kumogata-template 0.0.26 → 0.0.27
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +1 -1
- data/Gemfile +2 -0
- data/Gemfile.lock +9 -9
- data/lib/kumogata/template.rb +1 -0
- data/lib/kumogata/template/ecr.rb +2 -8
- data/lib/kumogata/template/helper.rb +32 -0
- data/lib/kumogata/template/iam.rb +96 -33
- data/lib/kumogata/template/redshift.rb +26 -0
- data/lib/kumogata/template/version.rb +1 -1
- data/template/redshift-cluster-parameter-group.rb +2 -1
- data/test/iam_test.rb +171 -13
- data/test/redshift_test.rb +23 -0
- data/test/template/ecr-repository_test.rb +3 -7
- data/test/template/redshift-cluster-parameter-group_test.rb +2 -1
- metadata +6 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2383c2d571276248b35f727736cd4aea37204b62
|
4
|
+
data.tar.gz: e33971d8091ebf93f0bb9b64928e9466e074225c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 16d1afa6529932af0d96e5319637110cd09ea507838d3b207e685d7ec4f405bd99ec16e80291772531cb11d6a7ef705517dabbc55df0131cea9ea39674e95edf
|
7
|
+
data.tar.gz: '01658b9dc49640b269209d5f9aaee2abcbf8f664c2f258c3dc6c6674c20f0fcad114161f33dce88701b0bca049ce5c3e0905d6d32d1bc6b74afabf770fd616b8'
|
data/.travis.yml
CHANGED
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,20 +1,20 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
kumogata-template (0.0.
|
4
|
+
kumogata-template (0.0.27)
|
5
5
|
aws-sdk (~> 2.3)
|
6
6
|
kumogata (= 0.5.12)
|
7
7
|
|
8
8
|
GEM
|
9
9
|
remote: https://rubygems.org/
|
10
10
|
specs:
|
11
|
-
aws-sdk (2.9.
|
12
|
-
aws-sdk-resources (= 2.9.
|
13
|
-
aws-sdk-core (2.9.
|
11
|
+
aws-sdk (2.9.25)
|
12
|
+
aws-sdk-resources (= 2.9.25)
|
13
|
+
aws-sdk-core (2.9.25)
|
14
14
|
aws-sigv4 (~> 1.0)
|
15
15
|
jmespath (~> 1.0)
|
16
|
-
aws-sdk-resources (2.9.
|
17
|
-
aws-sdk-core (= 2.9.
|
16
|
+
aws-sdk-resources (2.9.25)
|
17
|
+
aws-sdk-core (= 2.9.25)
|
18
18
|
aws-sdk-v1 (1.67.0)
|
19
19
|
json (~> 1.4)
|
20
20
|
nokogiri (~> 1)
|
@@ -50,7 +50,7 @@ GEM
|
|
50
50
|
uuidtools
|
51
51
|
libv8 (3.16.14.19)
|
52
52
|
mini_portile2 (2.0.0)
|
53
|
-
minitest (5.10.
|
53
|
+
minitest (5.10.2)
|
54
54
|
net-ssh (4.1.0)
|
55
55
|
nokogiri (1.6.7.2)
|
56
56
|
mini_portile2 (~> 2.0.0.rc2)
|
@@ -62,7 +62,7 @@ GEM
|
|
62
62
|
therubyracer (0.12.2)
|
63
63
|
libv8 (~> 3.16.14.0)
|
64
64
|
ref
|
65
|
-
tins (1.
|
65
|
+
tins (1.14.0)
|
66
66
|
uuidtools (2.1.5)
|
67
67
|
|
68
68
|
PLATFORMS
|
@@ -75,4 +75,4 @@ DEPENDENCIES
|
|
75
75
|
rake (~> 11.1)
|
76
76
|
|
77
77
|
BUNDLED WITH
|
78
|
-
1.
|
78
|
+
1.14.6
|
data/lib/kumogata/template.rb
CHANGED
@@ -20,6 +20,7 @@ require 'kumogata/template/helper'
|
|
20
20
|
require 'kumogata/template/iam'
|
21
21
|
require 'kumogata/template/lambda'
|
22
22
|
require 'kumogata/template/logs'
|
23
|
+
require 'kumogata/template/redshift'
|
23
24
|
require 'kumogata/template/s3'
|
24
25
|
require 'kumogata/template/sns'
|
25
26
|
require 'kumogata/template/version'
|
@@ -4,17 +4,11 @@
|
|
4
4
|
require 'kumogata/template/helper'
|
5
5
|
require 'kumogata/template/iam'
|
6
6
|
|
7
|
-
|
8
7
|
def _ecr_policy(name, args)
|
9
8
|
action = args[name.to_sym][:action] || []
|
10
9
|
user = args[name.to_sym][:user] || []
|
11
|
-
|
12
|
-
|
13
|
-
users << _iam_arn("iam", { account_id: v[:id], type: "user", user: v[:name] })
|
14
|
-
end
|
15
|
-
principal = _{
|
16
|
-
AWS users
|
17
|
-
}
|
10
|
+
account = args[name.to_sym][:account]
|
11
|
+
principal = { account: account }
|
18
12
|
policy = {
|
19
13
|
service: "ecr",
|
20
14
|
action: action,
|
@@ -245,3 +245,35 @@ def _window_time(service, start_time)
|
|
245
245
|
end
|
246
246
|
"#{start_time.strftime(format)}-#{end_time.strftime(format)}"
|
247
247
|
end
|
248
|
+
|
249
|
+
def _ref_arn(service, name)
|
250
|
+
# FIXME
|
251
|
+
_{
|
252
|
+
Fn__Join [
|
253
|
+
",",
|
254
|
+
[
|
255
|
+
"arn:aws:#{service}:::",
|
256
|
+
_{ Ref _resource_name(name) },
|
257
|
+
]
|
258
|
+
]
|
259
|
+
}
|
260
|
+
end
|
261
|
+
|
262
|
+
def _ref_pseudo(type)
|
263
|
+
pseudo =
|
264
|
+
case type
|
265
|
+
when "account"
|
266
|
+
"AccountId"
|
267
|
+
when "notification arns"
|
268
|
+
"NotificationARNs"
|
269
|
+
when "no value"
|
270
|
+
"NoValue"
|
271
|
+
when "region"
|
272
|
+
"Region"
|
273
|
+
when "stack id"
|
274
|
+
"StackId"
|
275
|
+
when "stack name"
|
276
|
+
"StackName"
|
277
|
+
end
|
278
|
+
_{ Ref "AWS::#{pseudo}" }
|
279
|
+
end
|
@@ -63,6 +63,54 @@ def _iam_policies(name, args)
|
|
63
63
|
array
|
64
64
|
end
|
65
65
|
|
66
|
+
def _iam_policy_principal(args, key = "principal")
|
67
|
+
principal = args[key.to_sym] || {}
|
68
|
+
return "" if principal.empty?
|
69
|
+
return principal if principal.is_a? String
|
70
|
+
|
71
|
+
if principal.key? :account
|
72
|
+
account = principal[:account]
|
73
|
+
if account.is_a? Hash
|
74
|
+
_{
|
75
|
+
AWS _iam_arn("iam", { type: "user", account_id: account[:id], user: account[:name] })
|
76
|
+
}
|
77
|
+
else
|
78
|
+
_{
|
79
|
+
AWS account
|
80
|
+
}
|
81
|
+
end
|
82
|
+
elsif principal.key? :accounts
|
83
|
+
accounts = []
|
84
|
+
principal[:accounts].each do |v|
|
85
|
+
accounts << _iam_arn("iam", { type: "user", account_id: v[:id], user: v[:name] })
|
86
|
+
end
|
87
|
+
_{
|
88
|
+
AWS accounts
|
89
|
+
}
|
90
|
+
elsif principal.key? :federated
|
91
|
+
_{
|
92
|
+
Federated principal[:federated]
|
93
|
+
}
|
94
|
+
elsif principal.key? :assumed_role
|
95
|
+
assumed_role = principal[:assumed_role]
|
96
|
+
_{
|
97
|
+
AWS _iam_arn("iam",
|
98
|
+
{ sts: true, type: "assumed-role",
|
99
|
+
account_id: assumed_role[:id], user: assumed_role[:name] })
|
100
|
+
}
|
101
|
+
elsif principal.key? :services or principal.key? :service
|
102
|
+
_{
|
103
|
+
Service principal[:services] || principal[:service]
|
104
|
+
}
|
105
|
+
elsif principal.key? :canonical
|
106
|
+
_{
|
107
|
+
CanonicalUser principal[:canonical]
|
108
|
+
}
|
109
|
+
else
|
110
|
+
""
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
66
114
|
def _iam_policy_document(name, args)
|
67
115
|
array = []
|
68
116
|
documents = args[name.to_sym] || []
|
@@ -74,14 +122,12 @@ def _iam_policy_document(name, args)
|
|
74
122
|
|
75
123
|
actions = action.collect{|vv| "#{service}:#{vv}" }
|
76
124
|
if v.key? :resource
|
77
|
-
|
78
|
-
resource = _iam_arn(service, v[:resource])
|
79
|
-
else
|
80
|
-
resource = v[:resource].collect{|vv| _iam_arn(service, vv) }
|
81
|
-
end
|
125
|
+
resource = _iam_arn(service, v[:resource])
|
82
126
|
else
|
83
127
|
resource = [ "*" ]
|
84
128
|
end
|
129
|
+
principal = _iam_policy_principal(v)
|
130
|
+
not_principal = _iam_policy_principal(v, "not_principal")
|
85
131
|
|
86
132
|
array << _{
|
87
133
|
Sid v[:sid] if v.key? :sid
|
@@ -89,8 +135,8 @@ def _iam_policy_document(name, args)
|
|
89
135
|
NotAction no_action v[:no_action] if v.key? :no_action
|
90
136
|
Action actions
|
91
137
|
Resource resource unless v.key? :no_resource
|
92
|
-
Principal
|
93
|
-
NotPrincipal
|
138
|
+
Principal principal unless principal.empty?
|
139
|
+
NotPrincipal not_principal unless not_principal.empty?
|
94
140
|
Condition _iam_to_policy_condition(v[:condition]) if v.key? :condition
|
95
141
|
}
|
96
142
|
end
|
@@ -133,29 +179,62 @@ end
|
|
133
179
|
# Amazon Resource Names (ARNs) and AWS Service Namespaces
|
134
180
|
# https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
135
181
|
def _iam_arn(service, resource)
|
136
|
-
|
182
|
+
def _convert(args)
|
183
|
+
return "" if args.empty?
|
184
|
+
return args if args.is_a? String
|
185
|
+
array = []
|
186
|
+
args.each_pair do |k, v|
|
187
|
+
array <<
|
188
|
+
case k.to_s
|
189
|
+
when "ref"
|
190
|
+
_{ Ref _resource_name(v) }
|
191
|
+
when /ref_(.*)/
|
192
|
+
_ref_pseudo($1)
|
193
|
+
else
|
194
|
+
v
|
195
|
+
end
|
196
|
+
end
|
197
|
+
(args.size == 1) ? array.first : array
|
198
|
+
end
|
137
199
|
|
200
|
+
arn_prefix = "arn:aws:#{service}"
|
138
201
|
case service
|
139
202
|
when "s3"
|
203
|
+
arn_prefix_s3 = "#{arn_prefix}:::"
|
140
204
|
if resource.is_a? String
|
141
|
-
"#{
|
205
|
+
"#{arn_prefix_s3}#{resource}"
|
206
|
+
|
207
|
+
elsif resource.is_a? Hash
|
208
|
+
_{ Fn__Join "", [ arn_prefix_s3, _convert(resource) ] }
|
209
|
+
|
142
210
|
else
|
143
|
-
|
144
|
-
resource.
|
145
|
-
if v
|
146
|
-
|
211
|
+
array, array_map = [], []
|
212
|
+
resource.each_with_index do |v, i|
|
213
|
+
if v.is_a? String
|
214
|
+
array << v
|
215
|
+
elsif v.is_a? Hash
|
216
|
+
array << _convert(v)
|
147
217
|
else
|
148
|
-
|
218
|
+
tmp = [ arn_prefix_s3 ]
|
219
|
+
tmp += v.collect{|vv| _convert(vv) }
|
220
|
+
array_map << _{ Fn__Join "", tmp }
|
149
221
|
end
|
150
222
|
end
|
151
|
-
|
223
|
+
return array_map unless array_map.empty?
|
224
|
+
|
225
|
+
if array.select{|v| v.is_a? Hash }.empty?
|
226
|
+
array.collect{|v| "#{arn_prefix_s3}#{v}" }
|
227
|
+
else
|
228
|
+
_{ Fn__Join "", array.insert(0, arn_prefix_s3) }
|
229
|
+
end
|
152
230
|
end
|
153
231
|
|
154
232
|
when "cloudformation"
|
155
233
|
if resource == "*"
|
156
234
|
resource
|
157
235
|
else
|
158
|
-
|
236
|
+
resource = [ { region: resource[:region], account_id: resource[:account_id], stack: resource[:stack] } ] if resource.is_a? String
|
237
|
+
resource.collect{|v| "#{arn_prefix}:#{v[:region]}:#{v[:account_id]}:stack/#{v[:stack]}" }
|
159
238
|
end
|
160
239
|
|
161
240
|
when "iam"
|
@@ -170,7 +249,7 @@ def _iam_arn(service, resource)
|
|
170
249
|
end
|
171
250
|
|
172
251
|
when "elasticloadbalancing"
|
173
|
-
"#{arn_prefix}:*:*:loadbalancer/#{
|
252
|
+
resource.collect{|v| "#{arn_prefix}:*:*:loadbalancer/#{v}" }
|
174
253
|
|
175
254
|
when "logs"
|
176
255
|
"#{arn_prefix}:*:*:*"
|
@@ -180,22 +259,6 @@ def _iam_arn(service, resource)
|
|
180
259
|
end
|
181
260
|
end
|
182
261
|
|
183
|
-
def _iam_s3_bucket_policy(region, bucket, prefix, aws_account_id)
|
184
|
-
account_id = ELB_ACCESS_LOG_ACCOUNT_ID[region.to_sym]
|
185
|
-
prefix = [ prefix ] if prefix.is_a? String
|
186
|
-
resource = prefix.collect{|v| "#{bucket}/#{v}/AWSLogs/#{aws_account_id}/*" }
|
187
|
-
[
|
188
|
-
{
|
189
|
-
service: "s3",
|
190
|
-
action: [ "PutObject" ],
|
191
|
-
principal: {
|
192
|
-
AWS: [ account_id ],
|
193
|
-
},
|
194
|
-
resource: resource,
|
195
|
-
},
|
196
|
-
]
|
197
|
-
end
|
198
|
-
|
199
262
|
def _iam_login_profile(args)
|
200
263
|
password = args[:password] || ""
|
201
264
|
reset_required = _bool("reset_required", args, true)
|
@@ -0,0 +1,26 @@
|
|
1
|
+
#
|
2
|
+
# Helper - Redshift
|
3
|
+
#
|
4
|
+
require 'kumogata/template/helper'
|
5
|
+
|
6
|
+
def _redshift_parameters(args)
|
7
|
+
parameters = args[:parameters] || []
|
8
|
+
|
9
|
+
array = []
|
10
|
+
parameters.collect do |v|
|
11
|
+
name = v[:name] || ""
|
12
|
+
value =
|
13
|
+
if name == "wlm_json_configuration"
|
14
|
+
v[:value].to_json
|
15
|
+
else
|
16
|
+
v[:value] || ""
|
17
|
+
end
|
18
|
+
next if name.empty? or value.empty?
|
19
|
+
|
20
|
+
array << _{
|
21
|
+
ParameterName name
|
22
|
+
ParameterValue value
|
23
|
+
}
|
24
|
+
end
|
25
|
+
array
|
26
|
+
end
|
@@ -1 +1 @@
|
|
1
|
-
KUMOGATA_TEMPLATE_VERSION = '0.0.
|
1
|
+
KUMOGATA_TEMPLATE_VERSION = '0.0.27'
|
@@ -3,11 +3,12 @@
|
|
3
3
|
# http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-clusterparametergroup.html
|
4
4
|
#
|
5
5
|
require 'kumogata/template/helper'
|
6
|
+
require 'kumogata/template/redshift'
|
6
7
|
|
7
8
|
name = _resource_name(args[:name], "redshift cluster parameter group")
|
8
9
|
description = args[:description] || "#{args[:name]} redshift cluster parameter group description"
|
9
10
|
family = args[:family] || "redshift-1.0"
|
10
|
-
parameters = args
|
11
|
+
parameters = _redshift_parameters(args)
|
11
12
|
|
12
13
|
_(name) do
|
13
14
|
Type "AWS::Redshift::ClusterParameterGroup"
|
data/test/iam_test.rb
CHANGED
@@ -81,6 +81,88 @@ Policies _iam_policies "test", test: [ { document: [ { service: "s3" } ] } ]
|
|
81
81
|
assert_equal exp_template.chomp, act_template
|
82
82
|
end
|
83
83
|
|
84
|
+
def test_iam_policy_principal
|
85
|
+
template = <<-EOS
|
86
|
+
Test _iam_policy_principal principal: { account: 1 }
|
87
|
+
EOS
|
88
|
+
act_template = run_client_as_json(template)
|
89
|
+
exp_template = <<-EOS
|
90
|
+
{
|
91
|
+
"Test": {
|
92
|
+
"AWS": "1"
|
93
|
+
}
|
94
|
+
}
|
95
|
+
EOS
|
96
|
+
assert_equal exp_template.chomp, act_template
|
97
|
+
|
98
|
+
template = <<-EOS
|
99
|
+
Test _iam_policy_principal principal: { account: { id: 1, name: "test" } }
|
100
|
+
EOS
|
101
|
+
act_template = run_client_as_json(template)
|
102
|
+
exp_template = <<-EOS
|
103
|
+
{
|
104
|
+
"Test": {
|
105
|
+
"AWS": "arn:aws:iam::1:user/test"
|
106
|
+
}
|
107
|
+
}
|
108
|
+
EOS
|
109
|
+
assert_equal exp_template.chomp, act_template
|
110
|
+
|
111
|
+
template = <<-EOS
|
112
|
+
Test _iam_policy_principal principal: { accounts: [ { id: 1, name: "test" } ] }
|
113
|
+
EOS
|
114
|
+
act_template = run_client_as_json(template)
|
115
|
+
exp_template = <<-EOS
|
116
|
+
{
|
117
|
+
"Test": {
|
118
|
+
"AWS": [
|
119
|
+
"arn:aws:iam::1:user/test"
|
120
|
+
]
|
121
|
+
}
|
122
|
+
}
|
123
|
+
EOS
|
124
|
+
assert_equal exp_template.chomp, act_template
|
125
|
+
|
126
|
+
template = <<-EOS
|
127
|
+
Test _iam_policy_principal principal: { federated: "test" }
|
128
|
+
EOS
|
129
|
+
act_template = run_client_as_json(template)
|
130
|
+
exp_template = <<-EOS
|
131
|
+
{
|
132
|
+
"Test": {
|
133
|
+
"Federated": "test"
|
134
|
+
}
|
135
|
+
}
|
136
|
+
EOS
|
137
|
+
assert_equal exp_template.chomp, act_template
|
138
|
+
|
139
|
+
template = <<-EOS
|
140
|
+
Test _iam_policy_principal principal: { assumed_role: { id: 1, name: "test/test" } }
|
141
|
+
EOS
|
142
|
+
act_template = run_client_as_json(template)
|
143
|
+
exp_template = <<-EOS
|
144
|
+
{
|
145
|
+
"Test": {
|
146
|
+
"AWS": "arn:aws:sts::1:assumed-role/test/test"
|
147
|
+
}
|
148
|
+
}
|
149
|
+
EOS
|
150
|
+
assert_equal exp_template.chomp, act_template
|
151
|
+
|
152
|
+
template = <<-EOS
|
153
|
+
Test _iam_policy_principal principal: { service: "test" }
|
154
|
+
EOS
|
155
|
+
act_template = run_client_as_json(template)
|
156
|
+
exp_template = <<-EOS
|
157
|
+
{
|
158
|
+
"Test": {
|
159
|
+
"Service": "test"
|
160
|
+
}
|
161
|
+
}
|
162
|
+
EOS
|
163
|
+
assert_equal exp_template.chomp, act_template
|
164
|
+
end
|
165
|
+
|
84
166
|
def test_iam_policy_document
|
85
167
|
template = <<-EOS
|
86
168
|
PolicyDocument _iam_policy_document "test", test: [ { service: "s3" } ]
|
@@ -190,28 +272,104 @@ arn _iam_arn("s3", "test")
|
|
190
272
|
}
|
191
273
|
EOS
|
192
274
|
assert_equal exp_template.chomp, act_template
|
193
|
-
end
|
194
275
|
|
195
|
-
def test_iam_s3_bucket_policy
|
196
276
|
template = <<-EOS
|
197
|
-
arn
|
277
|
+
arn _iam_arn("s3", { ref: "test" })
|
278
|
+
EOS
|
279
|
+
act_template = run_client_as_json(template)
|
280
|
+
exp_template = <<-EOS
|
281
|
+
{
|
282
|
+
"arn": {
|
283
|
+
"Fn::Join": [
|
284
|
+
"",
|
285
|
+
[
|
286
|
+
"arn:aws:s3:::",
|
287
|
+
{
|
288
|
+
"Ref": "Test"
|
289
|
+
}
|
290
|
+
]
|
291
|
+
]
|
292
|
+
}
|
293
|
+
}
|
294
|
+
EOS
|
295
|
+
assert_equal exp_template.chomp, act_template
|
296
|
+
|
297
|
+
template = <<-EOS
|
298
|
+
arn _iam_arn("s3", [ "test1", "test2" ])
|
299
|
+
EOS
|
300
|
+
act_template = run_client_as_json(template)
|
301
|
+
exp_template = <<-EOS
|
302
|
+
{
|
303
|
+
"arn": [
|
304
|
+
"arn:aws:s3:::test1",
|
305
|
+
"arn:aws:s3:::test2"
|
306
|
+
]
|
307
|
+
}
|
308
|
+
EOS
|
309
|
+
assert_equal exp_template.chomp, act_template
|
310
|
+
|
311
|
+
template = <<-EOS
|
312
|
+
arn _iam_arn("s3", [ { ref: "test" }, { ref_account: true }, "/*" ])
|
313
|
+
EOS
|
314
|
+
act_template = run_client_as_json(template)
|
315
|
+
exp_template = <<-EOS
|
316
|
+
{
|
317
|
+
"arn": {
|
318
|
+
"Fn::Join": [
|
319
|
+
"",
|
320
|
+
[
|
321
|
+
"arn:aws:s3:::",
|
322
|
+
{
|
323
|
+
"Ref": "Test"
|
324
|
+
},
|
325
|
+
{
|
326
|
+
"Ref": "AWS::AccountId"
|
327
|
+
},
|
328
|
+
"/*"
|
329
|
+
]
|
330
|
+
]
|
331
|
+
}
|
332
|
+
}
|
333
|
+
EOS
|
334
|
+
assert_equal exp_template.chomp, act_template
|
335
|
+
|
336
|
+
template = <<-EOS
|
337
|
+
test1 = [ { ref: "test1" }, { ref_account: true }, "/*" ]
|
338
|
+
test2 = [ { ref: "test2" }, { ref_account: true }, "/*" ]
|
339
|
+
arn _iam_arn("s3", [ test1, test2 ])
|
198
340
|
EOS
|
199
341
|
act_template = run_client_as_json(template)
|
200
342
|
exp_template = <<-EOS
|
201
343
|
{
|
202
344
|
"arn": [
|
203
345
|
{
|
204
|
-
"
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
346
|
+
"Fn::Join": [
|
347
|
+
"",
|
348
|
+
[
|
349
|
+
"arn:aws:s3:::",
|
350
|
+
{
|
351
|
+
"Ref": "Test1"
|
352
|
+
},
|
353
|
+
{
|
354
|
+
"Ref": "AWS::AccountId"
|
355
|
+
},
|
356
|
+
"/*"
|
357
|
+
]
|
358
|
+
]
|
359
|
+
},
|
360
|
+
{
|
361
|
+
"Fn::Join": [
|
362
|
+
"",
|
363
|
+
[
|
364
|
+
"arn:aws:s3:::",
|
365
|
+
{
|
366
|
+
"Ref": "Test2"
|
367
|
+
},
|
368
|
+
{
|
369
|
+
"Ref": "AWS::AccountId"
|
370
|
+
},
|
371
|
+
"/*"
|
211
372
|
]
|
212
|
-
},
|
213
|
-
"resource": [
|
214
|
-
"test/test/AWSLogs/1234/*"
|
215
373
|
]
|
216
374
|
}
|
217
375
|
]
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'abstract_unit'
|
2
|
+
require 'kumogata/template/redshift'
|
3
|
+
|
4
|
+
class RedshiftTest < Minitest::Test
|
5
|
+
def test_redshift_parameters
|
6
|
+
template = <<-EOS
|
7
|
+
parameters = { name: "wlm_json_configuration", value: [ { test: "test" } ] }
|
8
|
+
Test _redshift_parameters(parameters: [ parameters ])
|
9
|
+
EOS
|
10
|
+
act_template = run_client_as_json(template)
|
11
|
+
exp_template = <<-EOS
|
12
|
+
{
|
13
|
+
"Test": [
|
14
|
+
{
|
15
|
+
"ParameterName": "wlm_json_configuration",
|
16
|
+
"ParameterValue": "[{\\"test\\":\\"test\\"}]"
|
17
|
+
}
|
18
|
+
]
|
19
|
+
}
|
20
|
+
EOS
|
21
|
+
assert_equal exp_template.chomp, act_template
|
22
|
+
end
|
23
|
+
end
|
@@ -12,10 +12,8 @@ action = %w(
|
|
12
12
|
UploadLayerPart
|
13
13
|
CompleteLayerUpload
|
14
14
|
)
|
15
|
-
|
16
|
-
|
17
|
-
]
|
18
|
-
_ecr_repository "test", { policy: { action: action, user: user } }
|
15
|
+
account = { id: 1, name: "test" }
|
16
|
+
_ecr_repository "test", { policy: { action: action, account: account } }
|
19
17
|
EOS
|
20
18
|
act_template = run_client_as_json(template)
|
21
19
|
exp_template = <<-EOS
|
@@ -39,9 +37,7 @@ _ecr_repository "test", { policy: { action: action, user: user } }
|
|
39
37
|
"ecr:CompleteLayerUpload"
|
40
38
|
],
|
41
39
|
"Principal": {
|
42
|
-
"AWS":
|
43
|
-
"arn:aws:iam::1:user/test"
|
44
|
-
]
|
40
|
+
"AWS": "arn:aws:iam::1:user/test"
|
45
41
|
}
|
46
42
|
}
|
47
43
|
]
|
@@ -3,7 +3,8 @@ require 'abstract_unit'
|
|
3
3
|
class RedshiftClusterParameterGroupTest < Minitest::Test
|
4
4
|
def test_normal
|
5
5
|
template = <<-EOS
|
6
|
-
|
6
|
+
parameters = [ { name: "enable_user_activity_logging", value: "true" } ]
|
7
|
+
_redshift_cluster_parameter_group "test", parameters: parameters
|
7
8
|
EOS
|
8
9
|
act_template = run_client_as_json(template)
|
9
10
|
exp_template = <<-EOS
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: kumogata-template
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.27
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Naoya Nakazawa
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-05-
|
11
|
+
date: 2017-05-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk
|
@@ -125,6 +125,7 @@ files:
|
|
125
125
|
- lib/kumogata/template/iam.rb
|
126
126
|
- lib/kumogata/template/lambda.rb
|
127
127
|
- lib/kumogata/template/logs.rb
|
128
|
+
- lib/kumogata/template/redshift.rb
|
128
129
|
- lib/kumogata/template/s3.rb
|
129
130
|
- lib/kumogata/template/sns.rb
|
130
131
|
- lib/kumogata/template/version.rb
|
@@ -271,6 +272,7 @@ files:
|
|
271
272
|
- test/iam_test.rb
|
272
273
|
- test/lambda_test.rb
|
273
274
|
- test/logs_test.rb
|
275
|
+
- test/redshift_test.rb
|
274
276
|
- test/s3_test.rb
|
275
277
|
- test/sns_test.rb
|
276
278
|
- test/template/alb-listener-rule_test.rb
|
@@ -413,7 +415,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
413
415
|
version: '0'
|
414
416
|
requirements: []
|
415
417
|
rubyforge_project:
|
416
|
-
rubygems_version: 2.
|
418
|
+
rubygems_version: 2.5.2
|
417
419
|
signing_key:
|
418
420
|
specification_version: 4
|
419
421
|
summary: Template for Kumogata.
|
@@ -440,6 +442,7 @@ test_files:
|
|
440
442
|
- test/iam_test.rb
|
441
443
|
- test/lambda_test.rb
|
442
444
|
- test/logs_test.rb
|
445
|
+
- test/redshift_test.rb
|
443
446
|
- test/s3_test.rb
|
444
447
|
- test/sns_test.rb
|
445
448
|
- test/template/alb-listener-rule_test.rb
|