s3_master 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 1a92a30de3a30a8623d4927d25591d150f1176ee
+  data.tar.gz: 583016ca2200f580f6715027ce7bb246b5967607
+SHA512:
+  metadata.gz: 72877735cf2066a6a94bf5895f0cd40e79f4f4a7528ab67c7d2165baa6e4d1082a9ffaa97df40767ec37349fd5aaabf7d775636575e439bce685286f6946c1b8
+  data.tar.gz: 5fb481997e46cd71c96031e25df5548ed86d3b7c4ef699d752241f1434afc737309080713eb0e4960cfa3255d808a7449d5a76596306d139a647e75cf21ad94c

data/.gitignore

@@ -0,0 +1,13 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status
+.byebug_history
+Gemfile.lock

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.3.6
+before_install: gem install bundler -v 1.16.1

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at dave@steinbergcomputing.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

data/Gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in s3_master.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 Dave Steinberg
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,79 @@
+# s3_master - Manage policies on existing S3 buckets
+
+Inspired by [stack_master](https://github.com/envato/stack_master), `s3_master` aims to manage various policies on S3 buckets created outside of cloudformation.
+If your buckets were created via cloudformation, then you should use cfn to manage the policies.
+
+`s3_master` provides a simple diff/push workflow so policy documents can be stored in git and reconciled against AWS easily.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 's3_master'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install s3_master
+
+## Usage
+
+N.B. this is an alpha release!
+
+* Make a `policies` directory to hold your json policy documents.
+* Make a `s3_policies.yml` file like:
+
+```
+buckets:
+  bucket-a:
+    region: us-east-1
+    lifecycle: bucket-a/lifecycle.json
+    replication: bucket-a/replication.json
+    inventory:
+      all: bucket-a/inventory-all.json
+  bucket-b:
+    lifecycle: bucket-b/lifecycle.json
+    replication: bucket-b/replication.json
+
+```
+
+* Policies can be imported from S3 via the `fetch` subcommand.  Policies will be written to the file specified in the `s3_policies.yml`, e.g. for the above, running:
+
+`s3_master fetch bucket-a lifecycle`
+
+It would write out the current policy to `policies/bucket-a/lifecycle.json`
+
+* Policy changes are loaded to S3 via `apply`, e.g:
+
+`s3_master apply bucket-a lifecycle`
+
+A diff is shown and confirmation is requested by default.
+
+## TODO
+
+* Need some tests with `aruba`
+* Better warnings / error messages when the bucket requires a regional endpoint, and when an invalid policy-type is specified.
+* Make an init subcommand
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/bustle/s3_master. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).  [BDG Media](https://bustle.company/) sponsored this work. [Come work with us!](https://jobs.lever.co/bustle)
+
+## Code of Conduct
+
+Everyone interacting in the S3Master project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/bustle/s3_master/blob/master/CODE_OF_CONDUCT.md).

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "s3_master"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/s3_master

@@ -0,0 +1,7 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "s3_master"
+require "s3_master/cli"
+
+S3MasterCli.start

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/s3_master.rb

@@ -0,0 +1,8 @@
+require 's3_master/config'
+require 's3_master/local_policy'
+require 's3_master/policy_differ'
+require 's3_master/remote_policy'
+require "s3_master/version"
+
+module S3Master
+end

data/lib/s3_master/cli.rb

@@ -0,0 +1,112 @@
+require 'rubygems'
+require 'bundler/setup'
+
+require 'active_support/core_ext/hash'
+require 'aws-sdk-s3'
+require 'diffy'
+require 'json'
+require 'neatjson'
+require 'thor'
+require 'yaml'
+
+require 's3_master'
+
+Diffy::Diff.default_format = :color
+
+class S3MasterCli < Thor
+  include Thor::Shell
+
+  class_option "config-file".to_sym, type: :string, aliases: %w(c), default: "s3_policies.yml"
+  class_option "policy-dir".to_sym, type: :string, aliases: %w(d), default: "policies"
+  class_option :debug, type: :boolean
+  class_option :force, type: :boolean
+
+  desc "diff <bucket> <policy-type> [policy-id]", "Show differences between the current and the desired policy."
+  def diff(bucket, policy_type, policy_id=nil)
+    config = S3Master::Config.new(options[:"config-file"])
+
+    remote_policy = S3Master::RemotePolicy.new(bucket, policy_type, {id: policy_id, region: config.region(bucket)})
+    local_policy = S3Master::LocalPolicy.new(config, bucket, policy_type, options.merge(id: policy_id).symbolize_keys)
+
+    if options[:debug]
+      bkt = Aws::S3::Bucket.new(bucket)
+      puts "%s: %s" % [bkt.name, bkt.url]
+      puts "=== Remote Policy:\n%s" % [JSON.neat_generate(remote_policy.body, sort: true)]
+      puts "=== Local Policy:\n%s" % [JSON.neat_generate(local_policy.body, sort: true)]
+    end
+
+    policy_diff = S3Master::PolicyDiffer.new(remote_policy.body, local_policy.body)
+    prefix = "#{bucket}/#{policy_type}"
+    prefix += "/#{policy_id}" if policy_id
+
+    if policy_diff.identical?
+      puts "#{prefix}: Local and remote policies match."
+    else
+      puts "#{prefix} diff:\n%s" % [policy_diff.to_s]
+    end
+    policy_diff
+  end
+
+  desc "apply [<bucket>] [<policy-type>] [policy-id]", "Appies the local policy to the bucket."
+  def apply(cli_bucket=nil, cli_policy_type=nil, cli_policy_id=nil)
+    config = S3Master::Config.new(options[:"config-file"])
+    config.each do |bucket, policy_type, policy_id|
+      next if !cli_bucket.nil? && cli_bucket != bucket ||
+              !cli_policy_type.nil? && cli_policy_type != policy_type ||
+              !cli_policy_id.nil? && cli_policy_id != policy_id
+
+      policy_diff = diff(bucket, policy_type, policy_id)
+
+      next if policy_diff.identical? || ! (options[:force] || yes?("Proceed? (y/N)"))
+
+      local_policy = S3Master::LocalPolicy.new(config, bucket, policy_type, options.merge(id: policy_id).symbolize_keys)
+      remote_policy = S3Master::RemotePolicy.new(bucket, policy_type, {id: policy_id, region: config.region(bucket)})
+      remote_policy.write(local_policy)
+    end
+  end
+
+  desc "fetch <bucket> <policy-type> [policy-id]", "Retrieves the specified policy for the bucket and saves it in the config-specified file"
+  def fetch(buckets=nil, policy_types=S3Master::RemotePolicy::POLICY_TYPES, policy_id=nil)
+    config = S3Master::Config.new(options[:"config-file"])
+    buckets ||= config[:buckets].keys
+
+    Array(buckets).each do |bucket|
+      Array(policy_types).each do |policy_type|
+        next if ! S3Master::RemotePolicy.known_policy_type?(policy_type)
+        local_policy = S3Master::LocalPolicy.new(config, bucket, policy_type, options.merge(skip_load: true, id: policy_id).symbolize_keys)
+        remote_policy = S3Master::RemotePolicy.new(bucket, policy_type, {id: policy_id, region: config.region(bucket)})
+
+        if !local_policy.basename.nil?
+          local_policy.write(remote_policy)
+        else
+          puts "%s policy:\n%s" % [policy_type, remote_policy.pretty_body]
+        end
+      end
+    end
+  end
+
+  desc "status [<bucket>]", "Checks if the policies have differences"
+  def status(user_bucket=nil)
+    config = S3Master::Config.new(options[:"config-file"])
+
+    any_differences = false
+    config.each do |bucket, policy_type, policy_id|
+      next if !user_bucket.nil? && user_bucket != bucket
+      local_policy = S3Master::LocalPolicy.new(config, bucket, policy_type, options.merge(id: policy_id).symbolize_keys)
+      remote_policy = S3Master::RemotePolicy.new(bucket, policy_type, {id: policy_id, region: config.region(bucket)})
+
+      policy_diff = S3Master::PolicyDiffer.new(remote_policy.body, local_policy.body)
+      if !policy_diff.identical?
+        any_differences = true
+
+        if policy_id.nil?
+          puts "* %s: %s" % [bucket, policy_type]
+        else
+          puts "* %s: %s %s" % [bucket, policy_type, policy_id]
+        end
+      end
+    end
+
+    puts "No differences detected." if !any_differences
+  end
+end

data/lib/s3_master/config.rb

@@ -0,0 +1,46 @@
+require 'forwardable'
+
+module S3Master
+  class Config
+    include Enumerable
+    extend Forwardable
+
+    def_delegator :@cfg, :[]
+
+    def initialize(cfg_file)
+      @cfg = ActiveSupport::HashWithIndifferentAccess.new(YAML.load_file(cfg_file))
+    end
+
+    def region(bucket) @cfg[:buckets][bucket.to_s]["region"] ; end
+
+    def has_subpolicies?(bucket, policy_type)
+      @cfg[:buckets][bucket.to_s][policy_type.to_s].kind_of?(Hash)
+    end
+
+    def template_relname(bucket, policy_type, policy_id=nil)
+      if self.has_subpolicies?(bucket, policy_type)
+        raise(RuntimeError, "Bucket #{bucket} policy #{policy_type} has subpolicies so an id is required") if policy_id.nil?
+        @cfg[:buckets][bucket][policy_type][policy_id]
+      else
+        @cfg[:buckets][bucket][policy_type]
+      end
+    end
+
+    def policy_ids(bucket, policy_type)
+      subpolicy = @cfg[:buckets][bucket][policy_type]
+      policy_ids = subpolicy.kind_of?(Hash) ? subpolicy.keys : nil
+      policy_ids
+    end
+
+    def each(&block)
+      @cfg[:buckets].each_pair do |bucket, policy_types|
+        policy_types.each_pair do |policy_type, subpolicy|
+          next if ! S3Master::RemotePolicy.known_policy_type?(policy_type)
+          (policy_ids(bucket, policy_type) || [nil]).each do |policy_id|
+            block.call(bucket, policy_type, policy_id)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/s3_master/local_policy.rb

@@ -0,0 +1,47 @@
+module S3Master
+  class LocalPolicy
+    attr_reader :body
+
+    def initialize(cfg, bucket_name, policy_type, options={})
+      @config = cfg
+      @bucket_name = bucket_name
+      @policy_type = policy_type.to_sym
+      @options = options
+      @policy_id = options[:id]
+
+      if @config["buckets"][@bucket_name].nil?
+        raise(RuntimeError, "No bucket named '#{@bucket_name}' found in loaded config.")
+      end
+
+      load_policy if !options[:skip_load]
+    end
+
+    def preserve_keys?() S3Master::RemotePolicy::POLICIES[@policy_type][:preserve_keys] ; end
+    def empty?() @body.nil? || @body.empty? ; end
+    def pretty_body() JSON.neat_generate(body, sort: (self.preserve_keys? ? false : true)) ; end
+
+    def basename() @config.template_relname(@bucket_name, @policy_type, @policy_id) ; end
+    def path() File.join(@options[:"policy-dir"], self.basename) ; end
+
+    def load_policy
+      @body = if basename.nil? || basename == false
+                # Empty policy
+                {}
+              else
+                JSON.parse(File.binread(path))
+              end
+
+      if ! self.preserve_keys?
+        @body.deep_transform_keys!{|k| k.underscore.to_sym }
+      end
+
+      @body
+    end
+
+    def write(other_policy)
+      File.open(self.path, "wb") do |fh|
+        fh.puts other_policy.pretty_body
+      end
+    end
+  end
+end

data/lib/s3_master/policy_differ.rb

@@ -0,0 +1,22 @@
+require 'diffy'
+
+module S3Master
+  class PolicyDiffer
+    attr_reader :remote, :local, :diff
+
+    def initialize(remote_policy, local_policy)
+      @remote = remote_policy
+      @local = local_policy
+      compute_diff
+    end
+
+    def compute_diff
+      rj = JSON.neat_generate(@remote, sort: true)
+      lj = JSON.neat_generate(@local, sort: true)
+      @diff = Diffy::Diff.new(rj, lj, context: 7, include_diff_info: true)
+    end
+
+    def identical?() diff.to_s == "\n" ; end
+    def to_s() diff.to_s ; end
+  end
+end

data/lib/s3_master/remote_policy.rb

@@ -0,0 +1,126 @@
+require 'aws-sdk-s3'
+
+module S3Master
+  class RemotePolicy
+    attr_reader :body
+
+    POLICIES = {
+      lifecycle: {
+        get: :get_bucket_lifecycle_configuration,
+        put: :put_bucket_lifecycle_configuration,
+        delete: :delete_bucket_lifecycle,
+        policy_key: :lifecycle_configuration,
+      },
+      replication: {
+        get: :get_bucket_replication,
+        put: :put_bucket_replication,
+        delete: :delete_bucket_replication,
+        policy_merge: true,
+        ensure_versioning: true,
+      },
+      inventory: {
+        get: :get_bucket_inventory_configuration,
+        put: :put_bucket_inventory_configuration,
+        delete: :delete_bucket_inventory_configuration,
+        policy_merge: true,
+        requires_id: true,
+      },
+      access: {
+        get: :get_bucket_policy,
+        put: :put_bucket_policy,
+        delete: :delete_bucket_policy,
+        policy_key: :policy,
+        preserve_keys: true,
+      },
+      events: {
+        get: :get_bucket_notification_configuration,
+        put: :put_bucket_notification_configuration,
+        policy_key: :notification_configuration,
+      },
+    }
+    POLICY_TYPES = POLICIES.keys.freeze
+
+    NO_POLICY_EXCEPTIONS = [
+      Aws::S3::Errors::NoSuchBucketPolicy,
+      Aws::S3::Errors::NoSuchConfiguration,
+      Aws::S3::Errors::NoSuchLifecycleConfiguration,
+      Aws::S3::Errors::ReplicationConfigurationNotFoundError,
+    ]
+
+    def initialize(bucket_name, policy_type, options={})
+      @client = options[:region].nil? ? Aws::S3::Client.new() : Aws::S3::Client.new(region: options[:region])
+      @bucket_name = bucket_name
+      @policy_type = policy_type.to_sym
+      @options = options
+      raise(RuntimeError, "Policy type #{policy_type} not supported") if !POLICIES.has_key?(@policy_type)
+      load_policy
+    end
+
+    def policy_key() POLICIES[@policy_type][:policy_key] ; end
+    def parse_as_string() POLICIES[@policy_type][:parse_as_string] || false ; end
+
+    def inflate(read_policy)
+      if @policy_type == :access_policy
+        JSON.parse(read_policy[policy_key].string)
+      else
+        read_policy
+      end
+    end
+
+    def deflate(policy_hash)
+      case @policy_type
+      when :access_policy
+        policy_hash[policy_key] = JSON.generate(policy_hash[policy_key])
+      end
+      policy_hash
+    end
+
+    def load_policy
+      begin
+        args = base_args
+        @body = self.inflate(@client.send(POLICIES[@policy_type][:get], args).to_hash)
+      rescue *NO_POLICY_EXCEPTIONS => e
+        # No policy there currently
+        @body = {}
+      end
+    end
+
+    def pretty_body() JSON.neat_generate(body, sort: true) ; end
+
+    def write(local_policy)
+      args = base_args
+
+      if local_policy.empty? && POLICIES[@policy_type].has_key?(:delete)
+        @client.send(POLICIES[@policy_type][:delete], args)
+      else
+        if POLICIES[@policy_type][:ensure_versioning]
+          self.ensure_versioning!
+        end
+
+        if POLICIES[@policy_type][:policy_merge]
+          args.merge!(local_policy.body)
+        else
+          args[policy_key] = local_policy.body
+        end
+
+        @client.send(POLICIES[@policy_type][:put], self.deflate(args))
+      end
+    end
+
+    def ensure_versioning!
+      bkt = Aws::S3::Bucket.new(@bucket_name, client: @client)
+      bkt.versioning.status == "Enabled" || bkt.versioning.enable
+    end
+
+    def base_args
+      args = {bucket: @bucket_name}
+      if POLICIES[@policy_type][:requires_id]
+        args[:id] = @options[:id]
+      end
+      args
+    end
+
+    def self.known_policy_type?(policy) POLICIES.has_key?(policy.to_sym) ; end
+    def known_policy_type?(policy) self.class.known_policy_type(policy) ; end
+  end
+end

data/lib/s3_master/version.rb

@@ -0,0 +1,3 @@
+module S3Master
+  VERSION = "0.1.0"
+end

data/s3_master.gemspec

@@ -0,0 +1,33 @@
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "s3_master/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "s3_master"
+  spec.version       = S3Master::VERSION
+  spec.authors       = ["Dave Steinberg"]
+  spec.email         = ["dave@steinbergcomputing.com"]
+
+  spec.summary       = %q{Cohesive S3 bucket policy management}
+  spec.description   = %q{s3_master aims to provide a git-based workflow for managing policy documents on legacy (e.g. non-cloudformation) S3 buckets.}
+  spec.homepage      = "https://github.com/bustle/s3_master"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features|bin/console|bin/setup)/})
+  end
+  spec.bindir        = "bin"
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "byebug"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+
+  spec.add_dependency "activesupport", ">= 4.0"
+  spec.add_dependency "aws-sdk-s3", "~> 1"
+  spec.add_dependency "diffy"
+  spec.add_dependency "neatjson"
+  spec.add_dependency "thor"
+end

metadata

@@ -0,0 +1,193 @@
+--- !ruby/object:Gem::Specification
+name: s3_master
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Dave Steinberg
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-07-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '4.0'
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-s3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: diffy
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: neatjson
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: thor
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: s3_master aims to provide a git-based workflow for managing policy documents
+  on legacy (e.g. non-cloudformation) S3 buckets.
+email:
+- dave@steinbergcomputing.com
+executables:
+- console
+- s3_master
+- setup
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- CODE_OF_CONDUCT.md
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/s3_master
+- bin/setup
+- lib/s3_master.rb
+- lib/s3_master/cli.rb
+- lib/s3_master/config.rb
+- lib/s3_master/local_policy.rb
+- lib/s3_master/policy_differ.rb
+- lib/s3_master/remote_policy.rb
+- lib/s3_master/version.rb
+- s3_master.gemspec
+homepage: https://github.com/bustle/s3_master
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.11
+signing_key: 
+specification_version: 4
+summary: Cohesive S3 bucket policy management
+test_files: []