practice_terraforming 0.1.3 → 0.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4510b6b15bd49f015c16da4633554e11faed8e43
-  data.tar.gz: 07e6b2fd44fd6a531d30ed90b95c6c5eef9e8487
+  metadata.gz: b42585c37ce1598af09698143df455795bca85f1
+  data.tar.gz: 49986467336da38ef6b73b87083e21ef5509704c
 SHA512:
-  metadata.gz: f33ef2d0902a23427eac11f2a922d1708987f4aadd7dd552d77e56c373b8cd75b7ad980cecad9988c6d2085c058a5a7664939f42c5ad71d8925e6db9b02afa55
-  data.tar.gz: dd33fef40a74793bd1e271c966e5f5f57534ffdc864a7152e92bad22a6737fd52379835631b51b8744f65f0d8823c3229be1dc7deef23cbdbd23659c4c5f7ea9
+  metadata.gz: fef6df2db079223937804390f0e8907234b4a704d58d38a706f2a78a45bf3265ecfe0fc76e01a05866ececfafd116500db1c7498dc8cbda5182331bd8d834d52
+  data.tar.gz: 0c92d2943898a7b4c4ca3cf7cb81fe6f5abac565eccc85a5eb583dc0f101723fb395a8d3d8f7b215a0e63e6ce0c2aa8b88b8e6bd4a3250e75c2da07c1d0ba0b2

data/README.md

@@ -2,11 +2,13 @@
 
 # PracticeTerraforming
 
-This is just for practice!
+## Description
+
+This is just for practice! There's not `IAMRolePolicyAttachment`, `IAMUserPolicyAttachment` and `IAMGroupPolicyAttachment` in the original repo. So, I implemented them and also sent pull requests. This repo is used to check before sending those pull requests.
 
 ## Installation
 
-Add this line to your application's Gemfile:
+Add this line to your application's Gemfile (https://rubygems.org/gems/practice_terraforming):
 
 ```ruby
 gem 'practice_terraforming'
@@ -32,7 +34,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/practice_terraforming. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+Bug reports and pull requests are welcome on GitHub at https://github.com/nakamasato/practice_terraforming. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
 
 ## License
 
@@ -40,7 +42,7 @@ The gem is available as open source under the terms of the [MIT License](https:/
 
 ## Code of Conduct
 
-Everyone interacting in the PracticeTerraforming project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/practice_terraforming/blob/master/CODE_OF_CONDUCT.md).
+Everyone interacting in the PracticeTerraforming project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/nakamasato/practice_terraforming/blob/master/CODE_OF_CONDUCT.md).
 
 # How I created this
 
@@ -104,46 +106,46 @@ Wrote dependencies with `spec.add_dependency` and `spec.add_development_dependen
 
 ## Create Resource
 
-0. generate templates with `script/generate`
+`. generate templates with `script/generate`
 
-```
-script/generate iam_policy_attachment
-==> Generate iam_policy_attachment.rb
-==> Generate iam_policy_attachment_spec.rb
-==> Generate iam_policy_attachment.erb
+    ```
+    script/generate iam_policy_attachment
+    ==> Generate iam_policy_attachment.rb
+    ==> Generate iam_policy_attachment_spec.rb
+    ==> Generate iam_policy_attachment.erb
 
-Add below code by hand.
+    Add below code by hand.
 
-lib/practice_terraforming.rb:
+    lib/practice_terraforming.rb:
 
-    require "practice_terraforming/resource/iam_policy_attachment"
+        require "practice_terraforming/resource/iam_policy_attachment"
 
-lib/practice_terraforming/cli.rb:
+    lib/practice_terraforming/cli.rb:
 
-    module PracticeTerraforming
-      class CLI < Thor
+        module PracticeTerraforming
+          class CLI < Thor
 
-        # Subcommand name should be acronym.
-        desc "iam_policy_attachment", "Iam Policy Attachment"
-        def iam_policy_attachment
-          execute(PracticeTerraforming::Resource::IamPolicyAttachment, options)
-        end
+            # Subcommand name should be acronym.
+            desc "iam_policy_attachment", "Iam Policy Attachment"
+            def iam_policy_attachment
+              execute(PracticeTerraforming::Resource::IamPolicyAttachment, options)
+            end
 
-spec/lib/practice_terraforming/cli_spec.rb:
+    spec/lib/practice_terraforming/cli_spec.rb:
 
-    module PracticeTerraforming
-      describe CLI do
-        context "resources" do
-        describe "iam_policy_attachment" do
-          let(:klass)   { PracticeTerraforming::Resource::IamPolicyAttachment }
-          let(:command) { :iam_policy_attachment }
+        module PracticeTerraforming
+          describe CLI do
+            context "resources" do
+            describe "iam_policy_attachment" do
+              let(:klass)   { PracticeTerraforming::Resource::IamPolicyAttachment }
+              let(:command) { :iam_policy_attachment }
 
-          it_behaves_like "CLI examples"
-        end
-```
+              it_behaves_like "CLI examples"
+            end
+    ```
 
 1. As the message says, add those codes.
-2. `lib/practice_terraforming/resource/iam_policy_attachment.rb`: Change Aws client and write logic in `tfstate` method
+1. `lib/practice_terraforming/resource/iam_policy_attachment.rb`: Change Aws client and write logic in `tfstate` method
 
     Use aws-sdk-<resource> to get the input data and write the logic to generate tf/tfstate file.
     1. tf -> only need to update the template file, which appears in the next step
@@ -153,7 +155,7 @@ spec/lib/practice_terraforming/cli_spec.rb:
       - <api method name, e.g. entities_for_policy> -> get the resource info with aws-sdk
       - other -> make a list of resources to be used in `tfstate` method
 
-3. `lib/practice_terraforming/template/tf/iam_policy_attachment.erb`: Update the erb based on the corresponding terraform resource.
+1. `lib/practice_terraforming/template/tf/iam_policy_attachment.erb`: Update the erb based on the corresponding terraform resource.
 
     ```
     <% iam_policy_attachments.each do |policy_attachment| -%>
@@ -168,53 +170,53 @@ spec/lib/practice_terraforming/cli_spec.rb:
     <% end -%>
     ```
 
-4. `spec/lib/practice_terraforming/resource/iam_policy_attachment_spec.rb`: Change Aws client and write test for tf and tfstate
+1. `spec/lib/practice_terraforming/resource/iam_policy_attachment_spec.rb`: Change Aws client and write test for tf and tfstate
 
     Test Perspective:
     1. Create aws sdk result using stub.
     2. Use the module to generate tf/tfstate.
     3. Compare expected one and generated one.
-    ```
-    irb(main):007:0> client.list_policies.policies[0]
-    => #<struct Aws::IAM::Types::Policy policy_name="test-policy", policy_id="ABCDEFG", arn="arn:aws:iam::123456789:policy/test-policy", path="/", default_version_id="v1", attachment_count=1, permissions_boundary_usage_count=0, is_attachable=true, description=nil, create_date=2019-01-01 00:00:00 UTC, update_date=2019-01-02 00:00:00 UTC>
-client.list_entities_for_policy(policy_arn: "arn:aws:iam::351540792571:policy/ai-suggest-batch-user-policy")
-    irb(main):008:0> client.list_entities_for_policy(policy_arn: "arn:aws:iam::123456789:policy/test-policy")
-    => #<struct Aws::IAM::Types::ListEntitiesForPolicyResponse policy_groups=[#<struct Aws::IAM::Types::PolicyGroup group_name="test-group", group_id="ABCDEFG">], policy_users=[], policy_roles=[], is_truncated=false, marker=nil>
-    ```
 
-    ```
-    let(:policies) do
-       [
+        ```
+        irb(main):007:0> client.list_policies.policies[0]
+        => #<struct Aws::IAM::Types::Policy policy_name="test-policy", policy_id="ABCDEFG", arn="arn:aws:iam::123456789:policy/test-policy", path="/", default_version_id="v1", attachment_count=1, permissions_boundary_usage_count=0, is_attachable=true, description=nil, create_date=2019-01-01 00:00:00 UTC, update_date=2019-01-02 00:00:00 UTC>
+        irb(main):008:0> client.list_entities_for_policy(policy_arn: "arn:aws:iam::123456789:policy/test-policy")
+        => #<struct Aws::IAM::Types::ListEntitiesForPolicyResponse policy_groups=[#<struct Aws::IAM::Types::PolicyGroup group_name="test-group", group_id="ABCDEFG">], policy_users=[], policy_roles=[], is_truncated=false, marker=nil>
+        ```
+
+        ```
+        let(:policies) do
+           [
+              {
+                policy_name: "test-policy",
+                policy_id: "ABCDEFG",
+                arn: "arn:aws:iam::123456789:policy/test-policy",
+                path: "/",
+                default_version_id: "v1",
+                attachment_count: 1,
+                is_attachable: true,
+                create_date: Time.parse("2019-01-01 00:00:00 UTC"),
+                update_date: Time.parse("2019-01-02 00:00:00 UTC"),
+                description: nil,
+              }
+            ]
+        end
+
+        let(:entities_for_policy) do
           {
-            policy_name: "test-policy",
-            policy_id: "ABCDEFG",
-            arn: "arn:aws:iam::123456789:policy/test-policy",
-            path: "/",
-            default_version_id: "v1",
-            attachment_count: 1,
-            is_attachable: true,
-            create_date: Time.parse("2019-01-01 00:00:00 UTC"),
-            update_date: Time.parse("2019-01-02 00:00:00 UTC"),
-            description: nil,
-          }
-        ]
-    end
-
-    let(:entities_for_policy) do
-      {
-        policy_groups: [
-          { group_name: "test-group",  group_id: "ABCDEFG" },
-        ],
-        policy_users: [],
-        policy_roles: [],
-      }
-    end
-
-    before do
-      client.stub_responses(:list_policies, policies: policies)
-      client.stub_responses(:list_entities_for_policy, [entities_for_policy])
-    end
-    ```
+            policy_groups: [
+              { group_name: "test-group",  group_id: "ABCDEFG" },
+            ],
+            policy_users: [],
+            policy_roles: [],
+         }
+        end
+
+        before do
+          client.stub_responses(:list_policies, policies: policies)
+          client.stub_responses(:list_entities_for_policy, [entities_for_policy])
+        end
+        ```
 
 ## Install on local
 
@@ -245,7 +247,10 @@ Done installing documentation for practice_terraforming after 0 seconds
 practice_terraforming
 Commands:
   practice_terraforming help [COMMAND]  # Describe available commands or one specific command
+  practice_terraforming iampa           # Iam Policy Attachment
   practice_terraforming iamr            # Iam Role
+  practice_terraforming iamrpa          # Iam Role Policy Attachment
+  practice_terraforming iamupa          # Iam User Policy Attachment
   practice_terraforming s3              # S3
 
 Options:
@@ -257,3 +262,11 @@ Options:
   [--assume=ASSUME]                              # Role ARN to assume
   [--use-bundled-cert], [--no-use-bundled-cert]  # Use the bundled CA certificate from AWS SDK
 ```
+
+## Table for aws-sdk and terraforming
+
+|terraforming resource|aws-sdk|
+|---|---|
+|IAMRolePolicyAttachment|`list_roles` and `list_attached_role_policies` for all extracted roles |
+|IAMGroupPolicyAttachment|`list_users` and `list_attached_user_policies` for all extracted users|
+|IAMGroupPolicyAttachment|`list_groups` and `list_attached_group_policies` for all extracted groups|

data/lib/practice_terraforming/cli.rb

@@ -33,6 +33,11 @@ module PracticeTerraforming
       execute(PracticeTerraforming::Resource::IamRolePolicyAttachment, options)
     end
 
+    desc "iamupa", "Iam User Policy Attachment"
+    def iamupa
+      execute(PracticeTerraforming::Resource::IAMUserPolicyAttachment, options)
+    end
+
     private
 
     def configure_aws(options)

data/lib/practice_terraforming/resource/iam_user_policy_attachment.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+module PracticeTerraforming
+  module Resource
+    class IAMUserPolicyAttachment
+      include PracticeTerraforming::Util
+
+      # TODO: Select appropriate Client class from here:
+      # http://docs.aws.amazon.com/sdkforruby/api/index.html
+      def self.tf(client: Aws::IAM::Client.new)
+        self.new(client).tf
+      end
+
+      # TODO: Select appropriate Client class from here:
+      # http://docs.aws.amazon.com/sdkforruby/api/index.html
+      def self.tfstate(client: Aws::IAM::Client.new)
+        self.new(client).tfstate
+      end
+
+      def initialize(client)
+        @client = client
+      end
+
+      def tf
+        apply_template(@client, "tf/iam_user_policy_attachment")
+      end
+
+      def tfstate
+        iam_user_policy_attachments.inject({}) do |resources, user_policy_attachment|
+          attributes = {
+            "id" => user_policy_attachment[:name],
+            "policy_arn" => user_policy_attachment[:policy_arn],
+            "user" => user_policy_attachment[:user]
+          }
+          resources["aws_iam_user_policy_attachment.#{module_name_of(user_policy_attachment)}"] = {
+            "type" => "aws_iam_user_policy_attachment",
+            "primary" => {
+              "id" => user_policy_attachment[:name],
+              "attributes" => attributes
+            }
+          }
+
+          resources
+        end
+      end
+
+      private
+
+      def attachment_name_from(user, policy)
+        "#{user.user_name}-#{policy.policy_name}-attachment"
+      end
+
+      def iam_users
+        @client.list_users.map(&:users).flatten
+      end
+
+      def policies_attached_to(user)
+        @client.list_attached_user_policies(user_name: user.user_name).attached_policies
+      end
+
+      def iam_user_policy_attachments
+        iam_users.map do |user|
+          policies_attached_to(user).map do |policy|
+            {
+              user: user.user_name,
+              policy_arn: policy.policy_arn,
+              name: attachment_name_from(user, policy)
+            }
+          end
+        end.flatten
+      end
+
+      def module_name_of(user_policy_attachment)
+        normalize_module_name(user_policy_attachment[:name])
+      end
+    end
+  end
+end

data/lib/practice_terraforming/template/tf/iam_user_policy_attachment.erb

@@ -0,0 +1,7 @@
+<% iam_user_policy_attachments.each do |user_policy_attachment| -%>
+resource "aws_iam_user_policy_attachment" "<%= module_name_of(user_policy_attachment) %>" {
+    policy_arn = "<%= user_policy_attachment[:policy_arn] %>"
+    user       = "<%= user_policy_attachment[:user] %>"
+}
+
+<% end -%>

data/lib/practice_terraforming/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PracticeTerraforming
-  VERSION = '0.1.3'
+  VERSION = '0.1.4'
 end

data/lib/practice_terraforming.rb

@@ -12,5 +12,6 @@ require 'practice_terraforming/version'
 require "practice_terraforming/cli"
 require "practice_terraforming/resource/iam_role"
 require "practice_terraforming/resource/iam_role_policy_attachment"
+require "practice_terraforming/resource/iam_user_policy_attachment"
 require "practice_terraforming/resource/iam_policy_attachment"
 require "practice_terraforming/resource/s3"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: practice_terraforming
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - masatonaka
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-10 00:00:00.000000000 Z
+date: 2019-12-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-iam
@@ -161,10 +161,12 @@ files:
 - lib/practice_terraforming/resource/iam_policy_attachment.rb
 - lib/practice_terraforming/resource/iam_role.rb
 - lib/practice_terraforming/resource/iam_role_policy_attachment.rb
+- lib/practice_terraforming/resource/iam_user_policy_attachment.rb
 - lib/practice_terraforming/resource/s3.rb
 - lib/practice_terraforming/template/tf/iam_policy_attachment.erb
 - lib/practice_terraforming/template/tf/iam_role.erb
 - lib/practice_terraforming/template/tf/iam_role_policy_attachment.erb
+- lib/practice_terraforming/template/tf/iam_user_policy_attachment.erb
 - lib/practice_terraforming/template/tf/s3.erb
 - lib/practice_terraforming/util.rb
 - lib/practice_terraforming/version.rb