sfn 2.1.0 → 2.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4dc5791789b8e7f511712d9d81e8352f8e4780db
-  data.tar.gz: e98faf54dde7e50b2677e6cd8eb11cb5f07c55b1
+  metadata.gz: ef688f38c0f0be5810c525cd37e77d5a4216756a
+  data.tar.gz: 1f3e4f9a893e376b9c7e77fda5f1e495e27df905
 SHA512:
-  metadata.gz: e6d304c36c90b3776397d17a940a3e3a8eab174c9492f84151f6f96f2a78b8d176b3db05a204bf08c447603ed39ea5af65a7d4f1ef54ac6230e6c69312967ff7
-  data.tar.gz: 1d25448614c1252fd5d66644e33d028c9b4eef596347ea7c373758ca0bfebf68dcec906424d83b06083c7253abd8efda1b280e37716531e234065679f80a15af
+  metadata.gz: be3015b69f844371bff9588753a0cec1b9ca1dfb05cb957106583e62ed8a5a9b4284b052938ddb53ace50c8f85f0a73a4884b0131c2948a5d49693f41d3a88d7
+  data.tar.gz: ae268210135a9b5bbc406a1c7684a5e560f16548b21f2b29bd3c8164c66ffe0668c189f995a4c27f86797047f997c3ef3be12d809135b229f86cf3ac049b9225

data/CHANGELOG.md

@@ -1,3 +1,12 @@
+# v2.1.2
+* [enhancement] Include parameter name on error output when failed to receive (#116)
+* [enhancement] Rescue planner errors and notify user. Allow update to proceed (#124)
+* [feature] Add built-in callback for AWS MFA support (#123)
+* [fix] Compare parameters values on updates as String type (#126)
+* [fix] Remove policy modification on stack delete within AWS (#127)
+* [feature] Support optional stack policy removal prior to update (#127)
+* [feature] Add built-in callback for AWS Assume Role credential caching (#128)
+
 # v2.1.0
 * [fix] Use SparkleFormation::Collection helper to ensure proper pack ordering (#115)
 * [fix] Set minimum constraint on sparkle_formation library to 2.1.2

data/docs/callbacks.md

@@ -6,6 +6,10 @@ anchors:
     url: "#enabling-callbacks"
   - title: "Builtin Callbacks"
     url: "#builtin-callbacks"
+  - title: "Custom Callbacks"
+    url: "#custom-callbacks"
+  - title: "Addon Callbacks"
+    url: "#addon-callbacks"
 ---
 
 ## Callbacks
@@ -20,7 +24,7 @@ are generally invoked in two places:
 There are also callbacks available prior to the execution
 of a command. These can also be isolated to specific commands:
 
-* `before_config` - Prior to the execution of the command.
+* `after_config` - Prior to the execution of the command.
 
 ### Enabling Callbacks
 
@@ -76,8 +80,127 @@ end
 
 Builtin callbacks distributed with `sfn`:
 
+* AWS Assume Role
+* AWS MFA
 * Stack Policy
 
+#### AWS Assume Role
+
+When assuming a role via STS on AWS a temporary set of credentials and token
+are generated for use. This callback will cache these credentials for re-use
+to prevent re-generation of temporary credentials on every command request.
+
+To enable the callback:
+
+~~~ruby
+Configuration.new do
+  callbacks do
+    default ['aws_assume_role']
+  end
+end
+~~~
+
+Once temporary credentials have been generated, the callback will store the credentials
+within a file in the working directory named `.sfn-aws`. This path can be modified via
+configuration:
+
+~~~ruby
+Configuration.new do
+  aws_assume_role do
+    cache_file '/custom/path/to/file'
+  end
+end
+~~~
+
+Loading and storage of credentials will only occur if a role is provided to assume. Given
+a configuration of:
+
+~~~ruby
+Configuration.new do
+  callbacks.default 'aws_assume_role'
+  credentials do
+    aws_sts_role_arn ENV['AWS_STS_ROLE']
+  end
+end
+~~~
+
+The callback will be enabled when the environment variable is provided:
+
+~~~
+$ AWS_STS_ROLE="arn:...MY_ROLE" sfn list
+~~~
+
+and will not be enabled when the environment variable is not provided:
+
+~~~
+$ sfn list
+~~~
+
+It can also be disabled/enabled via configuration setting:
+
+~~~ruby
+Configuration.new do
+  aws_assume_role.status 'enabled'
+end
+~~~
+
+#### AWS Multifactor Authentication
+
+Support for MFA within AWS can be provided using the AWS MFA callback. It will
+prompt for an MFA token code which is then used to generate the new session.
+
+To enable the callback:
+
+~~~ruby
+Configuration.new do
+  callbacks do
+    default ['aws_mfa']
+  end
+end
+~~~
+
+The default virtual MFA device ARN will be used when creating the new session. If a
+non-default virutal MFA device or a hardware device is being used, set the device
+serial number with the configuration:
+
+~~~ruby
+Configuration.new do
+  credentials do
+    provider :aws
+    aws_sts_mfa_serial_number 'DEVICE_IDENTIFIER'
+  end
+end
+~~~
+
+After a session has been successfully created, the callback will store the session
+token and credentials within a file in the working directory named `.sfn-aws`. This
+path can be configured via configuration:
+
+~~~ruby
+Configuration.new do
+  aws_mfa do
+    cache_file '/custom/path/to/file'
+  end
+end
+~~~
+
+Use of MFA may be conditional based on actions performed. For easier toggling of
+MFA usage, a configuration value can be used to enable or disable MFA:
+
+~~~ruby
+Configuration.new do
+  aws_mfa do
+    cache_file ENV.fetch('SFN_MFA', 'enabled')
+  end
+end
+~~~
+
+With this configuration, MFA usage can be easily disabled:
+
+~~~
+$ SFN_MFA=disabled sfn list
+~~~
+
 #### Stack Policy Callback
 
 The Stack Policy Callback utilizes the [policy feature](http://www.sparkleformation.io/docs/sparkle_formation/stack-policies.html)
@@ -94,6 +217,18 @@ Configuration.new do
 end
 ~~~
 
+By default a stack policy is not disabled when an update command is run. This may
+require multiple update commands to be run first disabling the existing policy, then
+running the actual update. Stack policies can be automatically removed prior to update
+allowing the stack to be properly updated with the newly generated policy applied on
+completion. To disable the stack policy on update, add this to your configuration:
+
+~~~ruby
+Configuration.new do
+  stack_policy.update 'defenseless'
+end
+~~~
+
 ### Custom Callbacks
 
 To create a custom callback define a new class within the callback namespace
@@ -156,3 +291,55 @@ Configuration.new do
   callbacks.after ['custom_callback']
 end
 ~~~
+
+The sfn command will output a notification to the user before a callback is
+run, and after it has completed. This may be too verbose for some callbacks.
+A callback may disable this output using the `quiet` method:
+
+```ruby
+module Sfn
+  class Callback
+    class MyCallback < Callback
+
+      def quiet
+        true
+      end
+
+    end
+  end
+end
+```
+
+### Addon Callbacks
+
+#### Usage
+
+Addon callbacks must be installed to the local bundle, or the system depending
+on usage type.
+
+For bundle usage, add the callback to the Gemfile:
+
+~~~ruby
+gem 'sfn-callback-name'
+~~~
+
+For system usage, install the gem:
+
+~~~
+$ gem install sfn-callback-name
+~~~
+
+#### Callbacks
+
+##### sfn-parameters
+
+Manage stack parameters via files within the project repository.
+
+* https://github.com/sparkleformation/sfn-parameters
+
+##### sfn-serverspec
+
+Define Serverspec rules directly on resources within templates
+and automatically run after success stack creation or update.
+
+* https://github.com/sparkleformation/sfn-serverspec

data/lib/sfn/callback.rb

@@ -4,6 +4,8 @@ module Sfn
   # Interface for injecting custom functionality
   class Callback
 
+    autoload :AwsAssumeRole, 'sfn/callback/aws_assume_role'
+    autoload :AwsMfa, 'sfn/callback/aws_mfa'
     autoload :StackPolicy, 'sfn/callback/stack_policy'
 
     # @return [Bogo::Ui]

data/lib/sfn/callback/aws_assume_role.rb

@@ -0,0 +1,93 @@
+require 'sfn'
+
+module Sfn
+  class Callback
+    # Support for AWS STS role credential caching
+    class AwsAssumeRole < Callback
+
+      # Items to cache in local file
+      STS_STORE_ITEMS = [
+        :aws_sts_token,
+        :aws_sts_access_key_id,
+        :aws_sts_secret_access_key,
+        :aws_sts_token_expires
+      ]
+
+      # Prevent callback output to user
+      def quiet
+        true
+      end
+
+      # Inject STS related configuration into
+      # API provider credentials
+      def after_config(*_)
+        if(enabled? && config.fetch(:credentials, :aws_sts_role_arn))
+          load_stored_session
+        end
+      end
+
+      # Store session token if available for
+      # later use
+      def after(*_)
+        if(enabled?)
+          if(api.connection.aws_sts_role_arn && api.connection.aws_sts_token)
+            path = config.fetch(:aws_assume_role, :cache_file, '.sfn-aws')
+            FileUtils.touch(path)
+            File.chmod(0600, path)
+            values = load_stored_values(path)
+            STS_STORE_ITEMS.map do |key|
+              values[key] = api.connection.data[key]
+            end
+            File.open(path, 'w') do |file|
+              file.puts MultiJson.dump(values)
+            end
+          end
+        end
+      end
+
+      # @return [TrueClass, FalseClass]
+      def enabled?
+        config.fetch(:aws_assume_role, :status, 'enabled').to_s == 'enabled'
+      end
+
+      # Load stored configuration data into the api connection
+      #
+      # @return [TrueClass, FalseClass]
+      def load_stored_session
+        path = config.fetch(:aws_assume_role, :cache_file, '.sfn-aws')
+        if(File.exists?(path))
+          values = load_stored_values(path)
+          STS_STORE_ITEMS.each do |key|
+            api.connection.data[key] = values[key]
+          end
+          if(values[:aws_sts_token_expires])
+            begin
+              api.connection.data[:aws_sts_token_expires] = Time.parse(values[:aws_sts_token_expires])
+            rescue
+            end
+          end
+          true
+        else
+          false
+        end
+      end
+
+      # Load stored values
+      #
+      # @param path [String]
+      # @return [Hash]
+      def load_stored_values(path)
+        begin
+          if(File.exists?(path))
+            MultiJson.load(File.read(path)).to_smash
+          else
+            Smash.new
+          end
+        rescue MultiJson::ParseError
+          Smash.new
+        end
+      end
+
+    end
+  end
+end

data/lib/sfn/callback/aws_mfa.rb

@@ -0,0 +1,102 @@
+require 'sfn'
+
+module Sfn
+  class Callback
+    # Support for AWS MFA
+    class AwsMfa < Callback
+
+      # Items to cache in local file
+      SESSION_STORE_ITEMS = [
+        :aws_sts_session_token,
+        :aws_sts_session_access_key_id,
+        :aws_sts_session_secret_access_key,
+        :aws_sts_session_token_expires
+      ]
+
+      # Prevent callback output to user
+      def quiet
+        true
+      end
+
+      # Inject MFA related configuration into
+      # API provider credentials
+      def after_config(*_)
+        if(enabled?)
+          load_stored_session
+          api.connection.aws_sts_session_token_code = method(:prompt_for_code)
+        end
+      end
+
+      # Store session token if available for
+      # later use
+      def after(*_)
+        if(enabled?)
+          if(api.connection.aws_sts_session_token)
+            path = config.fetch(:aws_mfa, :cache_file, '.sfn-aws')
+            FileUtils.touch(path)
+            File.chmod(0600, path)
+            values = load_stored_values(path)
+            SESSION_STORE_ITEMS.map do |key|
+              values[key] = api.connection.data[key]
+            end
+            File.open(path, 'w') do |file|
+              file.puts MultiJson.dump(values)
+            end
+          end
+        end
+      end
+
+      # @return [TrueClass, FalseClass]
+      def enabled?
+        config.fetch(:aws_mfa, :status, 'enabled').to_s == 'enabled'
+      end
+
+      # Load stored configuration data into the api connection
+      #
+      # @return [TrueClass, FalseClass]
+      def load_stored_session
+        path = config.fetch(:aws_mfa, :cache_file, '.sfn-aws')
+        if(File.exists?(path))
+          values = load_stored_values(path)
+          SESSION_STORE_ITEMS.each do |key|
+            api.connection.data[key] = values[key]
+          end
+          if(values[:aws_sts_session_token_expires])
+            begin
+              api.connection.data[:aws_sts_session_token_expires] = Time.parse(values[:aws_sts_session_token_expires])
+            rescue
+            end
+          end
+          true
+        else
+          false
+        end
+      end
+
+      # Load stored values
+      #
+      # @param path [String]
+      # @return [Hash]
+      def load_stored_values(path)
+        begin
+          if(File.exists?(path))
+            MultiJson.load(File.read(path)).to_smash
+          else
+            Smash.new
+          end
+        rescue MultiJson::ParseError
+          Smash.new
+        end
+      end
+
+      # Request MFA code from user
+      #
+      # @return [String]
+      def prompt_for_code
+        result = ui.ask 'AWS MFA code', :valid => /^\d{6}$/
+        result.strip
+      end
+
+    end
+  end
+end

data/lib/sfn/callback/stack_policy.rb

@@ -41,18 +41,20 @@ module Sfn
       alias_method :after_create, :submit_policy
       alias_method :after_update, :submit_policy
 
-      # Update all policies to allow resource destruction
-      def before_destroy(args)
-        ui.warn 'All policies will be disabled for stack destruction!'
-        ui.confirm 'Continue with stack destruction'
-        stack = args[:api_stack]
-        ([stack] + stack.nested_stacks).compact.each do |p_stack|
-          @policies[p_stack.name] = DEFENSELESS_POLICY
-          run_action "Disabling stack policy for #{ui.color(p_stack.name, :yellow)}" do
-            save_stack_policy(p_stack)
+      # Disable all existing policies prior to update
+      #
+      # @param args [Hash]
+      def before_update(args)
+        if(config.get(:stack_policy, :update).to_s == 'defenseless')
+          ui.warn 'Disabling all stack policies for update.'
+          stack = args[:api_stack]
+          ([stack] + stack.nested_stacks).compact.each do |p_stack|
+            @policies[p_stack.name] = DEFENSELESS_POLICY
+            run_action "Disabling stack policy for #{ui.color(p_stack.name, :yellow)}" do
+              save_stack_policy(p_stack)
+            end
           end
         end
-        ui.warn "Policy modification for deletion not currently enabled!"
       end
 
       # Generate stack policy for stack and cache for the after hook

data/lib/sfn/command/inspect.rb

@@ -15,7 +15,7 @@ module Sfn
         stack = provider.connection.stacks.get(stack_name)
         ui.info "Stack inspection #{ui.color(stack_name, :bold)}:"
         outputs = api_action!(:api_stack => stack) do
-          [:attribute, :nodes, :instance_failure].map do |key|
+          [:attribute, :nodes, :load_balancers, :instance_failure].map do |key|
             if(config.has_key?(key))
               send("display_#{key}", stack)
               key
@@ -160,6 +160,30 @@ module Sfn
         end
       end
 
+      def display_load_balancers(stack)
+        load_balancers = Smash[
+          stack.resources.all.find_all do |resource|
+            resource.within?(:load_balancer, :balancers)
+          end.map do |lb|
+            exp_lb = lb.expand
+            lb_pub_addrs = exp_lb.public_addresses.nil? ? nil : exp_lb.public_addresses.map(&:address)
+            lb_priv_addrs = exp_lb.private_addresses.nil? ? nil : exp_lb.private_addresses.map(&:address)
+            [lb.id, Smash.new(
+              :name => exp_lb.name,
+              :state => exp_lb.state,
+              :public_addresses => lb_pub_addrs,
+              :private_addresses => lb_priv_addrs,
+              :server_states => exp_lb.server_states
+            ).delete_if {|k,v| v.nil?}
+            ]
+          end
+        ]
+        unless load_balancers.empty?
+          ui.info '  Load Balancer Instances:'
+          ui.puts MultiJson.dump(load_balancers, :pretty => true)
+        end
+      end
+
     end
   end
 end

data/lib/sfn/command/list.rb

@@ -11,7 +11,7 @@ module Sfn
       def execute!
         ui.table(self) do
           table(:border => false) do
-            stacks = get_stacks
+            stacks = api_action!{ get_stacks }
             row(:header => true) do
 
               allowed_attributes.each do |attr|

data/lib/sfn/command/update.rb

@@ -87,12 +87,18 @@ module Sfn
             update_template = stack.template
 
             if(config[:plan])
-              stack.template = original_template
-              stack.parameters = original_parameters
-              plan = build_planner(stack)
-              if(plan)
-                result = plan.generate_plan(file, config_root_parameters)
-                display_plan_information(result)
+              begin
+                stack.template = original_template
+                stack.parameters = original_parameters
+                plan = build_planner(stack)
+                if(plan)
+                  result = plan.generate_plan(file, config_root_parameters)
+                  display_plan_information(result)
+                end
+              rescue => e
+                ui.error "Unexpected error when generating plan information: #{e.class} - #{e}"
+                ui.debug "#{e.class}: #{e}\n#{e.backtrace.join("\n")}"
+                ui.confirm 'Continue with stack update?'
               end
             end
 

data/lib/sfn/command_module/callbacks.rb

@@ -31,14 +31,14 @@ module Sfn
         clbks = types.map do |c_type|
           callbacks_for(c_type)
         end.flatten(1).compact.uniq.each do |item|
-          callback_name, callback = item
-          ui.info "Callback #{ui.color(type.to_s, :bold)} #{callback_name}: #{ui.color('starting', :yellow)}"
+          callback_name, callback, quiet = item
+          ui.info "Callback #{ui.color(type.to_s, :bold)} #{callback_name}: #{ui.color('starting', :yellow)}" unless quiet
           if(args.empty?)
             callback.call
           else
             callback.call(*args)
           end
-          ui.info "Callback #{ui.color(type.to_s, :bold)} #{callback_name}: #{ui.color('complete', :green)}"
+          ui.info "Callback #{ui.color(type.to_s, :bold)} #{callback_name}: #{ui.color('complete', :green)}" unless quiet
         end
         nil
       end
@@ -59,7 +59,7 @@ module Sfn
             end
           end
           if(instance.respond_to?(type))
-            [c_name, instance.method(type)]
+            [c_name, instance.method(type), instance.respond_to?(:quiet) ? instance.quiet : false]
           end
         end.compact
       end

data/lib/sfn/command_module/stack.rb

@@ -257,7 +257,7 @@ module Sfn
           else
             current_value = c_value
           end
-          if(current_value && current_value != stack_value)
+          if(current_value && current_value.to_s != stack_value.to_s)
             ui.warn 'Nested stack has been altered directly! This update may cause unexpected modifications!'
             ui.warn "Stack name: #{c_stack.name}. Parameter: #{p_key}. Current value: #{stack_value}. Expected value: #{current_value} (via: #{c_value.inspect})"
             answer = ui.ask_question("Use current value or expected value for #{p_key} [current/expected]?", :valid => ['current', 'expected'])

data/lib/sfn/command_module/template.rb

@@ -67,7 +67,7 @@ module Sfn
             end
             if(result.nil? || (result.respond_to?(:empty?) && result.empty?))
               if(attempts > MAX_PARAMETER_ATTEMPTS)
-                ui.fatal 'Failed to receive allowed parameter!'
+                ui.fatal "Failed to receive allowed parameter! (Parameter: #{p_name})"
                 exit 1
               else
                 ui.error "Invalid value provided for parameter. Must be type: `#{p_config[:type].to_s.capitalize}`"

data/lib/sfn/config/inspect.rb

@@ -16,6 +16,11 @@ module Sfn
         :description => 'Locate all instances and display addresses',
         :short_flag => 'n'
       )
+      attribute(
+        :load_balancers, [TrueClass, FalseClass],
+        :description => 'Locate all load balancers, display addresses and server states',
+        :short_flag => 'l'
+      )
       attribute(
         :instance_failure, [TrueClass, FalseClass],
         :description => 'Display log file error from failed not if possible',

data/lib/sfn/planner/aws.rb

@@ -335,7 +335,7 @@ module Sfn
               resource_name = p_path[1]
               property_name = p_path[3].sub(/\[\d+\]$/, '')
               type = templates[:origin]['Resources'][resource_name]['Type']
-              info = SfnAws.registry[type]
+              info = SfnAws.registry.fetch(type, {})
               effect = info[:full_properties].fetch(property_name, {}).fetch(:update_causes, :unknown).to_sym
               resource = Smash.new(
                 :name => resource_name,

data/lib/sfn/version.rb

@@ -1,4 +1,4 @@
 module Sfn
   # Current library version
-  VERSION = Gem::Version.new('2.1.0')
+  VERSION = Gem::Version.new('2.1.2')
 end

data/sfn.gemspec

@@ -11,9 +11,11 @@ Gem::Specification.new do |s|
   s.license = 'Apache-2.0'
   s.require_path = 'lib'
   s.add_runtime_dependency 'bogo-cli', '>= 0.2.0', '< 0.4'
-  s.add_runtime_dependency 'miasma', '>= 0.2.27', '< 0.4'
-  s.add_runtime_dependency 'miasma-aws', '>= 0.2.0', '< 0.4'
+  s.add_runtime_dependency 'miasma', '>= 0.3.0', '< 0.4'
+  s.add_runtime_dependency 'miasma-aws', '>= 0.3.0', '< 0.4'
   s.add_runtime_dependency 'miasma-azure', '>= 0.1.0', '< 0.3'
+  s.add_runtime_dependency 'miasma-open-stack', '>= 0.1.0', '< 0.3'
+  s.add_runtime_dependency 'miasma-rackspace', '>= 0.1.0', '< 0.3'
   s.add_runtime_dependency 'net-ssh'
   s.add_runtime_dependency 'sparkle_formation', '>= 2.1.2', '< 3'
   s.add_runtime_dependency 'hashdiff', '~> 0.2.2'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sfn
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.1.2
 platform: ruby
 authors:
 - Chris Roberts
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-05 00:00:00.000000000 Z
+date: 2016-02-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bogo-cli
@@ -36,7 +36,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.2.27
+        version: 0.3.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '0.4'
@@ -46,7 +46,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.2.27
+        version: 0.3.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '0.4'
@@ -56,7 +56,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.2.0
+        version: 0.3.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '0.4'
@@ -66,7 +66,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.2.0
+        version: 0.3.0
     - - "<"
       - !ruby/object:Gem::Version
         version: '0.4'
@@ -90,6 +90,46 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '0.3'
+- !ruby/object:Gem::Dependency
+  name: miasma-open-stack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+- !ruby/object:Gem::Dependency
+  name: miasma-rackspace
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '0.3'
 - !ruby/object:Gem::Dependency
   name: net-ssh
   requirement: !ruby/object:Gem::Requirement
@@ -220,6 +260,8 @@ files:
 - lib/sfn.rb
 - lib/sfn/cache.rb
 - lib/sfn/callback.rb
+- lib/sfn/callback/aws_assume_role.rb
+- lib/sfn/callback/aws_mfa.rb
 - lib/sfn/callback/stack_policy.rb
 - lib/sfn/command.rb
 - lib/sfn/command/conf.rb