kumogata-template 0.0.35 → 0.0.36
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.travis.yml +4 -2
- data/Gemfile +1 -1
- data/Rakefile +1 -1
- data/kumogata-template.gemspec +4 -4
- data/lib/kumogata/template/alb.rb +48 -34
- data/lib/kumogata/template/api-gateway.rb +262 -0
- data/lib/kumogata/template/autoscaling.rb +17 -44
- data/lib/kumogata/template/certificate.rb +11 -8
- data/lib/kumogata/template/cloudfront.rb +67 -60
- data/lib/kumogata/template/cloudwatch.rb +7 -12
- data/lib/kumogata/template/codebuild.rb +4 -8
- data/lib/kumogata/template/codecommit.rb +2 -6
- data/lib/kumogata/template/codedeploy.rb +15 -0
- data/lib/kumogata/template/cognito.rb +203 -0
- data/lib/kumogata/template/const.rb +109 -47
- data/lib/kumogata/template/datapipeline.rb +16 -47
- data/lib/kumogata/template/dynamodb.rb +17 -8
- data/lib/kumogata/template/ec2.rb +61 -10
- data/lib/kumogata/template/ecr.rb +11 -9
- data/lib/kumogata/template/ecs.rb +256 -91
- data/lib/kumogata/template/elasticbeanstalk.rb +6 -9
- data/lib/kumogata/template/elb.rb +9 -24
- data/lib/kumogata/template/emr.rb +184 -51
- data/lib/kumogata/template/events.rb +22 -10
- data/lib/kumogata/template/ext/kumogata.rb +7 -7
- data/lib/kumogata/template/helper.rb +189 -130
- data/lib/kumogata/template/iam.rb +556 -146
- data/lib/kumogata/template/kinesis.rb +282 -0
- data/lib/kumogata/template/lambda.rb +43 -2
- data/lib/kumogata/template/logs.rb +2 -6
- data/lib/kumogata/template/nlb.rb +10 -0
- data/lib/kumogata/template/pinpoint.rb +83 -0
- data/lib/kumogata/template/rds.rb +52 -0
- data/lib/kumogata/template/redshift.rb +15 -6
- data/lib/kumogata/template/role.rb +425 -0
- data/lib/kumogata/template/s3.rb +120 -80
- data/lib/kumogata/template/sns.rb +2 -6
- data/lib/kumogata/template/version.rb +1 -1
- data/lib/kumogata/template.rb +9 -1
- data/template/_template.rb +2 -2
- data/template/alb-load-balancer.rb +5 -4
- data/template/alb-target-group.rb +8 -9
- data/template/api-gateway-account.rb +15 -0
- data/template/api-gateway-api-key.rb +22 -0
- data/template/api-gateway-authorizer.rb +38 -0
- data/template/api-gateway-base-path-mapping.rb +23 -0
- data/template/api-gateway-client-certificate.rb +16 -0
- data/template/api-gateway-deployment.rb +24 -0
- data/template/api-gateway-domain-name.rb +17 -0
- data/template/api-gateway-method.rb +71 -0
- data/template/api-gateway-model.rb +23 -0
- data/template/api-gateway-resource.rb +32 -0
- data/template/api-gateway-rest-api.rb +29 -0
- data/template/api-gateway-stage.rb +33 -0
- data/template/api-gateway-usage-plan-key.rb +19 -0
- data/template/api-gateway-usage-plan.rb +24 -0
- data/template/autoscaling-group.rb +2 -2
- data/template/autoscaling-launch-configuration.rb +7 -4
- data/template/autoscaling-scheduled-action.rb +0 -1
- data/template/certificate.rb +2 -2
- data/template/cloudfront-distribution.rb +4 -0
- data/template/cloudfront-origin-access-identity.rb +19 -0
- data/template/cloudtrail.rb +6 -4
- data/template/cloudwatch-alarm.rb +9 -3
- data/template/codebuild-project.rb +3 -3
- data/template/codecommit-repository.rb +2 -2
- data/template/codedeploy-application.rb +1 -1
- data/template/codedeploy-deployment-config.rb +1 -1
- data/template/codedeploy-deployment-group.rb +2 -0
- data/template/cognito-identity-pool.rb +34 -0
- data/template/cognito-identity-role-attachment.rb +22 -0
- data/template/cognito-user-pool-client.rb +28 -0
- data/template/cognito-user-pool-group.rb +24 -0
- data/template/cognito-user-pool-user-to-group-attachment.rb +20 -0
- data/template/cognito-user-pool-user.rb +28 -0
- data/template/cognito-user-pool.rb +45 -0
- data/template/datapipeline-pipeline.rb +4 -4
- data/template/dynamodb-table.rb +5 -1
- data/template/ec2-eip-association.rb +1 -1
- data/template/ec2-instance.rb +4 -1
- data/template/ec2-nat-gateway.rb +4 -0
- data/template/ec2-route.rb +4 -0
- data/template/ec2-security-group-ingress.rb +1 -1
- data/template/ec2-security-group.rb +2 -2
- data/template/ec2-subnet.rb +8 -4
- data/template/ec2-volume.rb +1 -2
- data/template/ec2-vpc-cidr-block.rb +4 -2
- data/template/ec2-vpc-endpoint.rb +5 -2
- data/template/ecr-repository.rb +2 -2
- data/template/ecs-cluster.rb +1 -1
- data/template/ecs-service.rb +19 -7
- data/template/ecs-task-definition.rb +4 -4
- data/template/elasticache-cache-cluster.rb +1 -1
- data/template/elasticache-parameter-group.rb +1 -1
- data/template/elasticache-replication-group.rb +1 -1
- data/template/elasticache-subnet-group.rb +1 -1
- data/template/elasticbeanstalk-application-version.rb +1 -1
- data/template/elasticbeanstalk-application.rb +1 -1
- data/template/elasticbeanstalk-configuration-template.rb +1 -1
- data/template/elasticbeanstalk-environment.rb +1 -1
- data/template/elb-load-balancer.rb +2 -2
- data/template/emr-cluster.rb +3 -3
- data/template/emr-instance-group-config.rb +4 -2
- data/template/emr-security-configuration.rb +17 -0
- data/template/emr-step.rb +2 -2
- data/template/events-rule.rb +8 -8
- data/template/iam-group.rb +2 -2
- data/template/iam-instance-profile.rb +2 -2
- data/template/iam-managed-policy.rb +1 -1
- data/template/iam-policy.rb +1 -1
- data/template/iam-role.rb +17 -2
- data/template/iam-user.rb +4 -4
- data/template/kinesis-firehose-delivery-stream.rb +36 -0
- data/template/kinesis-stream.rb +21 -0
- data/template/kms-alias.rb +2 -2
- data/template/kms-key.rb +1 -1
- data/template/lambda-alias.rb +2 -2
- data/template/lambda-event-source-mapping.rb +4 -4
- data/template/lambda-function.rb +17 -17
- data/template/lambda-permission.rb +31 -10
- data/template/lambda-version.rb +4 -2
- data/template/logs-destination.rb +1 -1
- data/template/logs-log-group.rb +1 -1
- data/template/logs-log-stream.rb +4 -2
- data/template/logs-metric-filter.rb +1 -1
- data/template/logs-subscription_filter.rb +1 -1
- data/template/mappings-ec2.rb +114 -52
- data/template/output-arn.rb +12 -4
- data/template/output-certificate.rb +11 -0
- data/template/output-distribution.rb +11 -0
- data/template/output-domain-name.rb +11 -0
- data/template/output-ecr-repository.rb +16 -0
- data/template/output-eip.rb +11 -0
- data/template/output-lambda-function.rb +6 -0
- data/template/output-name.rb +7 -2
- data/template/output-origin-access-identity.rb +13 -0
- data/template/output-rds-cluster.rb +17 -0
- data/template/{output-rds.rb → output-rds-instance.rb} +1 -1
- data/template/output-redshift.rb +11 -0
- data/template/output-rest-api.rb +11 -0
- data/template/output-s3.rb +3 -0
- data/template/output-stage.rb +19 -0
- data/template/output-subnet.rb +6 -3
- data/template/output-trail.rb +14 -0
- data/template/output-user-pool-client.rb +14 -0
- data/template/output-user-pool.rb +17 -0
- data/template/output-vpc.rb +13 -3
- data/template/output.rb +3 -2
- data/template/parameter-ec2.rb +10 -4
- data/template/parameter-elasticache.rb +1 -1
- data/template/parameter-rds.rb +51 -4
- data/template/parameter-redshift.rb +31 -1
- data/template/parameter.rb +87 -7
- data/template/rds-db-cluster-parameter-group.rb +18 -4
- data/template/rds-db-cluster.rb +19 -7
- data/template/rds-db-instance.rb +55 -131
- data/template/rds-db-parameter-group.rb +29 -3
- data/template/rds-db-subnet-group.rb +1 -1
- data/template/rds-event-subscription.rb +2 -4
- data/template/rds-option-group.rb +28 -5
- data/template/redshift-cluster-parameter-group.rb +3 -1
- data/template/redshift-cluster-security-group.rb +17 -0
- data/template/redshift-cluster-subnet-group.rb +3 -1
- data/template/redshift-cluster.rb +15 -12
- data/template/s3-bucket.rb +10 -5
- data/template/sns-topic.rb +2 -2
- data/template/sqs-queue.rb +1 -1
- data/test/abstract_unit.rb +2 -9
- data/test/cloudfront_test.rb +57 -28
- data/test/codedeploy_test.rb +21 -0
- data/test/datapipeline_test.rb +0 -22
- data/test/ec2_test.rb +12 -52
- data/test/ecs_test.rb +30 -26
- data/test/emr_test.rb +101 -20
- data/test/events_test.rb +47 -0
- data/test/helper_test.rb +251 -281
- data/test/iam_test.rb +572 -57
- data/test/lambda_test.rb +1 -1
- data/test/s3_test.rb +49 -14
- data/test/template/alb-load-balancer_test.rb +4 -5
- data/test/template/alb-target-group_test.rb +1 -3
- data/test/template/api-gateway-account_test.rb +26 -0
- data/test/template/api-gateway-api-key_test.rb +33 -0
- data/test/template/api-gateway-authorizer_test.rb +62 -0
- data/test/template/api-gateway-base-path-mapping_test.rb +27 -0
- data/test/template/api-gateway-client-certificate_test.rb +21 -0
- data/test/template/api-gateway-deployment_test.rb +27 -0
- data/test/template/api-gateway-domain-name_test.rb +26 -0
- data/test/template/api-gateway-method_test.rb +29 -0
- data/test/template/api-gateway-model_test.rb +37 -0
- data/test/template/api-gateway-resource_test.rb +82 -0
- data/test/template/api-gateway-rest-api_test.rb +33 -0
- data/test/template/api-gateway-stage_test.rb +39 -0
- data/test/template/api-gateway-usage-plan-key_test.rb +25 -0
- data/test/template/api-gateway-usage-plan_test.rb +42 -0
- data/test/template/cloudfront-distribution_test.rb +41 -3
- data/test/template/cloudtrail_test.rb +13 -5
- data/test/template/cloudwatch-alarm_test.rb +14 -2
- data/test/template/codebuild-project_test.rb +2 -11
- data/test/template/codecommit-repository_test.rb +12 -1
- data/test/template/cognito-identity-pool_test.rb +32 -0
- data/test/template/cognito-identity-role-attachment_test.rb +38 -0
- data/test/template/cognito-user-pool-client_test.rb +36 -0
- data/test/template/cognito-user-pool-group_test.rb +36 -0
- data/test/template/cognito-user-pool-user-to-group-attachment_test.rb +29 -0
- data/test/template/cognito-user-pool-user_test.rb +38 -0
- data/test/template/cognito-user-pool_test.rb +99 -0
- data/test/template/datapipeline-pipeline_test.rb +45 -6
- data/test/template/dynamodb-table_test.rb +19 -1
- data/test/template/ec2-instance_test.rb +9 -1
- data/test/template/ec2-nat-gateway_test.rb +29 -1
- data/test/template/ec2-security-group-egress_test.rb +1 -0
- data/test/template/ec2-security-group-ingress_test.rb +1 -0
- data/test/template/ec2-security-group_test.rb +11 -1
- data/test/template/ec2-spot-fleet_test.rb +1 -1
- data/test/template/ec2-subnet_test.rb +62 -1
- data/test/template/ec2-vpc-cidr-block_test.rb +1 -1
- data/test/template/ec2-vpc-endpoint_test.rb +56 -0
- data/test/template/ecr-repository_test.rb +63 -11
- data/test/template/ecs-service_test.rb +13 -2
- data/test/template/ecs-task-definition_test.rb +86 -13
- data/test/template/elasticache-cache-cluster_test.rb +4 -6
- data/test/template/elasticache-replication-group_test.rb +1 -1
- data/test/template/elasticbeanstalk-application-version_test.rb +1 -0
- data/test/template/elasticbeanstalk-application_test.rb +2 -1
- data/test/template/elasticbeanstalk-configuration-template_test.rb +2 -1
- data/test/template/elasticbeanstalk-template_test.rb +1 -0
- data/test/template/elb-load-balancer_test.rb +1 -3
- data/test/template/emr-cluster_test.rb +2 -14
- data/test/template/emr-instance-group-config_test.rb +2 -4
- data/test/template/emr-security-configuration_test.rb +34 -0
- data/test/template/emr-step_test.rb +2 -6
- data/test/template/events-rule_test.rb +3 -3
- data/test/template/iam-group_test.rb +11 -1
- data/test/template/iam-instance-profile_test.rb +11 -1
- data/test/template/iam-managed-policy_test.rb +1 -0
- data/test/template/iam-policy_test.rb +1 -3
- data/test/template/iam-role_test.rb +12 -2
- data/test/template/iam-user_test.rb +11 -17
- data/test/template/kinesis-firehorse-delivery-stream_test.rb +68 -0
- data/test/template/kinesis-stream_test.rb +61 -0
- data/test/template/kms-key_test.rb +1 -0
- data/test/template/lambda-alias_test.rb +2 -3
- data/test/template/lambda-event-source-mapping_test.rb +1 -1
- data/test/template/lambda-function_test.rb +20 -32
- data/test/template/lambda-permission_test.rb +7 -4
- data/test/template/lambda-version_test.rb +5 -2
- data/test/template/logs-log-group_test.rb +1 -3
- data/test/template/logs-log-stream_test.rb +2 -6
- data/test/template/logs-metric-filter_test.rb +1 -3
- data/test/template/logs-subscription-filter_test.rb +1 -3
- data/test/template/mappings-ec2_test.rb +10 -3
- data/test/template/output-domain-name_test.rb +30 -0
- data/test/template/output-name_test.rb +9 -0
- data/test/template/{output-rds_test.rb → output-rds-instance_test.rb} +2 -2
- data/test/template/output-rest-api_test.rb +30 -0
- data/test/template/output-s3_test.rb +9 -0
- data/test/template/output-stage_test.rb +43 -0
- data/test/template/output-user-pool-client_test.rb +39 -0
- data/test/template/output-user-pool_test.rb +48 -0
- data/test/template/output_test.rb +3 -1
- data/test/template/parameter-ec2_test.rb +22 -24
- data/test/template/parameter-elasticache_test.rb +2 -1
- data/test/template/parameter-rds_test.rb +32 -3
- data/test/template/parameter-redshift_test.rb +31 -2
- data/test/template/parameter_test.rb +37 -4
- data/test/template/rds-db-cluster-parameter-group_test.rb +1 -1
- data/test/template/rds-db-cluster_test.rb +4 -20
- data/test/template/rds-db-instance_test.rb +3 -373
- data/test/template/rds-db-parameter-group_test.rb +1 -1
- data/test/template/rds-option-group_test.rb +2 -2
- data/test/template/redshift-cluster-parameter-group_test.rb +28 -0
- data/test/template/redshift-cluster-security-group_test.rb +49 -0
- data/test/template/redshift-cluster-subnet-group_test.rb +28 -0
- data/test/template/redshift-cluster_test.rb +33 -5
- data/test/template/s3-bucket_test.rb +6 -20
- metadata +130 -22
|
@@ -2,22 +2,26 @@
|
|
|
2
2
|
# AWS Constants
|
|
3
3
|
#
|
|
4
4
|
|
|
5
|
+
DOMAIN = 'amazonaws.com'
|
|
6
|
+
|
|
5
7
|
# http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions
|
|
6
8
|
AWS_REGION = {
|
|
7
|
-
virginia:
|
|
8
|
-
ohio:
|
|
9
|
-
california:
|
|
10
|
-
oregon:
|
|
11
|
-
canada:
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
london:
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
9
|
+
virginia: "us-east-1",
|
|
10
|
+
ohio: "us-east-2",
|
|
11
|
+
california: "us-west-1",
|
|
12
|
+
oregon: "us-west-2",
|
|
13
|
+
canada: "ca-central-1",
|
|
14
|
+
frankfurt: "eu-central-1",
|
|
15
|
+
ireland: "eu-west-1",
|
|
16
|
+
london: "eu-west-2",
|
|
17
|
+
paris: "eu-west-3",
|
|
18
|
+
tokyo: "ap-northeast-1",
|
|
19
|
+
seoul: "ap-northeast-2",
|
|
20
|
+
osaka_local: "ap-northeast-3",
|
|
21
|
+
singapore: "ap-southeast-1",
|
|
22
|
+
sydney: "ap-southeast-2",
|
|
23
|
+
mumbai: "ap-south-1",
|
|
24
|
+
saopaulo: "sa-east-1",
|
|
21
25
|
}
|
|
22
26
|
|
|
23
27
|
PORT = {
|
|
@@ -27,8 +31,9 @@ PORT = {
|
|
|
27
31
|
memcached: 11211,
|
|
28
32
|
mysql: 3306,
|
|
29
33
|
mariadb: 3306,
|
|
30
|
-
aurora: 3306,
|
|
34
|
+
"aurora-mysql": 3306,
|
|
31
35
|
postgres: 5432,
|
|
36
|
+
"aurora-postgres": 5432,
|
|
32
37
|
redis: 6379,
|
|
33
38
|
redshift: 5439,
|
|
34
39
|
}
|
|
@@ -47,7 +52,7 @@ DEFAULT_SNAPSHOT_TIME = {
|
|
|
47
52
|
|
|
48
53
|
EC2_DEFAULT_IMAGE = "amazon linux official"
|
|
49
54
|
|
|
50
|
-
# https://aws.amazon.com/ec2/
|
|
55
|
+
# https://aws.amazon.com/ec2/instance-types/
|
|
51
56
|
EC2_INSTANCE_TYPES =
|
|
52
57
|
[
|
|
53
58
|
# Model vCPU CPU(Credits/hour) Mem(GiB) Storage
|
|
@@ -75,6 +80,15 @@ EC2_INSTANCE_TYPES =
|
|
|
75
80
|
# c4.8xlarge 36 60 EBS-Only 4,000
|
|
76
81
|
"c4.large", "c4.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge",
|
|
77
82
|
|
|
83
|
+
# Model vCPU Mem(GiB) Storage EBS(Mbps)
|
|
84
|
+
# c5.large 2 4 EBS-Only Up to 2,250
|
|
85
|
+
# c5.xlarge 4 8 EBS-Only Up to 2,250
|
|
86
|
+
# c5.2xlarge 8 16 EBS-Only Up to 2,250
|
|
87
|
+
# c5.4xlarge 16 32 EBS-Only 2,250
|
|
88
|
+
# c5.9xlarge 36 72 EBS-Only 4,500
|
|
89
|
+
# c5.18xlarge 72 144 EBS-Only 9,000
|
|
90
|
+
'c5.large', 'c5.xlarge', 'c5.2xlarge', 'c5.4xlarge', 'c5.9xlarge', 'c5.18xlarge',
|
|
91
|
+
|
|
78
92
|
# Model vCPU Mem(GiB) SSD Storage(GB)
|
|
79
93
|
# r3.large 2 15.25 1 x 32
|
|
80
94
|
# r3.xlarge 4 30.5 1 x 80
|
|
@@ -83,6 +97,15 @@ EC2_INSTANCE_TYPES =
|
|
|
83
97
|
# r3.8xlarge 32 244 2 x 320
|
|
84
98
|
"r3.large", "r3.xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge",
|
|
85
99
|
|
|
100
|
+
# Model vCPU Mem (GiB) Networking Perf. SSD Storage (GB)
|
|
101
|
+
# r4.large 2 15.25 Up to 10 Gigabit EBS-Only
|
|
102
|
+
# r4.xlarge 4 30.5 Up to 10 Gigabit EBS-Only
|
|
103
|
+
# r4.2xlarge 8 61 Up to 10 Gigabit EBS-Only
|
|
104
|
+
# r4.4xlarge 16 122 Up to 10 Gigabit EBS-Only
|
|
105
|
+
# r4.8xlarge 32 244 10 Gigabit EBS-Only
|
|
106
|
+
# r4.16xlarge 64 488 25 Gigabit EBS-Only
|
|
107
|
+
'r4.large', 'r4.2xlarge', 'r4.4xlarge', 'r4.8xlarge', 'r4.16xlarge',
|
|
108
|
+
|
|
86
109
|
# Model vCPU Mem(GiB) SSD Storage(GB)
|
|
87
110
|
# i2.xlarge 4 30.5 1 x 800
|
|
88
111
|
# i2.2xlarge 8 61 2 x 800
|
|
@@ -94,13 +117,24 @@ EC2_INSTANCE_TYPES =
|
|
|
94
117
|
# x1.16xlarge 64 174.5 1 x 1,920 SSD 10
|
|
95
118
|
# x1.32xlarge 128 1,952 2 x 1,902 SSD 10
|
|
96
119
|
"x1.16xlarge", "x1.32xlarge",
|
|
120
|
+
|
|
121
|
+
# Model vCPU Mem(GiB) Storage(GB) Network(Gbps)
|
|
122
|
+
# x1e.32xlarge 128 3,904 2 x 1,920 14,000
|
|
123
|
+
# x1e.16xlarge 64 1,952 1 x 1,920 7,000
|
|
124
|
+
# x1e.8xlarge 32 976 1 x 960 3,500
|
|
125
|
+
# x1e.4xlarge 16 488 1 x 480 1,750
|
|
126
|
+
# x1e.2xlarge 8 244 1 x 240 1,000
|
|
127
|
+
# x1e.xlarge 4 122 1 x 120 500
|
|
128
|
+
'x1e.32xlarge', 'x1e.16xlarge', 'x1e.8xlarge', 'x1e.4xlarge', 'x1e.2xlarge', 'x1e.xlarge',
|
|
97
129
|
]
|
|
98
130
|
EC2_DEFAULT_INSTANCE_TYPE = "t2.micro"
|
|
99
131
|
|
|
100
132
|
ELASTICACHE_DEFAULT_ENGINE = "redis"
|
|
133
|
+
# aws --region <REGION> elasticache describe-cache-engine-versions \
|
|
134
|
+
# | jq -r '.CacheEngineVersions[] | select(.Engine == "<ENGINE>") | .EngineVersion'
|
|
101
135
|
ELASTICACHE_DEFAULT_ENGINE_VERSION = {
|
|
102
|
-
memcached: "1.4.
|
|
103
|
-
redis: "2.8.
|
|
136
|
+
memcached: "1.4.5",
|
|
137
|
+
redis: "2.8.6",
|
|
104
138
|
}
|
|
105
139
|
# https://aws.amazon.com/elasticache/pricing/
|
|
106
140
|
ELASTICACHE_NODE_TYPES =
|
|
@@ -109,31 +143,34 @@ ELASTICACHE_NODE_TYPES =
|
|
|
109
143
|
# cache.t2.micro 1 0.555 Low to Moderate
|
|
110
144
|
# cache.t2.small 1 1.55 Low to Moderate
|
|
111
145
|
# cache.t2.medium 2 3.22 Low to Moderate
|
|
146
|
+
"cache.t2.micro", "cache.t2.small", "cache.t2.medium",
|
|
147
|
+
|
|
148
|
+
# Cache Node Type vCPU Mem (GiB) Network Performance
|
|
112
149
|
# cache.m3.medium 1 2.78 Moderate
|
|
113
150
|
# cache.m3.large 2 6.05 Moderate
|
|
114
151
|
# cache.m3.xlarge 4 13.3 High
|
|
115
152
|
# cache.m3.2xlarge 8 27.9 High
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
# cache.r3.2xlarge 8 58.2 High
|
|
119
|
-
# cache.r3.4xlarge 16 118 High
|
|
120
|
-
# cache.r3.8xlarge 32 237 10 Gigabit
|
|
153
|
+
"cache.m3.medium", "cache.m3.large", "cache.m3.xlarge", "cache.m3.2xlarge",
|
|
154
|
+
|
|
121
155
|
# cache.m4.large 2 6.42 Moderate
|
|
122
156
|
# cache.m4.xlarge 4 14.28 High
|
|
123
157
|
# cache.m4.2xlarge 8 29.70 High
|
|
124
158
|
# cache.m4.4xlarge 16 60.78 High
|
|
125
159
|
# cache.m4.10xlarge 40 154.64 10 Gigabit
|
|
126
|
-
"cache.
|
|
127
|
-
"cache.
|
|
128
|
-
|
|
160
|
+
"cache.m4.large", "cache.m4.xlarge",
|
|
161
|
+
"cache.m4.2xlarge", "cache.m4.4xlarge", "cache.m4.10xlarge",
|
|
162
|
+
|
|
163
|
+
# cache.r3.large 2 13.5 Moderate
|
|
164
|
+
# cache.r3.xlarge 4 28.4 Moderate
|
|
165
|
+
# cache.r3.2xlarge 8 58.2 High
|
|
166
|
+
# cache.r3.4xlarge 16 118 High
|
|
167
|
+
# cache.r3.8xlarge 32 237 10 Gigabit
|
|
168
|
+
"cache.r3.large", "cache.r3.xlarge",
|
|
129
169
|
"cache.r3.2xlarge", "cache.r3.4xlarge", "cache.r3.8xlarge",
|
|
130
|
-
"cache.m4.large", "cache.m4.xlarge", "cache.m4.2xlarge",
|
|
131
|
-
"cache.m4.4xlarge", "cache.m4.10xlarge",
|
|
132
170
|
]
|
|
133
171
|
ELASTICACHE_DEFAULT_NODE_TYPE = "cache.t2.medium"
|
|
134
172
|
|
|
135
173
|
# https://aws.amazon.com/rds/pricing/
|
|
136
|
-
# http://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html
|
|
137
174
|
RDS_INSTANCE_CLASSES =
|
|
138
175
|
[
|
|
139
176
|
# Instance Class vCPU ECU Memory (GB) EBS Optimized Network Performance
|
|
@@ -142,41 +179,60 @@ RDS_INSTANCE_CLASSES =
|
|
|
142
179
|
# db.m4.2xlarge 8 25.5 32 1000 Mbps High
|
|
143
180
|
# db.m4.4xlarge 16 53.5 64 2000 Mbps High
|
|
144
181
|
# db.m4.10xlarge 40 124.5 160 4000 Mbps 10 GBps
|
|
182
|
+
"db.m4.large", "db.m4.xlarge", "db.m4.2xlarge", "db.m4.4xlarge", "db.m4.10xlarge",
|
|
183
|
+
|
|
184
|
+
# Instance Class vCPU ECU Memory (GB) EBS Optimized Network Performance
|
|
145
185
|
# db.r3.large 2 6.5 15 No Moderate
|
|
146
186
|
# db.r3.xlarge 4 13 30.5 500 Mbps Moderate
|
|
147
187
|
# db.r3.2xlarge 8 26 61 1000 Mbps High
|
|
148
188
|
# db.r3.4xlarge 16 52 122 2000 Mbps High
|
|
149
189
|
# db.r3.8xlarge 32 104 244 No 10 Gbps
|
|
190
|
+
"db.r3.large", "db.r3.xlarge", "db.r3.2xlarge", "db.r3.4xlarge", "db.r3.8xlarge",
|
|
191
|
+
|
|
192
|
+
# Instance Class vCPU ECU Memory (GB) EBS Optimized Network Performance
|
|
150
193
|
# db.t2.micro 1 1 1 No Low
|
|
151
194
|
# db.t2.small 1 1 2 No Low
|
|
152
195
|
# db.t2.medium 2 2 4 No Moderate
|
|
153
196
|
# db.t2.large 2 2 8 No Moderate
|
|
154
|
-
"db.m4.large", "db.m4.xlarge", "db.m4.2xlarge", "db.m4.4xlarge", "db.m4.10xlarge",
|
|
155
|
-
"db.r3.large", "db.r3.xlarge", "db.r3.2xlarge", "db.r3.4xlarge", "db.r3.8xlarge",
|
|
156
197
|
"db.t2.micro", "db.t2.small", "db.t2.medium", "db.t2.large",
|
|
157
198
|
]
|
|
158
199
|
RDS_DEFAULT_INSTANCE_CLASS = "db.t2.medium"
|
|
200
|
+
|
|
201
|
+
RDS_AURORA_INSTANCE_CLASSES =
|
|
202
|
+
[
|
|
203
|
+
"db.t2.small", "db.t2.medium", "db.t2.large",
|
|
204
|
+
"db.r3.large", "db.r3.xlarge", "db.r3.2xlarge", "db.r3.4xlarge", "db.r3.8xlarge",
|
|
205
|
+
]
|
|
206
|
+
RDS_AURORA_DEFAULT_INSTANCE_CLASS = "db.t2.medium"
|
|
207
|
+
|
|
159
208
|
RDS_DEFAULT_ENGINE = "mysql"
|
|
209
|
+
RDS_DEFAULT_CLUSTER_ENGINE = 'aurora-mysql'
|
|
210
|
+
# aws --region <REGION> rds describe-db-engine-versions --query "DBEngineVersions[] | [?Engine == 'mysql'].EngineVersion"
|
|
160
211
|
RDS_DEFAULT_ENGINE_VERSION = {
|
|
161
|
-
mysql: "5.7.17",
|
|
162
|
-
mariadb: "10.1.23",
|
|
163
212
|
aurora: "5.6.10a",
|
|
164
|
-
|
|
213
|
+
"aurora-mysql": "5.7.12",
|
|
214
|
+
"aurora-postgresql": "9.6.3",
|
|
215
|
+
mariadb: "10.1.26",
|
|
216
|
+
mysql: "5.7.19",
|
|
217
|
+
postgres: "9.6.6",
|
|
165
218
|
}
|
|
166
219
|
|
|
167
220
|
# https://aws.amazon.com/redshift/pricing/
|
|
168
221
|
REDSHIFT_NODE_TYPES =
|
|
169
222
|
[
|
|
170
|
-
#
|
|
171
|
-
#
|
|
172
|
-
#
|
|
173
|
-
#
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
#
|
|
177
|
-
|
|
223
|
+
# Dense Compute
|
|
224
|
+
# Node Size vCPU ECU RAM(GiB) Slices Per Node Storage Per Node Node Range Total Capacity
|
|
225
|
+
# dc2.large 2 7 15.25 2 160 GB NVMe-SSD 1–32 5.12 TB
|
|
226
|
+
# dc2.8xlarge 32 99 244 16 2.56 TB NVMe-SSD 2–128 326 TB
|
|
227
|
+
"dc2.large", "dc2.8xlarge",
|
|
228
|
+
|
|
229
|
+
# Dense Storage
|
|
230
|
+
# Node Size vCPU ECU RAM(GiB) Slices Per Node Storage Per Node Node Range Total Capacity
|
|
231
|
+
# ds2.xlarge 4 13 31 2 2 TB HDD 1–32 64 TB
|
|
232
|
+
# ds2.8xlarge 36 119 244 16 16 TB HDD 2–128 2 PB
|
|
233
|
+
"ds2.xlarge", "ds2.8xlarge",
|
|
178
234
|
]
|
|
179
|
-
REDSHIFT_DEFAULT_NODE_TYPE = "
|
|
235
|
+
REDSHIFT_DEFAULT_NODE_TYPE = "dc2.large"
|
|
180
236
|
|
|
181
237
|
# https://aws.amazon.com/elasticmapreduce/pricing/
|
|
182
238
|
EMR_INSTANCE_TYPES =
|
|
@@ -192,14 +248,20 @@ EMR_DEFAULT_RELEASE = "emr-4.6.0"
|
|
|
192
248
|
|
|
193
249
|
ELB_ACCESS_LOG_ACCOUNT_ID = {
|
|
194
250
|
"us-east-1": "127311923021",
|
|
195
|
-
"us-
|
|
251
|
+
"us-east-2": "033677994240",
|
|
196
252
|
"us-west-1": "027434742980",
|
|
197
|
-
"
|
|
253
|
+
"us-west-2": "797873946194",
|
|
254
|
+
"ca-central-1": "985666609251",
|
|
198
255
|
"eu-central-1": "054676820928",
|
|
199
|
-
"
|
|
256
|
+
"eu-west-1": "156460612806",
|
|
257
|
+
"eu-west-2": "652711504416",
|
|
258
|
+
"eu-west-3": "009996457667",
|
|
200
259
|
"ap-northeast-1": "582318560864",
|
|
201
|
-
"ap-southeast-2": "783225319266",
|
|
202
260
|
"ap-northeast-2": "600734575887",
|
|
261
|
+
"ap-northeast-3": "383597477331",
|
|
262
|
+
"ap-southeast-1": "114774131450",
|
|
263
|
+
"ap-southeast-2": "783225319266",
|
|
264
|
+
"ap-south-1": "718504428378",
|
|
203
265
|
"sa-east-1": "507241528517",
|
|
204
266
|
}
|
|
205
267
|
|
|
@@ -4,87 +4,56 @@
|
|
|
4
4
|
require 'kumogata/template/helper'
|
|
5
5
|
|
|
6
6
|
def _datapipeline_parameter_objects(args)
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
array = []
|
|
10
|
-
objects.each do |object|
|
|
11
|
-
object.each do |id, value|
|
|
7
|
+
(args[:parameter_objects] || []).collect do |object|
|
|
8
|
+
object.collect do |id, value|
|
|
12
9
|
attributes = _datapipeline_parameter_objects_attributes(value)
|
|
13
|
-
|
|
10
|
+
|
|
11
|
+
_{
|
|
14
12
|
Attributes attributes
|
|
15
13
|
Id id
|
|
16
14
|
}
|
|
17
15
|
end
|
|
18
|
-
end
|
|
19
|
-
array
|
|
16
|
+
end.flatten
|
|
20
17
|
end
|
|
21
18
|
|
|
22
19
|
def _datapipeline_parameter_objects_attributes(args)
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
array = []
|
|
26
|
-
attributes.each do |key, value|
|
|
27
|
-
array << _{
|
|
20
|
+
(args[:attributes] || {}).collect do |key, value|
|
|
21
|
+
_{
|
|
28
22
|
Key key
|
|
29
23
|
StringValue value
|
|
30
24
|
}
|
|
31
25
|
end
|
|
32
|
-
array
|
|
33
26
|
end
|
|
34
27
|
|
|
35
28
|
def _datapipeline_parameter_values(args)
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
array = []
|
|
39
|
-
values.each do |id, val|
|
|
40
|
-
array << _{
|
|
29
|
+
(args[:parameter_values] || {}).collect do |id, value|
|
|
30
|
+
_{
|
|
41
31
|
Id id
|
|
42
|
-
StringValue
|
|
32
|
+
StringValue value
|
|
43
33
|
}
|
|
44
34
|
end
|
|
45
|
-
array
|
|
46
35
|
end
|
|
47
36
|
|
|
48
37
|
def _datapipeline_pipeline_objects(args)
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
array = []
|
|
52
|
-
objects.each do |object|
|
|
53
|
-
object.each do |id, value|
|
|
38
|
+
(args[:objects] || []).collect do |object|
|
|
39
|
+
object.collect do |id, value|
|
|
54
40
|
fields = _datapipeline_pipeline_object_fields(value)
|
|
55
|
-
|
|
41
|
+
_{
|
|
56
42
|
Fields fields
|
|
57
43
|
Id id
|
|
58
44
|
Name value[:name]
|
|
59
45
|
}
|
|
60
46
|
end
|
|
61
|
-
end
|
|
62
|
-
array
|
|
47
|
+
end.flatten
|
|
63
48
|
end
|
|
64
49
|
|
|
65
50
|
def _datapipeline_pipeline_object_fields(args)
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
array = []
|
|
69
|
-
fields.each do |key, value|
|
|
70
|
-
array << _{
|
|
51
|
+
(args[:fields] || {}).collect do |key, value|
|
|
52
|
+
_{
|
|
71
53
|
Key key
|
|
72
54
|
RefValue value[:ref] if value.key? :ref
|
|
73
55
|
StringValue value[:string] if value.key? :string
|
|
74
56
|
}
|
|
75
57
|
end
|
|
76
|
-
array
|
|
77
58
|
end
|
|
78
59
|
|
|
79
|
-
def _datapipeline_pipeline_tags(args)
|
|
80
|
-
tags = args[:tags] || {}
|
|
81
|
-
|
|
82
|
-
array = []
|
|
83
|
-
tags.each do |key, value|
|
|
84
|
-
array << _{
|
|
85
|
-
Key key
|
|
86
|
-
Value value
|
|
87
|
-
}
|
|
88
|
-
end
|
|
89
|
-
array
|
|
90
|
-
end
|
|
@@ -13,8 +13,7 @@ def _dynamodb_attribute(args)
|
|
|
13
13
|
end
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
-
|
|
17
|
-
attributes.each do |attribute|
|
|
16
|
+
attributes.collect do |attribute|
|
|
18
17
|
type =
|
|
19
18
|
case attribute[:type].to_sym
|
|
20
19
|
when :binary
|
|
@@ -24,12 +23,11 @@ def _dynamodb_attribute(args)
|
|
|
24
23
|
else
|
|
25
24
|
"S"
|
|
26
25
|
end
|
|
27
|
-
|
|
26
|
+
_{
|
|
28
27
|
AttributeName attribute[:value]
|
|
29
28
|
AttributeType type
|
|
30
29
|
}
|
|
31
30
|
end
|
|
32
|
-
array
|
|
33
31
|
end
|
|
34
32
|
|
|
35
33
|
def _dynamodb_key_schema(args)
|
|
@@ -42,8 +40,7 @@ def _dynamodb_key_schema(args)
|
|
|
42
40
|
end
|
|
43
41
|
end
|
|
44
42
|
|
|
45
|
-
|
|
46
|
-
schemas.each do |schema|
|
|
43
|
+
schemas.collect do |schema|
|
|
47
44
|
type =
|
|
48
45
|
case schema[:type].to_sym
|
|
49
46
|
when :range
|
|
@@ -51,12 +48,11 @@ def _dynamodb_key_schema(args)
|
|
|
51
48
|
else
|
|
52
49
|
"hash"
|
|
53
50
|
end
|
|
54
|
-
|
|
51
|
+
_{
|
|
55
52
|
AttributeName schema[:value]
|
|
56
53
|
KeyType type.upcase
|
|
57
54
|
}
|
|
58
55
|
end
|
|
59
|
-
array
|
|
60
56
|
end
|
|
61
57
|
|
|
62
58
|
def _dynamodb_projection(args)
|
|
@@ -109,3 +105,16 @@ def _dynamodb_local(args)
|
|
|
109
105
|
Projection projection
|
|
110
106
|
}
|
|
111
107
|
end
|
|
108
|
+
|
|
109
|
+
def _dynamodb_ttl(args)
|
|
110
|
+
ttl = args[:ttl] || {}
|
|
111
|
+
return ttl if ttl.empty?
|
|
112
|
+
|
|
113
|
+
attr = args[:attr] || ""
|
|
114
|
+
enabled = _bool("enabled", args, true)
|
|
115
|
+
|
|
116
|
+
_{
|
|
117
|
+
AttributeName attr unless attr.empty?
|
|
118
|
+
Enabled enabled
|
|
119
|
+
}
|
|
120
|
+
end
|
|
@@ -3,6 +3,27 @@
|
|
|
3
3
|
#
|
|
4
4
|
require 'kumogata/template/helper'
|
|
5
5
|
|
|
6
|
+
def _ec2_to_block_device_ecs(args)
|
|
7
|
+
root_device = {
|
|
8
|
+
device: "/dev/xvda",
|
|
9
|
+
delete: _bool("root_delete", args, true),
|
|
10
|
+
size: args[:root_size] || 8,
|
|
11
|
+
type: "gp2",
|
|
12
|
+
}
|
|
13
|
+
root_device[:ref_size] = "#{args[:ref_root_size]} root" if _ref_key? "root_size", args, '', false
|
|
14
|
+
|
|
15
|
+
# /dev/xvdcz is Docker's use storage
|
|
16
|
+
data_device = {
|
|
17
|
+
device: "/dev/xvdcz",
|
|
18
|
+
delete: _bool("data_delete", args, true),
|
|
19
|
+
size: args[:data_size],
|
|
20
|
+
type: "gp2",
|
|
21
|
+
}
|
|
22
|
+
data_device[:ref_size] = "#{args[:ref_data_size]} data" if _ref_key? "data_size", args, '', false
|
|
23
|
+
|
|
24
|
+
[ root_device, data_device ]
|
|
25
|
+
end
|
|
26
|
+
|
|
6
27
|
def _ec2_tags(args)
|
|
7
28
|
if args.key? :tags_append
|
|
8
29
|
tags_append = {}
|
|
@@ -33,6 +54,7 @@ def _ec2_security_group_egress_rule(args)
|
|
|
33
54
|
cidr = args[:cidr] || "0.0.0.0/0"
|
|
34
55
|
cidr_ipv6 = args[:cidr_ipv6] || ""
|
|
35
56
|
dest_security = _ref_string("dest_security", args, "security group")
|
|
57
|
+
description = _ref_string_default("description", args, '', "egress rule description")
|
|
36
58
|
from = _ref_string("from", args)
|
|
37
59
|
ip = args[:ip] || "tcp"
|
|
38
60
|
dest_prefix = _ref_string("dest_prefix", args, "vpc endpoint")
|
|
@@ -43,6 +65,7 @@ def _ec2_security_group_egress_rule(args)
|
|
|
43
65
|
CidrIp cidr if dest_security.empty?
|
|
44
66
|
CidrIpv6 cidr_ipv6 unless cidr_ipv6.empty?
|
|
45
67
|
DestinationPrefixListId dest_prefix unless dest_prefix.empty?
|
|
68
|
+
Description description
|
|
46
69
|
FromPort from unless ip == "icmp"
|
|
47
70
|
IpProtocol ip
|
|
48
71
|
DestinationSecurityGroupId dest_security unless dest_security.empty?
|
|
@@ -69,18 +92,20 @@ end
|
|
|
69
92
|
def _ec2_security_group_ingress_rule(args)
|
|
70
93
|
cidr = args[:cidr] || "0.0.0.0/0"
|
|
71
94
|
cidr_ipv6 = args[:cidr_ipv6] || ""
|
|
95
|
+
description = _ref_string_default("description", args, '', "inbound rule description")
|
|
72
96
|
from = _ref_string("from", args)
|
|
73
97
|
ip = args[:ip] || "tcp"
|
|
74
98
|
source_group_name = _ref_string("source_group_name", args, "security group")
|
|
75
99
|
source_group_id = _ref_string("source_group_id", args, "security group")
|
|
76
100
|
source_group_owner_id = _ref_string("source_group_owner_id", args, "account id")
|
|
77
101
|
to = _ref_string("to", args)
|
|
78
|
-
to = from if to.empty?
|
|
102
|
+
to = from.clone if to.empty?
|
|
79
103
|
ip = -1 and from = 0 and to = 65535 if ip == "all"
|
|
80
104
|
|
|
81
105
|
_{
|
|
82
106
|
CidrIp cidr if source_group_name.empty? and source_group_id.empty?
|
|
83
107
|
CidrIpv6 cidr_ipv6 unless cidr_ipv6.empty?
|
|
108
|
+
Description description
|
|
84
109
|
FromPort from unless ip == "icmp"
|
|
85
110
|
IpProtocol ip
|
|
86
111
|
SourceSecurityGroupName source_group_name unless source_group_name.empty?
|
|
@@ -91,7 +116,7 @@ def _ec2_security_group_ingress_rule(args)
|
|
|
91
116
|
end
|
|
92
117
|
|
|
93
118
|
def _ec2_block_device(args)
|
|
94
|
-
device = args[:device] || "/dev/
|
|
119
|
+
device = args[:device] || "/dev/sdb"
|
|
95
120
|
delete = _bool("delete", args, true)
|
|
96
121
|
encrypted = _bool("encrypted", args, false)
|
|
97
122
|
iops = args[:iops] || 300
|
|
@@ -147,12 +172,17 @@ def _ec2_network_interface_embedded(args, is_spot = false)
|
|
|
147
172
|
}
|
|
148
173
|
end
|
|
149
174
|
|
|
150
|
-
def _ec2_image(
|
|
151
|
-
|
|
152
|
-
return args[:image_id] if image_id
|
|
175
|
+
def _ec2_image(args)
|
|
176
|
+
return args[:image_id] if args.key? :image_id
|
|
153
177
|
|
|
154
|
-
|
|
155
|
-
|
|
178
|
+
image =
|
|
179
|
+
if args.key? :ecs
|
|
180
|
+
"ecs official"
|
|
181
|
+
else
|
|
182
|
+
args[:image] || EC2_DEFAULT_IMAGE
|
|
183
|
+
end
|
|
184
|
+
instance_type = _ref_string("instance_type", args, "instance type")
|
|
185
|
+
_find_in_map("AWSRegionArch2AMI#{_resource_name(image)}",
|
|
156
186
|
_region,
|
|
157
187
|
_find_in_map("AWSInstanceType2Arch", instance_type, "Arch"))
|
|
158
188
|
end
|
|
@@ -179,12 +209,33 @@ def _ec2_protocol_number(protocol)
|
|
|
179
209
|
end
|
|
180
210
|
|
|
181
211
|
def _ec2_user_data(args)
|
|
182
|
-
|
|
183
|
-
|
|
212
|
+
if args.key? :user_data
|
|
213
|
+
user_data = args[:user_data]
|
|
214
|
+
else
|
|
215
|
+
user_data = _ref_string("user_data", args, "user data")
|
|
216
|
+
end
|
|
217
|
+
|
|
218
|
+
return '' if user_data.empty?
|
|
184
219
|
|
|
185
220
|
if user_data.is_a? Hash
|
|
186
221
|
_base64(user_data)
|
|
187
222
|
else
|
|
223
|
+
if user_data.is_a? String
|
|
224
|
+
if user_data.nil? or user_data.empty?
|
|
225
|
+
user_data = []
|
|
226
|
+
else
|
|
227
|
+
user_data = [ user_data ]
|
|
228
|
+
end
|
|
229
|
+
end
|
|
230
|
+
if args.key? :ecs
|
|
231
|
+
# http://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html
|
|
232
|
+
ecs_user_data =<<"EOS"
|
|
233
|
+
cat <<'EOF' >> /etc/ecs/ecs.config
|
|
234
|
+
ECS_CLUSTER=#{_name("ecs", args)}
|
|
235
|
+
EOF
|
|
236
|
+
EOS
|
|
237
|
+
user_data = user_data.insert(0, ecs_user_data)
|
|
238
|
+
end
|
|
188
239
|
_base64_shell(user_data)
|
|
189
240
|
end
|
|
190
241
|
end
|
|
@@ -229,7 +280,7 @@ def _ec2_spot_fleet_launches(args)
|
|
|
229
280
|
iam = _ref_string("iam", args, "iam instance profile")
|
|
230
281
|
iam = _ref_attr_string("iam", "Arn", args, "iam instance profile") if iam.empty?
|
|
231
282
|
instance_type = _ref_string("instance_type", args, "instance type")
|
|
232
|
-
image =_ec2_image(
|
|
283
|
+
image = _ec2_image(args)
|
|
233
284
|
kernel = args[:kernel] || ""
|
|
234
285
|
key_name = _ref_string("key_name", args, "key name")
|
|
235
286
|
monitoring = _bool("monitoring", args, false)
|
|
@@ -5,15 +5,17 @@ require 'kumogata/template/helper'
|
|
|
5
5
|
require 'kumogata/template/iam'
|
|
6
6
|
|
|
7
7
|
def _ecr_policy(name, args)
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
service: "ecr",
|
|
14
|
-
action: action,
|
|
15
|
-
principal: principal,
|
|
8
|
+
policy = args[name.to_sym] || {}
|
|
9
|
+
return policy if policy.empty?
|
|
10
|
+
|
|
11
|
+
iam_policy = {
|
|
12
|
+
service: 'ecr',
|
|
16
13
|
no_resource: true,
|
|
17
14
|
}
|
|
18
|
-
|
|
15
|
+
iam_policy[:sid] = policy[:sid] if policy.key? :sid
|
|
16
|
+
iam_policy[:principal] = policy[:principal] if policy.key? :principal
|
|
17
|
+
iam_policy[:actions] = policy[:actions] if policy.key? :actions
|
|
18
|
+
iam_policy[:action] = policy[:action] if policy.key? :action
|
|
19
|
+
|
|
20
|
+
_iam_policy_document('policy', { policy: [ iam_policy ] })
|
|
19
21
|
end
|