miam 0.2.4.beta6 → 0.2.4.beta7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -0
- data/lib/miam/client.rb +3 -1
- data/lib/miam/driver.rb +8 -0
- data/lib/miam/password_manager.rb +23 -4
- data/lib/miam/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a48f60383843d58e523391cf18996058900b0205
|
|
4
|
+
data.tar.gz: f05847ff927569a484ed599b9991074a064c8c23
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9f4e17cf7fef45786c8a17bde2baa1d4617222ccaf426d804972d7c101ce671fbccfd99adb2234c6063dd0615a22f5eadff668aab045ea4bcd2499483273fdfb
|
|
7
|
+
data.tar.gz: e2fbcbb019ac76e637960bb758bc33600683e78810d066ef9f5f11369e0721185343ac2a0b44b5a37e67ed6ac9d8ed8aff89cc1bf523dd07187adf45714f2f75
|
data/README.md
CHANGED
|
@@ -22,6 +22,9 @@ It defines the state of IAM using DSL, and updates IAM according to DSL.
|
|
|
22
22
|
* Sort policy array
|
|
23
23
|
* `>= 0.2.3`
|
|
24
24
|
* Support Custom Managed Policy
|
|
25
|
+
* `>= 0.2.4`
|
|
26
|
+
* Fix for Password Policy ([RP#22](https://github.com/winebarrel/miam/pull/22))
|
|
27
|
+
* Fix `--target` option for Policies ([RP#21](https://github.com/winebarrel/miam/pull/21))
|
|
25
28
|
|
|
26
29
|
## Installation
|
|
27
30
|
|
data/lib/miam/client.rb
CHANGED
|
@@ -129,7 +129,7 @@ class Miam::Client
|
|
|
129
129
|
end
|
|
130
130
|
|
|
131
131
|
if expected_login_profile and not actual_login_profile
|
|
132
|
-
expected_login_profile[:password] ||= @password_manager.identify(user_name, :login_profile)
|
|
132
|
+
expected_login_profile[:password] ||= @password_manager.identify(user_name, :login_profile, @driver.password_policy)
|
|
133
133
|
@driver.create_login_profile(user_name, expected_login_profile)
|
|
134
134
|
updated = true
|
|
135
135
|
elsif not expected_login_profile and actual_login_profile
|
|
@@ -445,6 +445,7 @@ class Miam::Client
|
|
|
445
445
|
updated = false
|
|
446
446
|
|
|
447
447
|
expected.each do |policy_name, expected_attrs|
|
|
448
|
+
next unless target_matched?(policy_name)
|
|
448
449
|
actual_attrs = actual.delete(policy_name)
|
|
449
450
|
|
|
450
451
|
if actual_attrs
|
|
@@ -479,6 +480,7 @@ class Miam::Client
|
|
|
479
480
|
updated = false
|
|
480
481
|
|
|
481
482
|
actual.each do |policy_name, actual_attrs|
|
|
483
|
+
next unless target_matched?(policy_name)
|
|
482
484
|
@driver.delete_managed_policy(policy_name, actual_attrs[:path])
|
|
483
485
|
updated = true
|
|
484
486
|
end
|
data/lib/miam/driver.rb
CHANGED
|
@@ -438,6 +438,14 @@ class Miam::Driver
|
|
|
438
438
|
end
|
|
439
439
|
end
|
|
440
440
|
|
|
441
|
+
def password_policy
|
|
442
|
+
return @password_policy if instance_variable_defined?(:@password_policy)
|
|
443
|
+
|
|
444
|
+
@password_policy = @iam.get_account_password_policy.password_policy
|
|
445
|
+
rescue Aws::IAM::Errors::NoSuchEntity
|
|
446
|
+
@password_policy = nil
|
|
447
|
+
end
|
|
448
|
+
|
|
441
449
|
private
|
|
442
450
|
|
|
443
451
|
def encode_document(policy_document)
|
|
@@ -1,13 +1,19 @@
|
|
|
1
1
|
class Miam::PasswordManager
|
|
2
2
|
include Miam::Logger::Helper
|
|
3
3
|
|
|
4
|
+
LOWERCASES = ('a'..'z').to_a
|
|
5
|
+
UPPERCASES = ('A'..'Z').to_a
|
|
6
|
+
NUMBERS = ('0'..'9').to_a
|
|
7
|
+
SYMBOLS = "!@\#$%^&*()_+-=[]{}|'".split(//)
|
|
8
|
+
|
|
4
9
|
def initialize(output, options = {})
|
|
5
10
|
@output = output
|
|
6
11
|
@options = options
|
|
7
12
|
end
|
|
8
13
|
|
|
9
|
-
def identify(user, type)
|
|
10
|
-
password = mkpasswd
|
|
14
|
+
def identify(user, type, policy)
|
|
15
|
+
password = mkpasswd(policy)
|
|
16
|
+
log(:info, "mkpasswd: #{password}")
|
|
11
17
|
puts_password(user, type, password)
|
|
12
18
|
password
|
|
13
19
|
end
|
|
@@ -22,8 +28,21 @@ class Miam::PasswordManager
|
|
|
22
28
|
|
|
23
29
|
private
|
|
24
30
|
|
|
25
|
-
def mkpasswd(
|
|
26
|
-
|
|
31
|
+
def mkpasswd(policy)
|
|
32
|
+
chars = []
|
|
33
|
+
len = 8
|
|
34
|
+
|
|
35
|
+
if policy
|
|
36
|
+
len = policy.minimum_password_length if policy.minimum_password_length > len
|
|
37
|
+
chars << LOWERCASES.shuffle.first if policy.require_lowercase_characters
|
|
38
|
+
chars << UPPERCASES.shuffle.first if policy.require_uppercase_characters
|
|
39
|
+
chars << NUMBERS.shuffle.first if policy.require_numbers
|
|
40
|
+
chars << SYMBOLS.shuffle.first if policy.require_symbols
|
|
41
|
+
|
|
42
|
+
len -= chars.length
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
(chars + [*1..9, *'A'..'Z', *'a'..'z'].shuffle.slice(0, len)).shuffle.join
|
|
27
46
|
end
|
|
28
47
|
|
|
29
48
|
def open_output
|
data/lib/miam/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: miam
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.4.
|
|
4
|
+
version: 0.2.4.beta7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Genki Sugawara
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-11-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|