miam 0.2.4.beta6 → 0.2.4.beta7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +3 -0
- data/lib/miam/client.rb +3 -1
- data/lib/miam/driver.rb +8 -0
- data/lib/miam/password_manager.rb +23 -4
- data/lib/miam/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a48f60383843d58e523391cf18996058900b0205
|
|
4
|
+
data.tar.gz: f05847ff927569a484ed599b9991074a064c8c23
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9f4e17cf7fef45786c8a17bde2baa1d4617222ccaf426d804972d7c101ce671fbccfd99adb2234c6063dd0615a22f5eadff668aab045ea4bcd2499483273fdfb
|
|
7
|
+
data.tar.gz: e2fbcbb019ac76e637960bb758bc33600683e78810d066ef9f5f11369e0721185343ac2a0b44b5a37e67ed6ac9d8ed8aff89cc1bf523dd07187adf45714f2f75
|
data/README.md
CHANGED
|
@@ -22,6 +22,9 @@ It defines the state of IAM using DSL, and updates IAM according to DSL.
|
|
|
22
22
|
* Sort policy array
|
|
23
23
|
* `>= 0.2.3`
|
|
24
24
|
* Support Custom Managed Policy
|
|
25
|
+
* `>= 0.2.4`
|
|
26
|
+
* Fix for Password Policy ([RP#22](https://github.com/winebarrel/miam/pull/22))
|
|
27
|
+
* Fix `--target` option for Policies ([RP#21](https://github.com/winebarrel/miam/pull/21))
|
|
25
28
|
|
|
26
29
|
## Installation
|
|
27
30
|
|
data/lib/miam/client.rb
CHANGED
|
@@ -129,7 +129,7 @@ class Miam::Client
|
|
|
129
129
|
end
|
|
130
130
|
|
|
131
131
|
if expected_login_profile and not actual_login_profile
|
|
132
|
-
expected_login_profile[:password] ||= @password_manager.identify(user_name, :login_profile)
|
|
132
|
+
expected_login_profile[:password] ||= @password_manager.identify(user_name, :login_profile, @driver.password_policy)
|
|
133
133
|
@driver.create_login_profile(user_name, expected_login_profile)
|
|
134
134
|
updated = true
|
|
135
135
|
elsif not expected_login_profile and actual_login_profile
|
|
@@ -445,6 +445,7 @@ class Miam::Client
|
|
|
445
445
|
updated = false
|
|
446
446
|
|
|
447
447
|
expected.each do |policy_name, expected_attrs|
|
|
448
|
+
next unless target_matched?(policy_name)
|
|
448
449
|
actual_attrs = actual.delete(policy_name)
|
|
449
450
|
|
|
450
451
|
if actual_attrs
|
|
@@ -479,6 +480,7 @@ class Miam::Client
|
|
|
479
480
|
updated = false
|
|
480
481
|
|
|
481
482
|
actual.each do |policy_name, actual_attrs|
|
|
483
|
+
next unless target_matched?(policy_name)
|
|
482
484
|
@driver.delete_managed_policy(policy_name, actual_attrs[:path])
|
|
483
485
|
updated = true
|
|
484
486
|
end
|
data/lib/miam/driver.rb
CHANGED
|
@@ -438,6 +438,14 @@ class Miam::Driver
|
|
|
438
438
|
end
|
|
439
439
|
end
|
|
440
440
|
|
|
441
|
+
def password_policy
|
|
442
|
+
return @password_policy if instance_variable_defined?(:@password_policy)
|
|
443
|
+
|
|
444
|
+
@password_policy = @iam.get_account_password_policy.password_policy
|
|
445
|
+
rescue Aws::IAM::Errors::NoSuchEntity
|
|
446
|
+
@password_policy = nil
|
|
447
|
+
end
|
|
448
|
+
|
|
441
449
|
private
|
|
442
450
|
|
|
443
451
|
def encode_document(policy_document)
|
|
@@ -1,13 +1,19 @@
|
|
|
1
1
|
class Miam::PasswordManager
|
|
2
2
|
include Miam::Logger::Helper
|
|
3
3
|
|
|
4
|
+
LOWERCASES = ('a'..'z').to_a
|
|
5
|
+
UPPERCASES = ('A'..'Z').to_a
|
|
6
|
+
NUMBERS = ('0'..'9').to_a
|
|
7
|
+
SYMBOLS = "!@\#$%^&*()_+-=[]{}|'".split(//)
|
|
8
|
+
|
|
4
9
|
def initialize(output, options = {})
|
|
5
10
|
@output = output
|
|
6
11
|
@options = options
|
|
7
12
|
end
|
|
8
13
|
|
|
9
|
-
def identify(user, type)
|
|
10
|
-
password = mkpasswd
|
|
14
|
+
def identify(user, type, policy)
|
|
15
|
+
password = mkpasswd(policy)
|
|
16
|
+
log(:info, "mkpasswd: #{password}")
|
|
11
17
|
puts_password(user, type, password)
|
|
12
18
|
password
|
|
13
19
|
end
|
|
@@ -22,8 +28,21 @@ class Miam::PasswordManager
|
|
|
22
28
|
|
|
23
29
|
private
|
|
24
30
|
|
|
25
|
-
def mkpasswd(
|
|
26
|
-
|
|
31
|
+
def mkpasswd(policy)
|
|
32
|
+
chars = []
|
|
33
|
+
len = 8
|
|
34
|
+
|
|
35
|
+
if policy
|
|
36
|
+
len = policy.minimum_password_length if policy.minimum_password_length > len
|
|
37
|
+
chars << LOWERCASES.shuffle.first if policy.require_lowercase_characters
|
|
38
|
+
chars << UPPERCASES.shuffle.first if policy.require_uppercase_characters
|
|
39
|
+
chars << NUMBERS.shuffle.first if policy.require_numbers
|
|
40
|
+
chars << SYMBOLS.shuffle.first if policy.require_symbols
|
|
41
|
+
|
|
42
|
+
len -= chars.length
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
(chars + [*1..9, *'A'..'Z', *'a'..'z'].shuffle.slice(0, len)).shuffle.join
|
|
27
46
|
end
|
|
28
47
|
|
|
29
48
|
def open_output
|
data/lib/miam/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: miam
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.4.
|
|
4
|
+
version: 0.2.4.beta7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Genki Sugawara
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-11-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|