arn_prefix}::#{resource[:account_id]}:root"
     else
-      "#{arn_prefix}::#{account_id}:#{resource[:type]}/#{resource[:user]}"
+      "#{arn_prefix}::#{resource[:account_id]}:#{resource[:type]}/#{resource[:user]}"
     end
 
   when "elasticloadbalancing"
     "#{arn_prefix}:*:*:loadbalancer/#{resource}"
+
+  when "logs"
+    "#{arn_prefix}:*:*:*"
+  end
+end
+
+def _iam_s3_bucket_policy(region, bucket, prefix, aws_account_id)
+  account_id = ELB_ACCESS_LOG_ACCOUNT_ID[region.to_sym]
+  prefix = [ prefix ] if prefix.is_a? String
+  resource = prefix.collect{|v| "#{bucket}/#{v}/AWSLogs/#{aws_account_id}/*" }
+  [
+   {
+     service: "s3",
+     action: [ "PutObject" ],
+     principal: {
+       "AWS": [ account_id ],
+     },
+     resource: resource,
+   },
+  ]
+end
+
+def _iam_login_profile(args)
+  password = args[:password] || ""
+  reset_required = _bool("reset_required", args, true)
+
+  _{
+    Password password
+    PasswordResetRequired reset_required
+  }
+end
+
+def _iam_managed_policies(args)
+  arns = args[:managed_policies]
+
+  array = []
+  arns.each do |v|
+    array << _iam_arn("iam", { policy: v })
   end
+  array
 end

data/lib/kumogata/template/s3.rb

@@ -3,6 +3,31 @@
 #
 require 'kumogata/template/helper'
 
+def _s3_to_access(value)
+  return "Private" if value.nil?
+
+  case value
+  when "auth"
+    "AuthenticatedRead"
+  when "aws_exec"
+    "AwsExecRead"
+  when "owner"
+    "BucketOwnerRead"
+  when "owner_full"
+    "BucketOwnerFullControl"
+  when "log_delivery_w"
+    "LogDeliveryWrite"
+  when "private"
+    "Private"
+  when "public_r"
+    "PublicRead"
+  when "public_rw"
+    "PublicReadWrite"
+  else
+    value
+  end
+end
+
 def _s3_cors(args)
   rules = args[:cors] || []
 

data/lib/kumogata/template/version.rb

@@ -1 +1 @@
-KUMOGATA_TEMPLATE_VERSION = '0.0.3'
+KUMOGATA_TEMPLATE_VERSION = '0.0.4'

data/template/autoscaling-group.rb

@@ -21,7 +21,7 @@ max = min if max < min
 notifications = (args[:notifications] || []).collect{|v| _autoscaling_notification(v) }
 placement = args[:placement] || ""
 tags = _autoscaling_tags(args)
-termination = args[:termination] || []
+terminations = _autoscaling_terminations(args)
 vpc_zones = _ref_array("vpc_zones", args, "subnet")
 
 _(name) do
@@ -41,7 +41,7 @@ _(name) do
     NotificationConfigurations notifications
     PlacementGroup placement unless placement.empty?
     Tags tags
-    TerminationPolicies termination unless termination.empty?
+    TerminationPolicies terminations unless terminations.empty?
     VPCZoneIdentifier vpc_zones unless vpc_zones.empty?
   end
 end

data/template/autoscaling-scaling-policy.rb

@@ -3,31 +3,32 @@
 # http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-policy.html
 #
 require 'kumogata/template/helper'
+require 'kumogata/template/autoscaling'
 
 name = _resource_name(args[:name], "autoscaling scaling policy")
-adjustment = _valid_values(args[:adjustment],
+adjustment = _valid_values(_autoscaling_to_adjustment(args[:adjustment]),
                            %w( ChangeInCapacity ExactCapacity PercentChangeInCapacity ),
                            "ChangeInCapacity")
 autoscaling = _ref_string("autoscaling", args, "autoscaling group")
-cooldown = args[:cooldown] || -1
+cooldown = args[:cooldown] || "60"
 estimated = args[:estimated] || ""
-metric = _valid_values(args[:metric], %w( Minimum Maximum Average ), "Average")
+metric = _valid_values(_autoscaling_to_metric(args[:metric]), %w( Minimum Maximum Average ), "Average")
 min = args[:min] || ""
-policy = _valid_values(args[:policy], %w( SimpleScaling StepScaling ), "SimpleScaling")
+policy = _valid_values(_autoscaling_to_policy(args[:policy]), %w( SimpleScaling StepScaling ), "SimpleScaling")
 scaling = args[:scaling] || 1
-step = args[:step] || [].collect{|v| _autoscaling_step(v) }
+steps = (args[:steps] || []).collect{|v| _autoscaling_step(v) }
 
 _(name) do
   Type "AWS::AutoScaling::ScalingPolicy"
   Properties do
     AdjustmentType adjustment
     AutoScalingGroupName autoscaling
-    Cooldown cooldown unless cooldown == -1
+    Cooldown cooldown unless policy == "StepScaling"
     EstimatedInstanceWarmup estimated unless estimated.empty?
     MetricAggregationType metric unless policy == "SimpleScaling"
-    MinAdjustmentMagnitude min unless min.empty?
+    MinAdjustmentMagnitude min if policy == "PercentChangeInCapacity"
     PolicyType policy
-    ScalingAdjustment scaling
-    StepAdjustments step unless step.empty?
+    ScalingAdjustment scaling if policy == "SimpleScaling"
+    StepAdjustments steps unless steps.empty?
   end
 end

data/template/cloudwatch-alarm.rb

@@ -18,7 +18,7 @@ metric = args[:metric]
 namespace = args[:namespace]
 ok_actions = args[:ok_actions] || []
 period = args[:period] || 60
-statistic = _valid_values(args[:statistic],
+statistic = _valid_values(_cloudwatch_to_statistic(args[:statistic]),
                           %w(SampleCount Average Sum Minimum Maximum), "Average")
 threshold = args[:threshold] || 60
 unit = _valid_values(args[:unit], %w(Seconds Microseconds Milliseconds Bytes Kilobytes Megabytes Gigabytes Terabytes Bits Kilobits Megabits Gigabits Terabits Percent Count Bytes/Second Kilobytes/Second Megabytes/Second Gigabytes/Second Terabytes/Second Bits/Second Kilobits/Second Megabits/Second Gigabits/Second Terabits/Second Count/Second None), "")

data/template/ec2-network-acl-entry.rb

@@ -21,7 +21,10 @@ _(name) do
   Properties do
     CidrBlock cidr
     Egress egress
-    Icmp icmp if protocol == 1
+    Icmp _{
+      Code -1
+      Type -1
+    } if protocol == 1
     NetworkAclId network_acl
     PortRange port_range if protocol == -1 or protocol == 6 or protocol == 17
     Protocol protocol

data/template/elb-loadbalancer.rb

@@ -11,7 +11,7 @@ app_cookie = _elb_app_cookie_stickiness_policy(args)
 azs = _availability_zones(args, false)
 connection_draining = _elb_connection_draining_policy(args)
 connection_setting = _elb_connection_settings(args)
-cross = _bool("cross", args, false)
+cross = _bool("cross", args, true)
 health = _elb_health_check(args)
 instances = _ref_array("instances", args, "instance")
 cookie = _elb_cookie_stickiness_policy(args)

data/template/iam-group.rb

@@ -6,14 +6,19 @@ require 'kumogata/template/helper'
 require 'kumogata/template/iam'
 
 name = _resource_name(args[:name], "group")
-manaegd_policy_arns = args[:managed_policy_arns] || []
+managed_policies =
+  if args.key? :managed_policies
+    _iam_managed_policies(args)
+  else
+    []
+  end
 path = args[:path] || "/"
 policies = _iam_policies("policies", args)
 
 _(name) do
   Type "AWS::IAM::Group"
   Properties do
-    ManagedPolicyArns manaegd_policy_arns unless manaegd_policy_arns.empty?
+    ManagedPolicyArns managed_policies unless managed_policies.empty?
     Path path
     Policies policies unless policies.empty?
   end

data/template/iam-role.rb

@@ -6,7 +6,7 @@ require 'kumogata/template/helper'
 require 'kumogata/template/iam'
 
 name = _resource_name(args[:name], "role")
-service = args[:service] || "ec2"
+policy = _iam_assume_role_policy_document(args)
 path = args[:path] || "/"
 
 _(name) do
@@ -14,7 +14,7 @@ _(name) do
   Properties do
     AssumeRolePolicyDocument do
       Version "2012-10-17"
-      Statement _iam_assume_role_policy_document(service)
+      Statement policy
     end
     Path path
   end

data/template/iam-user.rb

@@ -7,8 +7,18 @@ require 'kumogata/template/iam'
 
 name = _resource_name(args[:name], "user")
 group = _ref_array("group", args)
-login_profile = args[:login_profile] || ""
-manaegd_policy_arns = args[:managed_policy_arns] || []
+login_profile =
+  if args.key? :login_profile
+    _iam_login_profile(args[:login_profile])
+  else
+    []
+  end
+managed_policies =
+  if args.key? :managed_policies
+    _iam_managed_policies(args)
+  else
+    []
+  end
 path = args[:path] || "/"
 policies = _iam_policies("policies", args)
 
@@ -17,7 +27,7 @@ _(name) do
   Properties do
     Group group unless group.empty?
     LoginProfile login_profile unless login_profile.empty?
-    ManagedPolicyArns manaegd_policy_arns unless manaegd_policy_arns.empty?
+    ManagedPolicyArns managed_policies unless managed_policies.empty?
     Path path
     Policies policies unless policies.empty?
   end

data/template/output-s3.rb

@@ -4,5 +4,5 @@
 
 bucket = "#{args[:name]} bucket"
 
-_output "#{bucket} s3 domain name", ref_value: [ bucket, "DomainName" ] if args.key? :domain
+_output "#{bucket} s3 domain name", ref_value: [ bucket, "DomainName" ]
 _output "#{bucket} s3 web site url", ref_value: [ bucket, "WebsiteURL" ]

data/template/rds-db-instance.rb

@@ -40,6 +40,7 @@ maintenance = _maintenance_window("rds", args[:maintenance] || DEFAULT_MAINTENAN
 publicly = _bool("publicly", args, false)
 source_db = _ref_string("source_db", args, "db source db")
 storage_encrypted = _bool("encrypted", args, false)
+storage_type = _valid_values(args[:storage_type], %w( standard gp2 io1 ), "gp2")
 tags = _tags(args)
 security_groups = _ref_array("security_groups", args, "security group")
 
@@ -75,7 +76,7 @@ _(name) do
     PubliclyAccessible publicly
     SourceDBInstanceIdentifier source_db unless source_db.empty?
     StorageEncrypted storage_encrypted if storage_encrypted == true
-    #StorageType
+    StorageType storage_type
     Tags tags
     VPCSecurityGroups security_groups unless security_groups.empty?
   end

data/template/s3-bucket-policy.rb

@@ -6,12 +6,12 @@ require 'kumogata/template/helper'
 require 'kumogata/template/iam'
 
 name = _resource_name(args[:name], "bucket policy")
-bucket = _ref_name("bucket", args)
+bucket = _ref_string("bucket", args, "bucket")
 
 _(name) do
   Type "AWS::S3::BucketPolicy"
   Properties do
-    BucketName bucket
+    Bucket bucket
     PolicyDocument do
       Version "2012-10-17"
       Statement _iam_policy_document("policy_document", args)

data/template/s3-bucket.rb

@@ -6,11 +6,7 @@ require 'kumogata/template/helper'
 require 'kumogata/template/s3'
 
 name = _resource_name(args[:name], "bucket")
-access = _valid_values(args[:access],
-                       %w( AuthenticatedRead AwsExecRead BucketOwnerRead
-                           BucketOwnerFullControl LogDeliveryWrite
-                           Private PublicRead PublicReadWrite ),
-                       "Private")
+access = _s3_to_access(args[:access])
 access = "PublicRead" if args.key? :website
 bucket = _ref_name("bucket", args)
 cors = _s3_cors(args)

data/test/autoscaling_test.rb

@@ -51,12 +51,14 @@ Test _autoscaling_notification(topic_arn: "test")
 
   def test_autoscaling_step
     template = <<-EOS
-Test _autoscaling_step(scaling: 10)
+Test _autoscaling_step(scaling: 10, lower: 0, upper: 20)
     EOS
     act_template = run_client_as_json(template)
     exp_template = <<-EOS
 {
   "Test": {
+    "MetricIntervalLowerBound": "0",
+    "MetricIntervalUpperBound": "20",
     "ScalingAdjustment": "10"
   }
 }

data/test/ec2_test.rb

@@ -279,6 +279,103 @@ Test _ec2_port_range({})
     "From": "0",
     "To": "65535"
   }
+}
+    EOS
+    assert_equal exp_template.chomp, act_template
+  end
+
+  def test_ec2_spot_fleet_request
+    template = <<-EOS
+Test _ec2_spot_fleet_request({ iam: "test", launches: [] })
+    EOS
+    act_template = run_client_as_json(template)
+    exp_template = <<-EOS
+{
+  "Test": {
+    "AllocationStrategy": "lowestPrice",
+    "IamFleetRole": "test",
+    "LaunchSpecifications": [
+
+    ],
+    "SpotPrice": "0.0",
+    "TargetCapacity": "1",
+    "TerminateInstancesWithExpiration": "false"
+  }
+}
+    EOS
+    assert_equal exp_template.chomp, act_template
+
+    template = <<-EOS
+Test _ec2_spot_fleet_request({ iam: "test", launches: [ { image_id: "test", instance_type: "test" } ] })
+    EOS
+    act_template = run_client_as_json(template)
+    exp_template = <<-EOS
+{
+  "Test": {
+    "AllocationStrategy": "lowestPrice",
+    "IamFleetRole": "test",
+    "LaunchSpecifications": [
+      {
+        "EbsOptimized": "false",
+        "ImageId": "test",
+        "InstanceType": "test",
+        "Monitoring": {
+          "Enabled": "false"
+        }
+      }
+    ],
+    "SpotPrice": "0.0",
+    "TargetCapacity": "1",
+    "TerminateInstancesWithExpiration": "false"
+  }
+}
+    EOS
+    assert_equal exp_template.chomp, act_template
+  end
+
+  def test_ec2_spot_fleet_launches
+    template = <<-EOS
+Test _ec2_spot_fleet_launches({ block_devices: [ { ref_size: "test" } ], iam: "test", image_id: "test", ref_instance_type: "test", ref_key_name: "test", network_interfaces: [ { ref_subnet_id: "test" } ] } )
+    EOS
+    act_template = run_client_as_json(template)
+    exp_template = <<-EOS
+{
+  "Test": {
+    "BlockDeviceMappings": [
+      {
+        "DeviceName": "/dev/sda1",
+        "Ebs": {
+          "DeleteOnTermination": "true",
+          "VolumeSize": {
+            "Ref": "TestVolumeSize"
+          },
+          "VolumeType": "gp2"
+        }
+      }
+    ],
+    "EbsOptimized": "false",
+    "IamInstanceProfile": {
+      "Arn": "test"
+    },
+    "ImageId": "test",
+    "InstanceType": {
+      "Ref": "TestInstanceType"
+    },
+    "KeyName": {
+      "Ref": "TestKeyName"
+    },
+    "Monitoring": {
+      "Enabled": "false"
+    },
+    "NetworkInterfaces": [
+      {
+        "AssociatePublicIpAddress": "true",
+        "DeleteOnTermination": "true",
+        "DeviceIndex": "0",
+        "SubnetId": ""
+      }
+    ]
+  }
 }
     EOS
     assert_equal exp_template.chomp, act_template

data/test/emr_test.rb

@@ -42,14 +42,35 @@ Test _emr_bootstraps(bootstraps: [ { name: "test", script_path: "test" } ])
 
   def test_emr_configurations
     template = <<-EOS
-Test _emr_configurations(configurations: [ { classification: "test" } ])
+configuration = {
+  classification: "test",
+  properties: {},
+  configurations: [
+    classification: "export",
+    properties: { JAVA_HOME: "/usr/java/default" },
+  ],
+}
+Test _emr_configurations(configurations: [ configuration ] )
     EOS
     act_template = run_client_as_json(template)
     exp_template = <<-EOS
 {
   "Test": [
     {
-      "Classification": "test"
+      "Classification": "test",
+      "ConfigurationProperties": {
+      },
+      "Configurations": [
+        {
+          "Classification": "export",
+          "ConfigurationProperties": {
+            "JAVA_HOME": "/usr/java/default"
+          },
+          "Configurations": [
+
+          ]
+        }
+      ]
     }
   ]
 }

data/test/helper_test.rb

@@ -520,7 +520,7 @@ Test _availability_zones({})
   end
 
   def test_timestamp_utc
-    assert_equal _timestamp_utc(2016, 4, 1), "2016-03-31T15:00:00Z"
+    assert_equal _timestamp_utc(Time.local(2016, 4, 1)), "2016-03-31T15:00:00Z"
   end
 
   def test_timestamp_utc_from_string

data/test/iam_test.rb

@@ -55,7 +55,7 @@ PolicyDocument _iam_policy_document "test", test: [ { service: "s3" } ]
 
   def test_iam_assume_role_policy_document
     template = <<-EOS
-Statement _iam_assume_role_policy_document("ec2")
+Statement _iam_assume_role_policy_document({ service: "ec2" })
     EOS
     act_template = run_client_as_json(template)
     exp_template = <<-EOS
@@ -86,6 +86,65 @@ arn _iam_arn("s3", "test")
     exp_template = <<-EOS
 {
   "arn": "arn:aws:s3:::test"
+}
+  EOS
+    assert_equal exp_template.chomp, act_template
+  end
+
+  def test_iam_s3_bucket_policy
+    template = <<-EOS
+arn _iam_s3_bucket_policy("us_east1", "test", "test", 1234)
+    EOS
+    act_template = run_client_as_json(template)
+    exp_template = <<-EOS
+{
+  "arn": [
+    {
+      "service": "s3",
+      "action": [
+        "PutObject"
+      ],
+      "principal": {
+        "AWS": [
+          null
+        ]
+      },
+      "resource": [
+        "test/test/AWSLogs/1234/*"
+      ]
+    }
+  ]
+}
+  EOS
+    assert_equal exp_template.chomp, act_template
+  end
+
+  def test_iam_login_profile
+    template = <<-EOS
+profile _iam_login_profile(password: "test")
+    EOS
+    act_template = run_client_as_json(template)
+    exp_template = <<-EOS
+{
+  "profile": {
+    "Password": "test",
+    "PasswordResetRequired": "true"
+  }
+}
+  EOS
+    assert_equal exp_template.chomp, act_template
+  end
+
+  def test_iam_managed_policies
+    template = <<-EOS
+managed _iam_managed_policies(managed_policies: %w( admin ))
+    EOS
+    act_template = run_client_as_json(template)
+    exp_template = <<-EOS
+{
+  "managed": [
+    "arn:aws:iam::aws:policy/AdministratorAccess"
+  ]
 }
   EOS
     assert_equal exp_template.chomp, act_template

data/test/template/autoscaling-scaling-policy_test.rb

@@ -15,6 +15,7 @@ _autoscaling_scaling_policy "test", ref_autoscaling: "test"
       "AutoScalingGroupName": {
         "Ref": "TestAutoscalingGroup"
       },
+      "Cooldown": "60",
       "PolicyType": "SimpleScaling",
       "ScalingAdjustment": "1"
     }

data/test/template/cloudwatch-alarm_test.rb

@@ -16,7 +16,7 @@ _cloudwatch_alarm "test", actions: "test", alarm_name: "test", namespace: "test"
         "test"
       ],
       "AlarmName": "test",
-      "ComparisonOperator": "LessThanOrEqualToThreshold",
+      "ComparisonOperator": "LessThanThreshold",
       "Dimensions": [
         {
           "Name": "test",

data/test/template/elb-loadbalancer_test.rb

@@ -23,7 +23,7 @@ _elb_loadbalancer "test", ref_security_groups: [ "test" ], listeners: [ protocol
       "ConnectionSettings": {
         "IdleTimeout": "60"
       },
-      "CrossZone": "false",
+      "CrossZone": "true",
       "HealthCheck": {
         "HealthyThreshold": "10",
         "Interval": "30",

data/test/template/output-s3_test.rb

@@ -2,25 +2,6 @@ require 'abstract_unit'
 
 class OutputS3Test < Minitest::Test
   def test_normal
-    template = <<-EOS
-_output_s3 "test"
-    EOS
-    act_template = run_client_as_json(template)
-    exp_template = <<-EOS
-{
-  "TestBucketS3WebSiteUrl": {
-    "Description": "description of TestBucketS3WebSiteUrl",
-    "Value": {
-      "Fn::GetAtt": [
-        "TestBucket",
-        "WebsiteURL"
-      ]
-    }
-  }
-}
-    EOS
-    assert_equal exp_template.chomp, act_template
-
     template = <<-EOS
 _output_s3 "test", domain: true
     EOS

data/test/template/rds-db-instance_test.rb

@@ -51,6 +51,7 @@ _rds_db_instance "test", ref_db_name: "test", ref_port: "test", ref_subnet_group
       "PreferredBackupWindow": "21:30-22:00",
       "PreferredMaintenanceWindow": "Thu:20:30-Thu:21:00",
       "PubliclyAccessible": "false",
+      "StorageType": "gp2",
       "Tags": [
         {
           "Key": "Name",

data/test/template/s3-bucket-policy_test.rb

@@ -4,7 +4,7 @@ class S3BucketPolicyTest < Minitest::Test
   def test_normal
     template = <<-EOS
 policy = {}
-_s3_bucket_policy "test", policy_document: policy
+_s3_bucket_policy "test", bucket: "test", policy_document: policy
     EOS
     act_template = run_client_as_json(template)
     exp_template = <<-EOS
@@ -12,19 +12,7 @@ _s3_bucket_policy "test", policy_document: policy
   "TestBucketPolicy": {
     "Type": "AWS::S3::BucketPolicy",
     "Properties": {
-      "BucketName": {
-        "Fn::Join": [
-          "-",
-          [
-            {
-              "Ref": "Service"
-            },
-            {
-              "Ref": "Name"
-            }
-          ]
-        ]
-      },
+      "Bucket": "test",
       "PolicyDocument": {
         "Version": "2012-10-17",
         "Statement": [

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kumogata-template
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
 platform: ruby
 authors:
 - Naoya Nakazawa
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-05-26 00:00:00.000000000 Z
+date: 2016-07-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk