miam 0.2.4.beta14 → 0.2.4.beta15

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: faad0bab82eac2d71d3b62c8af2f593d89c5452b
4
- data.tar.gz: 0b195a1349dd6fe5cae65fa52165bb4758456ec3
3
+ metadata.gz: 328cabe832ba632a99fbc5bad953498ab6d85e83
4
+ data.tar.gz: 461015798e3b83bea5e1ab90d7ccc01fa5bc3fbf
5
5
  SHA512:
6
- metadata.gz: 0d637e69aa0a6b098797c1d7a62fbf8340488dbfe9349b42d6ae93aa8055943747c16083ef61573b8f27865deff22bbc90aaac5128914868d4af5d72626bbd28
7
- data.tar.gz: 1164eb5cf1ff1a989ba333da1af7d7ac77b9b6a782e5aa8ebd5cbcadef1ee7f5b56ca0a1dd30f612a5d5ba360800ca6d05938b93ccf9327cb92abee613e1484f
6
+ metadata.gz: cbdca6578b266fb2525f261d87658c6fec29658c073001f1eeccd1367dd4c096961eb7f69c0456495e79f5377683a4c399599c88c617796d12f0ab5f33f11542
7
+ data.tar.gz: 552e9e6bb2f29361ac789bfe5a8d34fb369191fdcf5d90d6eb9aa3cc6eef719490da7a1425a5a5db996e5278a5c96b27853a71ef0d1c95c5c42eda418ba6956c
data/bin/miam CHANGED
@@ -51,8 +51,8 @@ ARGV.options do |opt|
51
51
  opt.on('' , '--split-more') { split = :more }
52
52
  opt.on('', '--format=FORMAT', [:ruby, :json]) {|v| format_passed = true; options[:format] = v }
53
53
  opt.on('' , '--export-concurrency N', Integer) {|v| options[:export_concurrency] = v }
54
- opt.on('' , '--target REGEXP') {|v| options[:target] = Regexp.new(v) }
55
- opt.on('' , '--exclude REGEXP') {|v| options[:exclude] = Regexp.new(v) }
54
+ opt.on('' , '--target REGEXP') {|v| (options[:target] ||= []) << Regexp.new(v) }
55
+ opt.on('' , '--exclude REGEXP') {|v| (options[:exclude] ||= []) << Regexp.new(v) }
56
56
  opt.on('' , '--ignore-login-profile') { options[:ignore_login_profile] = true }
57
57
  opt.on('' , '--no-color') { options[:color] = false }
58
58
  opt.on('' , '--no-progress') { options[:no_progress] = true }
@@ -527,11 +527,11 @@ class Miam::Client
527
527
  result = true
528
528
 
529
529
  if @options[:exclude]
530
- result &&= name !~ @options[:exclude]
530
+ result &&= @options[:exclude].all? {|r| name !~ r}
531
531
  end
532
532
 
533
533
  if @options[:target]
534
- result &&= name =~ @options[:target]
534
+ result &&= @options[:target].any? {|r| name =~ r}
535
535
  end
536
536
 
537
537
  result
@@ -196,11 +196,11 @@ end
196
196
  result = true
197
197
 
198
198
  if @options[:exclude]
199
- result &&= name !~ @options[:exclude]
199
+ result &&= @options[:exclude].all? {|r| name !~ r}
200
200
  end
201
201
 
202
202
  if @options[:target]
203
- result &&= name =~ @options[:target]
203
+ result &&= @options[:target].any? {|r| name =~ r}
204
204
  end
205
205
 
206
206
  result
@@ -1,3 +1,3 @@
1
1
  module Miam
2
- VERSION = '0.2.4.beta14'
2
+ VERSION = '0.2.4.beta15'
3
3
  end
@@ -1,7 +1,7 @@
1
1
  describe 'attach/detach policy' do
2
2
  let(:dsl) do
3
3
  <<-RUBY
4
- user "bob", :path=>"/devloper/" do
4
+ user "bob", :path=>"/developer/" do
5
5
  login_profile :password_reset_required=>true
6
6
 
7
7
  groups(
@@ -94,7 +94,7 @@ describe 'attach/detach policy' do
94
94
  let(:expected) do
95
95
  {:users=>
96
96
  {"bob"=>
97
- {:path=>"/devloper/",
97
+ {:path=>"/developer/",
98
98
  :groups=>["Admin", "SES"],
99
99
  :attached_managed_policies=>[
100
100
  "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"],
@@ -174,7 +174,7 @@ describe 'attach/detach policy' do
174
174
  context 'when attach policy' do
175
175
  let(:update_policy_dsl) do
176
176
  <<-RUBY
177
- user "bob", :path=>"/devloper/" do
177
+ user "bob", :path=>"/developer/" do
178
178
  login_profile :password_reset_required=>true
179
179
 
180
180
  groups(
@@ -282,7 +282,7 @@ describe 'attach/detach policy' do
282
282
  context 'when detach policy' do
283
283
  let(:update_policy_dsl) do
284
284
  <<-RUBY
285
- user "bob", :path=>"/devloper/" do
285
+ user "bob", :path=>"/developer/" do
286
286
  login_profile :password_reset_required=>true
287
287
 
288
288
  groups(
@@ -12,7 +12,7 @@ describe 'create' do
12
12
  context 'when create user and group' do
13
13
  let(:dsl) do
14
14
  <<-RUBY
15
- user "bob", :path=>"/devloper/" do
15
+ user "bob", :path=>"/developer/" do
16
16
  login_profile :password_reset_required=>true
17
17
 
18
18
  groups(
@@ -88,7 +88,7 @@ describe 'create' do
88
88
  let(:expected) do
89
89
  {:users=>
90
90
  {"bob"=>
91
- {:path=>"/devloper/",
91
+ {:path=>"/developer/",
92
92
  :groups=>["Admin", "SES"],
93
93
  :attached_managed_policies=>[],
94
94
  :policies=>
@@ -184,7 +184,7 @@ describe 'create' do
184
184
  end
185
185
  end
186
186
 
187
- user "bob", :path=>"/devloper/" do
187
+ user "bob", :path=>"/developer/" do
188
188
  include_template context.user_name
189
189
  end
190
190
 
@@ -1,7 +1,7 @@
1
1
  describe 'delete' do
2
2
  let(:dsl) do
3
3
  <<-RUBY
4
- user "bob", :path=>"/devloper/" do
4
+ user "bob", :path=>"/developer/" do
5
5
  login_profile :password_reset_required=>true
6
6
 
7
7
  groups(
@@ -74,7 +74,7 @@ describe 'delete' do
74
74
  let(:expected) do
75
75
  {:users=>
76
76
  {"bob"=>
77
- {:path=>"/devloper/",
77
+ {:path=>"/developer/",
78
78
  :groups=>["Admin", "SES"],
79
79
  :attached_managed_policies=>[],
80
80
  :policies=>
@@ -139,7 +139,7 @@ describe 'delete' do
139
139
  context 'when delete group' do
140
140
  let(:delete_group_dsl) do
141
141
  <<-RUBY
142
- user "bob", :path=>"/devloper/" do
142
+ user "bob", :path=>"/developer/" do
143
143
  login_profile :password_reset_required=>true
144
144
 
145
145
  groups(
@@ -351,7 +351,7 @@ describe 'delete' do
351
351
  context 'when delete instance_profile' do
352
352
  let(:delete_instance_profiles_dsl) do
353
353
  <<-RUBY
354
- user "bob", :path=>"/devloper/" do
354
+ user "bob", :path=>"/developer/" do
355
355
  login_profile :password_reset_required=>true
356
356
 
357
357
  groups(
@@ -432,7 +432,7 @@ describe 'delete' do
432
432
  context 'when delete role' do
433
433
  let(:delete_role_dsl) do
434
434
  <<-RUBY
435
- user "bob", :path=>"/devloper/" do
435
+ user "bob", :path=>"/developer/" do
436
436
  login_profile :password_reset_required=>true
437
437
 
438
438
  groups(
@@ -491,7 +491,7 @@ describe 'delete' do
491
491
  context 'when delete role and instance_profile' do
492
492
  let(:delete_role_and_instance_profile_dsl) do
493
493
  <<-RUBY
494
- user "bob", :path=>"/devloper/" do
494
+ user "bob", :path=>"/developer/" do
495
495
  login_profile :password_reset_required=>true
496
496
 
497
497
  groups(
@@ -0,0 +1,237 @@
1
+ describe 'exclude option' do
2
+ let(:dsl) do
3
+ <<-RUBY
4
+ user "bob", :path=>"/developer/" do
5
+ login_profile :password_reset_required=>true
6
+
7
+ groups(
8
+ "Admin",
9
+ "SES"
10
+ )
11
+
12
+ policy "S3" do
13
+ {"Statement"=>
14
+ [{"Action"=>
15
+ ["s3:Get*",
16
+ "s3:List*"],
17
+ "Effect"=>"Allow",
18
+ "Resource"=>"*"}]}
19
+ end
20
+
21
+ attached_managed_policies(
22
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
23
+ )
24
+ end
25
+
26
+ user "mary", :path=>"/staff/" do
27
+ policy "S3" do
28
+ {"Statement"=>
29
+ [{"Action"=>
30
+ ["s3:Get*",
31
+ "s3:List*"],
32
+ "Effect"=>"Allow",
33
+ "Resource"=>"*"}]}
34
+ end
35
+
36
+ attached_managed_policies(
37
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
38
+ )
39
+ end
40
+
41
+ group "Admin", :path=>"/admin/" do
42
+ policy "Admin" do
43
+ {"Statement"=>[{"Effect"=>"Allow", "Action"=>"*", "Resource"=>"*"}]}
44
+ end
45
+
46
+ attached_managed_policies(
47
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
48
+ )
49
+ end
50
+
51
+ group "SES", :path=>"/ses/" do
52
+ policy "ses-policy" do
53
+ {"Statement"=>
54
+ [{"Effect"=>"Allow", "Action"=>"ses:SendRawEmail", "Resource"=>"*"}]}
55
+ end
56
+
57
+ attached_managed_policies(
58
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
59
+ )
60
+ end
61
+
62
+ role "my-role", :path=>"/any/" do
63
+ instance_profiles(
64
+ "my-instance-profile"
65
+ )
66
+
67
+ assume_role_policy_document do
68
+ {"Version"=>"2012-10-17",
69
+ "Statement"=>
70
+ [{"Sid"=>"",
71
+ "Effect"=>"Allow",
72
+ "Principal"=>{"Service"=>"ec2.amazonaws.com"},
73
+ "Action"=>"sts:AssumeRole"}]}
74
+ end
75
+
76
+ policy "role-policy" do
77
+ {"Statement"=>
78
+ [{"Action"=>
79
+ ["s3:Get*",
80
+ "s3:List*"],
81
+ "Effect"=>"Allow",
82
+ "Resource"=>"*"}]}
83
+ end
84
+
85
+ attached_managed_policies(
86
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
87
+ )
88
+ end
89
+
90
+ instance_profile "my-instance-profile", :path=>"/profile/"
91
+ RUBY
92
+ end
93
+
94
+ before(:each) do
95
+ apply { dsl }
96
+ end
97
+
98
+ context 'when exclude a user' do
99
+ let(:exclude_bob) do
100
+ <<-RUBY
101
+ user "mary", :path=>"/staff/" do
102
+ policy "S3" do
103
+ {"Statement"=>
104
+ [{"Action"=>
105
+ ["s3:Get*",
106
+ "s3:List*"],
107
+ "Effect"=>"Allow",
108
+ "Resource"=>"*"}]}
109
+ end
110
+
111
+ attached_managed_policies(
112
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
113
+ )
114
+ end
115
+
116
+ group "Admin", :path=>"/admin/" do
117
+ policy "Admin" do
118
+ {"Statement"=>[{"Effect"=>"Allow", "Action"=>"*", "Resource"=>"*"}]}
119
+ end
120
+
121
+ attached_managed_policies(
122
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
123
+ )
124
+ end
125
+
126
+ group "SES", :path=>"/ses/" do
127
+ policy "ses-policy" do
128
+ {"Statement"=>
129
+ [{"Effect"=>"Allow", "Action"=>"ses:SendRawEmail", "Resource"=>"*"}]}
130
+ end
131
+
132
+ attached_managed_policies(
133
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
134
+ )
135
+ end
136
+
137
+ role "my-role", :path=>"/any/" do
138
+ instance_profiles(
139
+ "my-instance-profile"
140
+ )
141
+
142
+ assume_role_policy_document do
143
+ {"Version"=>"2012-10-17",
144
+ "Statement"=>
145
+ [{"Sid"=>"",
146
+ "Effect"=>"Allow",
147
+ "Principal"=>{"Service"=>"ec2.amazonaws.com"},
148
+ "Action"=>"sts:AssumeRole"}]}
149
+ end
150
+
151
+ policy "role-policy" do
152
+ {"Statement"=>
153
+ [{"Action"=>
154
+ ["s3:Get*",
155
+ "s3:List*"],
156
+ "Effect"=>"Allow",
157
+ "Resource"=>"*"}]}
158
+ end
159
+
160
+ attached_managed_policies(
161
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
162
+ )
163
+ end
164
+
165
+ instance_profile "my-instance-profile", :path=>"/profile/"
166
+ RUBY
167
+ end
168
+
169
+ subject { client(exclude: [/bob/]) }
170
+
171
+ it do
172
+ updated = apply(subject) { exclude_bob }
173
+ expect(updated).to be_falsey
174
+ end
175
+ end
176
+
177
+ context 'when exclude a group, a role and an instance profile' do
178
+ let(:exclude_admin_and_my) do
179
+ <<-RUBY
180
+ user "bob", :path=>"/developer/" do
181
+ login_profile :password_reset_required=>true
182
+
183
+ groups(
184
+ "Admin",
185
+ "SES"
186
+ )
187
+
188
+ policy "S3" do
189
+ {"Statement"=>
190
+ [{"Action"=>
191
+ ["s3:Get*",
192
+ "s3:List*"],
193
+ "Effect"=>"Allow",
194
+ "Resource"=>"*"}]}
195
+ end
196
+
197
+ attached_managed_policies(
198
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
199
+ )
200
+ end
201
+
202
+ user "mary", :path=>"/staff/" do
203
+ policy "S3" do
204
+ {"Statement"=>
205
+ [{"Action"=>
206
+ ["s3:Get*",
207
+ "s3:List*"],
208
+ "Effect"=>"Allow",
209
+ "Resource"=>"*"}]}
210
+ end
211
+
212
+ attached_managed_policies(
213
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
214
+ )
215
+ end
216
+
217
+ group "SES", :path=>"/ses/" do
218
+ policy "ses-policy" do
219
+ {"Statement"=>
220
+ [{"Effect"=>"Allow", "Action"=>"ses:SendRawEmail", "Resource"=>"*"}]}
221
+ end
222
+
223
+ attached_managed_policies(
224
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
225
+ )
226
+ end
227
+ RUBY
228
+ end
229
+
230
+ subject { client(exclude: [/Admin/, /^my-/]) }
231
+
232
+ it do
233
+ updated = apply(subject) { exclude_admin_and_my }
234
+ expect(updated).to be_falsey
235
+ end
236
+ end
237
+ end
@@ -2,7 +2,7 @@ describe 'Hash#sort_array!' do
2
2
  let(:hash) do
3
3
  {:users=>
4
4
  {"bob"=>
5
- {:path=>"/devloper/",
5
+ {:path=>"/developer/",
6
6
  :groups=>[],
7
7
  :policies=>
8
8
  {"S3"=>
@@ -19,7 +19,7 @@ describe 'Hash#sort_array!' do
19
19
  let(:expected_hash) do
20
20
  {:users=>
21
21
  {"bob"=>
22
- {:path=>"/devloper/",
22
+ {:path=>"/developer/",
23
23
  :groups=>[],
24
24
  :policies=>
25
25
  {"S3"=>
@@ -1,7 +1,7 @@
1
1
  describe 'ignore login profile' do
2
2
  let(:dsl) do
3
3
  <<-RUBY
4
- user "bob", :path=>"/devloper/" do
4
+ user "bob", :path=>"/developer/" do
5
5
  login_profile :password_reset_required=>true
6
6
 
7
7
  policy "S3" do
@@ -18,7 +18,7 @@ describe 'ignore login profile' do
18
18
 
19
19
  let(:update_dsl) do
20
20
  <<-RUBY
21
- user "bob", :path=>"/devloper/" do
21
+ user "bob", :path=>"/developer/" do
22
22
  login_profile :password_reset_required=>false
23
23
 
24
24
  policy "S3" do
@@ -37,7 +37,7 @@ describe 'ignore login profile' do
37
37
  let(:expected) do
38
38
  {:users=>
39
39
  {"bob"=>
40
- {:path=>"/devloper/",
40
+ {:path=>"/developer/",
41
41
  :groups=>[],
42
42
  :policies=>
43
43
  {"S3"=>
@@ -1,7 +1,7 @@
1
1
  describe 'update' do
2
2
  let(:dsl) do
3
3
  <<-RUBY
4
- user "bob", :path=>"/devloper/" do
4
+ user "bob", :path=>"/developer/" do
5
5
  login_profile :password_reset_required=>true
6
6
 
7
7
  groups(
@@ -74,7 +74,7 @@ describe 'update' do
74
74
  let(:expected) do
75
75
  {:users=>
76
76
  {"bob"=>
77
- {:path=>"/devloper/",
77
+ {:path=>"/developer/",
78
78
  :groups=>["Admin", "SES"],
79
79
  :attached_managed_policies=>[],
80
80
  :policies=>
@@ -139,7 +139,7 @@ describe 'update' do
139
139
  context 'when rename user' do
140
140
  let(:rename_user_dsl) do
141
141
  <<-RUBY
142
- user "bob2", :path=>"/devloper/", :renamed_from=>"bob" do
142
+ user "bob2", :path=>"/developer/", :renamed_from=>"bob" do
143
143
  login_profile :password_reset_required=>true
144
144
 
145
145
  groups(
@@ -222,7 +222,7 @@ describe 'update' do
222
222
  context 'when rename group' do
223
223
  let(:rename_group_dsl) do
224
224
  <<-RUBY
225
- user "bob", :path=>"/devloper/" do
225
+ user "bob", :path=>"/developer/" do
226
226
  login_profile :password_reset_required=>true
227
227
 
228
228
  groups(
@@ -306,7 +306,7 @@ describe 'update' do
306
306
  context 'when rename without renamed_from' do
307
307
  let(:rename_without_renamed_from_dsl) do
308
308
  <<-RUBY
309
- user "bob2", :path=>"/devloper/" do
309
+ user "bob2", :path=>"/developer/" do
310
310
  login_profile :password_reset_required=>true
311
311
 
312
312
  groups(
@@ -391,7 +391,7 @@ describe 'update' do
391
391
  context 'when rename role and instance_profile' do
392
392
  let(:rename_role_and_instance_profile_dsl) do
393
393
  <<-RUBY
394
- user "bob", :path=>"/devloper/" do
394
+ user "bob", :path=>"/developer/" do
395
395
  login_profile :password_reset_required=>true
396
396
 
397
397
  groups(
@@ -0,0 +1,185 @@
1
+ describe 'target option' do
2
+ let(:dsl) do
3
+ <<-RUBY
4
+ user "bob", :path=>"/developer/" do
5
+ login_profile :password_reset_required=>true
6
+
7
+ groups(
8
+ "Admin",
9
+ "SES"
10
+ )
11
+
12
+ policy "S3" do
13
+ {"Statement"=>
14
+ [{"Action"=>
15
+ ["s3:Get*",
16
+ "s3:List*"],
17
+ "Effect"=>"Allow",
18
+ "Resource"=>"*"}]}
19
+ end
20
+
21
+ attached_managed_policies(
22
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
23
+ )
24
+ end
25
+
26
+ user "mary", :path=>"/staff/" do
27
+ policy "S3" do
28
+ {"Statement"=>
29
+ [{"Action"=>
30
+ ["s3:Get*",
31
+ "s3:List*"],
32
+ "Effect"=>"Allow",
33
+ "Resource"=>"*"}]}
34
+ end
35
+
36
+ attached_managed_policies(
37
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
38
+ )
39
+ end
40
+
41
+ group "Admin", :path=>"/admin/" do
42
+ policy "Admin" do
43
+ {"Statement"=>[{"Effect"=>"Allow", "Action"=>"*", "Resource"=>"*"}]}
44
+ end
45
+
46
+ attached_managed_policies(
47
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
48
+ )
49
+ end
50
+
51
+ group "SES", :path=>"/ses/" do
52
+ policy "ses-policy" do
53
+ {"Statement"=>
54
+ [{"Effect"=>"Allow", "Action"=>"ses:SendRawEmail", "Resource"=>"*"}]}
55
+ end
56
+
57
+ attached_managed_policies(
58
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
59
+ )
60
+ end
61
+
62
+ role "my-role", :path=>"/any/" do
63
+ instance_profiles(
64
+ "my-instance-profile"
65
+ )
66
+
67
+ assume_role_policy_document do
68
+ {"Version"=>"2012-10-17",
69
+ "Statement"=>
70
+ [{"Sid"=>"",
71
+ "Effect"=>"Allow",
72
+ "Principal"=>{"Service"=>"ec2.amazonaws.com"},
73
+ "Action"=>"sts:AssumeRole"}]}
74
+ end
75
+
76
+ policy "role-policy" do
77
+ {"Statement"=>
78
+ [{"Action"=>
79
+ ["s3:Get*",
80
+ "s3:List*"],
81
+ "Effect"=>"Allow",
82
+ "Resource"=>"*"}]}
83
+ end
84
+
85
+ attached_managed_policies(
86
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
87
+ )
88
+ end
89
+
90
+ instance_profile "my-instance-profile", :path=>"/profile/"
91
+ RUBY
92
+ end
93
+
94
+ before(:each) do
95
+ apply { dsl }
96
+ end
97
+
98
+ context 'when target a user' do
99
+ let(:target_bob) do
100
+ <<-RUBY
101
+ user "bob", :path=>"/developer/" do
102
+ login_profile :password_reset_required=>true
103
+
104
+ groups(
105
+ "Admin",
106
+ "SES"
107
+ )
108
+
109
+ policy "S3" do
110
+ {"Statement"=>
111
+ [{"Action"=>
112
+ ["s3:Get*",
113
+ "s3:List*"],
114
+ "Effect"=>"Allow",
115
+ "Resource"=>"*"}]}
116
+ end
117
+
118
+ attached_managed_policies(
119
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
120
+ )
121
+ end
122
+ RUBY
123
+ end
124
+
125
+ subject { client(target: [/bob/]) }
126
+
127
+ it do
128
+ updated = apply(subject) { target_bob }
129
+ expect(updated).to be_falsey
130
+ end
131
+ end
132
+
133
+ context 'when target a group, a role and an instance profile' do
134
+ let(:target_admin_and_my) do
135
+ <<-RUBY
136
+ group "Admin", :path=>"/admin/" do
137
+ policy "Admin" do
138
+ {"Statement"=>[{"Effect"=>"Allow", "Action"=>"*", "Resource"=>"*"}]}
139
+ end
140
+
141
+ attached_managed_policies(
142
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
143
+ )
144
+ end
145
+
146
+ role "my-role", :path=>"/any/" do
147
+ instance_profiles(
148
+ "my-instance-profile"
149
+ )
150
+
151
+ assume_role_policy_document do
152
+ {"Version"=>"2012-10-17",
153
+ "Statement"=>
154
+ [{"Sid"=>"",
155
+ "Effect"=>"Allow",
156
+ "Principal"=>{"Service"=>"ec2.amazonaws.com"},
157
+ "Action"=>"sts:AssumeRole"}]}
158
+ end
159
+
160
+ policy "role-policy" do
161
+ {"Statement"=>
162
+ [{"Action"=>
163
+ ["s3:Get*",
164
+ "s3:List*"],
165
+ "Effect"=>"Allow",
166
+ "Resource"=>"*"}]}
167
+ end
168
+
169
+ attached_managed_policies(
170
+ "arn:aws:iam::aws:policy/AmazonElastiCacheReadOnlyAccess"
171
+ )
172
+ end
173
+
174
+ instance_profile "my-instance-profile", :path=>"/profile/"
175
+ RUBY
176
+ end
177
+
178
+ subject { client(target: [/Admin/, /^my-/]) }
179
+
180
+ it do
181
+ updated = apply(subject) { target_admin_and_my }
182
+ expect(updated).to be_falsey
183
+ end
184
+ end
185
+ end
@@ -1,7 +1,7 @@
1
1
  describe 'update' do
2
2
  let(:dsl) do
3
3
  <<-RUBY
4
- user "bob", :path=>"/devloper/" do
4
+ user "bob", :path=>"/developer/" do
5
5
  login_profile :password_reset_required=>true
6
6
 
7
7
  groups(
@@ -74,7 +74,7 @@ describe 'update' do
74
74
  let(:expected) do
75
75
  {:users=>
76
76
  {"bob"=>
77
- {:path=>"/devloper/",
77
+ {:path=>"/developer/",
78
78
  :groups=>["Admin", "SES"],
79
79
  :attached_managed_policies=>[],
80
80
  :policies=>
@@ -149,7 +149,7 @@ describe 'update' do
149
149
  context 'when update policy' do
150
150
  let(:update_policy_dsl) do
151
151
  <<-RUBY
152
- user "bob", :path=>"/devloper/" do
152
+ user "bob", :path=>"/developer/" do
153
153
  login_profile :password_reset_required=>true
154
154
 
155
155
  groups(
@@ -236,7 +236,7 @@ describe 'update' do
236
236
  context 'when update path' do
237
237
  let(:update_path_dsl) do
238
238
  <<-RUBY
239
- user "bob", :path=>"/devloper/" do
239
+ user "bob", :path=>"/developer/" do
240
240
  login_profile :password_reset_required=>true
241
241
 
242
242
  groups(
@@ -320,7 +320,7 @@ describe 'update' do
320
320
  context 'when update path (role, instance_profile)' do
321
321
  let(:cannot_update_path_dsl) do
322
322
  <<-RUBY
323
- user "bob", :path=>"/devloper/" do
323
+ user "bob", :path=>"/developer/" do
324
324
  login_profile :password_reset_required=>true
325
325
 
326
326
  groups(
@@ -409,7 +409,7 @@ describe 'update' do
409
409
  context 'when update assume_role_policy' do
410
410
  let(:update_assume_role_policy_dsl) do
411
411
  <<-RUBY
412
- user "bob", :path=>"/devloper/" do
412
+ user "bob", :path=>"/developer/" do
413
413
  login_profile :password_reset_required=>true
414
414
 
415
415
  groups(
@@ -492,7 +492,7 @@ describe 'update' do
492
492
  context 'when update groups' do
493
493
  let(:update_groups_dsl) do
494
494
  <<-RUBY
495
- user "bob", :path=>"/devloper/" do
495
+ user "bob", :path=>"/developer/" do
496
496
  login_profile :password_reset_required=>true
497
497
 
498
498
  groups(
@@ -580,7 +580,7 @@ describe 'update' do
580
580
  context 'when update login_profile' do
581
581
  let(:update_login_profile_dsl) do
582
582
  <<-RUBY
583
- user "bob", :path=>"/devloper/" do
583
+ user "bob", :path=>"/developer/" do
584
584
  login_profile :password_reset_required=>false
585
585
 
586
586
  groups(
@@ -663,7 +663,7 @@ describe 'update' do
663
663
  context 'when delete login_profile' do
664
664
  let(:delete_login_profile_dsl) do
665
665
  <<-RUBY
666
- user "bob", :path=>"/devloper/" do
666
+ user "bob", :path=>"/developer/" do
667
667
  groups(
668
668
  "Admin",
669
669
  "SES"
@@ -744,7 +744,7 @@ describe 'update' do
744
744
  context 'when delete policy' do
745
745
  let(:delete_policy_dsl) do
746
746
  <<-RUBY
747
- user "bob", :path=>"/devloper/" do
747
+ user "bob", :path=>"/developer/" do
748
748
  login_profile :password_reset_required=>true
749
749
 
750
750
  groups(
@@ -807,7 +807,7 @@ describe 'update' do
807
807
  context 'when update instance_profiles' do
808
808
  let(:update_instance_profiles_dsl) do
809
809
  <<-RUBY
810
- user "bob", :path=>"/devloper/" do
810
+ user "bob", :path=>"/developer/" do
811
811
  login_profile :password_reset_required=>true
812
812
 
813
813
  groups(
@@ -67,7 +67,7 @@ def tempfile(content, options = {})
67
67
  end
68
68
 
69
69
  def apply(cli = client)
70
- tempfile(yield) do |f|
70
+ result = tempfile(yield) do |f|
71
71
  begin
72
72
  cli.apply(f.path)
73
73
  rescue Aws::IAM::Errors::EntityTemporarilyUnmodifiable, Aws::IAM::Errors::Throttling, Aws::IAM::Errors::NoSuchEntity
@@ -77,6 +77,7 @@ def apply(cli = client)
77
77
  end
78
78
 
79
79
  sleep ENV['APPLY_WAIT'].to_i
80
+ result
80
81
  end
81
82
 
82
83
  def export(options = {})
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: miam
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.4.beta14
4
+ version: 0.2.4.beta15
5
5
  platform: ruby
6
6
  authors:
7
7
  - Genki Sugawara
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-08-31 00:00:00.000000000 Z
11
+ date: 2018-01-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core
@@ -224,9 +224,11 @@ files:
224
224
  - spec/miam/create_spec.rb
225
225
  - spec/miam/custom_managed_policy_spec.rb
226
226
  - spec/miam/delete_spec.rb
227
+ - spec/miam/exclude_spec.rb
227
228
  - spec/miam/hash_ext_spec.rb
228
229
  - spec/miam/ignore_login_profile_spec.rb
229
230
  - spec/miam/rename_spec.rb
231
+ - spec/miam/target_spec.rb
230
232
  - spec/miam/update_spec.rb
231
233
  - spec/spec_helper.rb
232
234
  homepage: https://github.com/codenize-tools/miam
@@ -249,7 +251,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
249
251
  version: 1.3.1
250
252
  requirements: []
251
253
  rubyforge_project:
252
- rubygems_version: 2.5.2
254
+ rubygems_version: 2.6.13
253
255
  signing_key:
254
256
  specification_version: 4
255
257
  summary: Miam is a tool to manage IAM.
@@ -258,8 +260,10 @@ test_files:
258
260
  - spec/miam/create_spec.rb
259
261
  - spec/miam/custom_managed_policy_spec.rb
260
262
  - spec/miam/delete_spec.rb
263
+ - spec/miam/exclude_spec.rb
261
264
  - spec/miam/hash_ext_spec.rb
262
265
  - spec/miam/ignore_login_profile_spec.rb
263
266
  - spec/miam/rename_spec.rb
267
+ - spec/miam/target_spec.rb
264
268
  - spec/miam/update_spec.rb
265
269
  - spec/spec_helper.rb