sumomo 0.4.0 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/data/sumomo/custom_resources/DeployTime.js +1 -2
- data/data/sumomo/custom_resources/OriginAccessIdentity.js +115 -0
- data/exe/sumomo +6 -0
- data/lib/sumomo.rb +2 -0
- data/lib/sumomo/ec2.rb +5 -4
- data/lib/sumomo/ecs.rb +136 -14
- data/lib/sumomo/network.rb +39 -1
- data/lib/sumomo/stack.rb +6 -0
- data/lib/sumomo/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1840367c723c373796e9a822b5c5e148a35bd609
|
|
4
|
+
data.tar.gz: f9a20e064f13018ce49868289243eb95c893dd96
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cdfdedee63e23f076103f0de8a0e7c2f945830d254c57587668d8a0065d04ff7894205210b0c45f54c941303f6e3e5af75f8b44e0a9b8bfa47a1c8ce2a9ff087
|
|
7
|
+
data.tar.gz: 56333dd662ec58d5c426d40a8b2d1837aa78c0547f523bd175cc611fbdf79d59f5bd54fecb86ecfd3e7d6634fe675faff12bb09e1490c22f6a89afd7b08067a6
|
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
|
|
2
1
|
if (request.RequestType == "Create")
|
|
3
2
|
{
|
|
4
3
|
Cloudformation.send(request, context, Cloudformation.SUCCESS, {}, "Success", String((new Date).getTime()));
|
|
@@ -12,4 +11,4 @@ if (request.RequestType == "Update")
|
|
|
12
11
|
if (request.RequestType == "Delete")
|
|
13
12
|
{
|
|
14
13
|
Cloudformation.send(request, context, Cloudformation.SUCCESS, {}, "Success", String((new Date).getTime()));
|
|
15
|
-
}
|
|
14
|
+
}
|
|
@@ -0,0 +1,115 @@
|
|
|
1
|
+
|
|
2
|
+
var cloudfront = new aws.CloudFront({region: request.ResourceProperties.Region});
|
|
3
|
+
|
|
4
|
+
function randomIntInc (low, high)
|
|
5
|
+
{
|
|
6
|
+
return Math.floor(Math.random() * (high - low + 1) + low);
|
|
7
|
+
}
|
|
8
|
+
|
|
9
|
+
function randomNumber()
|
|
10
|
+
{
|
|
11
|
+
var numbers = new Array(10);
|
|
12
|
+
for (var i = 0; i < numbers.length; i++)
|
|
13
|
+
{
|
|
14
|
+
numbers[i] = randomIntInc(1,10);
|
|
15
|
+
}
|
|
16
|
+
return numbers.join("");
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
function request_identity(ref, onSuccess, onError)
|
|
20
|
+
{
|
|
21
|
+
var params = {
|
|
22
|
+
CloudFrontOriginAccessIdentityConfig: {
|
|
23
|
+
CallerReference: ref,
|
|
24
|
+
Comment: request.ResourceProperties.Comment || "No Comment Specified"
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
cloudfront.createCloudFrontOriginAccessIdentity(params, function(err, data) {
|
|
29
|
+
if (err)
|
|
30
|
+
{
|
|
31
|
+
onError(err);
|
|
32
|
+
}
|
|
33
|
+
else
|
|
34
|
+
{
|
|
35
|
+
onSuccess(data);
|
|
36
|
+
}
|
|
37
|
+
});
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
if (request.RequestType == "Create")
|
|
41
|
+
{
|
|
42
|
+
var ref = randomNumber();
|
|
43
|
+
store.put("oai_ref", ref, function() {
|
|
44
|
+
request_identity(ref,
|
|
45
|
+
function(data)
|
|
46
|
+
{
|
|
47
|
+
console.log(data);
|
|
48
|
+
Cloudformation.send(request, context, Cloudformation.SUCCESS, {
|
|
49
|
+
Id: data.CloudFrontOriginAccessIdentity.Id,
|
|
50
|
+
S3CanonicalUserId: data.CloudFrontOriginAccessIdentity.S3CanonicalUserId
|
|
51
|
+
}, "Success", "origin-access-identity/cloudfront/" + data.CloudFrontOriginAccessIdentity.Id);
|
|
52
|
+
|
|
53
|
+
}, function(err)
|
|
54
|
+
{
|
|
55
|
+
console.log(err, err.stack);
|
|
56
|
+
Cloudformation.send(request, context, Cloudformation.FAILED, {}, "Error: " + err);
|
|
57
|
+
});
|
|
58
|
+
}, function(err) {
|
|
59
|
+
Cloudformation.send(request, context, Cloudformation.FAILED, {}, "Cannot Store OAI Reference");
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
if (request.RequestType == "Update")
|
|
64
|
+
{
|
|
65
|
+
store.get("oai_ref", function(ref) {
|
|
66
|
+
request_identity(ref,
|
|
67
|
+
function(data)
|
|
68
|
+
{
|
|
69
|
+
console.log(data);
|
|
70
|
+
Cloudformation.send(request, context, Cloudformation.SUCCESS, {
|
|
71
|
+
Id: data.CloudFrontOriginAccessIdentity.Id,
|
|
72
|
+
S3CanonicalUserId: data.CloudFrontOriginAccessIdentity.S3CanonicalUserId
|
|
73
|
+
}, "Success", "origin-access-identity/cloudfront/" + data.CloudFrontOriginAccessIdentity.Id);
|
|
74
|
+
|
|
75
|
+
}, function(err)
|
|
76
|
+
{
|
|
77
|
+
console.log(err, err.stack);
|
|
78
|
+
Cloudformation.send(request, context, Cloudformation.FAILED, {}, "Error: " + err);
|
|
79
|
+
});
|
|
80
|
+
}, function(err) {
|
|
81
|
+
Cloudformation.send(request, context, Cloudformation.FAILED, {}, "Cannot Load OAI Reference");
|
|
82
|
+
});
|
|
83
|
+
}
|
|
84
|
+
|
|
85
|
+
if (request.RequestType == "Delete")
|
|
86
|
+
{
|
|
87
|
+
store.get("oai_ref", function(ref) {
|
|
88
|
+
request_identity(ref,
|
|
89
|
+
function(data)
|
|
90
|
+
{
|
|
91
|
+
var params = {
|
|
92
|
+
Id: data.CloudFrontOriginAccessIdentity.Id,
|
|
93
|
+
};
|
|
94
|
+
cloudfront.deleteCloudFrontOriginAccessIdentity(params, function(err, data) {
|
|
95
|
+
if (err)
|
|
96
|
+
{
|
|
97
|
+
console.log(err, err.stack);
|
|
98
|
+
Cloudformation.send(request, context, Cloudformation.FAILED, {}, "Error: " + err);
|
|
99
|
+
}
|
|
100
|
+
else
|
|
101
|
+
{
|
|
102
|
+
Cloudformation.send(request, context, Cloudformation.SUCCESS, {}, "Success", "" );
|
|
103
|
+
}
|
|
104
|
+
});
|
|
105
|
+
|
|
106
|
+
}, function(err)
|
|
107
|
+
{
|
|
108
|
+
console.log(err, err.stack);
|
|
109
|
+
Cloudformation.send(request, context, Cloudformation.FAILED, {}, "Error: " + err);
|
|
110
|
+
});
|
|
111
|
+
|
|
112
|
+
}, function(err) {
|
|
113
|
+
Cloudformation.send(request, context, Cloudformation.FAILED, {}, "Cannot Load OAI Reference");
|
|
114
|
+
});
|
|
115
|
+
}
|
data/exe/sumomo
CHANGED
|
@@ -13,10 +13,16 @@ global_opts = Trollop::options do
|
|
|
13
13
|
USAGE
|
|
14
14
|
|
|
15
15
|
opt :region, "AWS region to use", type: :string, default: "ap-northeast-1"
|
|
16
|
+
opt :profile, "AWS credential profile to use", type: :string, default: "default"
|
|
16
17
|
|
|
17
18
|
stop_on SUB_COMMANDS
|
|
18
19
|
end
|
|
19
20
|
|
|
21
|
+
ENV["AWS_PROFILE"] = global_opts[:profile]
|
|
22
|
+
|
|
23
|
+
puts "Using profile:"
|
|
24
|
+
p ENV["AWS_PROFILE"]
|
|
25
|
+
|
|
20
26
|
cmd = ARGV.shift # get the subcommand
|
|
21
27
|
|
|
22
28
|
cmd_opts = case cmd
|
data/lib/sumomo.rb
CHANGED
data/lib/sumomo/ec2.rb
CHANGED
|
@@ -10,7 +10,7 @@ module Sumomo
|
|
|
10
10
|
end)
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
def
|
|
13
|
+
def allow_port(thing)
|
|
14
14
|
if (thing == :all)
|
|
15
15
|
{
|
|
16
16
|
"IpProtocol" => "-1",
|
|
@@ -270,6 +270,7 @@ sudo aws s3 cp s3://#{@bucket_name}/uploads/#{name} #{local_path}
|
|
|
270
270
|
docker_email:"",
|
|
271
271
|
docker_password: "",
|
|
272
272
|
eip:nil,
|
|
273
|
+
policies:[],
|
|
273
274
|
&block)
|
|
274
275
|
|
|
275
276
|
if ami_name == nil
|
|
@@ -290,8 +291,8 @@ sudo aws s3 cp s3://#{@bucket_name}/uploads/#{name} #{local_path}
|
|
|
290
291
|
|
|
291
292
|
task_script = tasks.script
|
|
292
293
|
|
|
293
|
-
ingress ||= [
|
|
294
|
-
egress ||= [
|
|
294
|
+
ingress ||= [ allow_port(:all) ]
|
|
295
|
+
egress ||= [ allow_port(:all) ]
|
|
295
296
|
machine_tag ||= ref("AWS::StackName")
|
|
296
297
|
name ||= make_default_resource_name("AutoScalingGroup")
|
|
297
298
|
script ||= ""
|
|
@@ -393,7 +394,7 @@ aws ec2 associate-address --region `cat /etc/aws_region` --instance-id `curl htt
|
|
|
393
394
|
"logs:PutLogEvents"
|
|
394
395
|
],
|
|
395
396
|
"Resource": "*"
|
|
396
|
-
}]
|
|
397
|
+
}] + policies
|
|
397
398
|
}
|
|
398
399
|
}]
|
|
399
400
|
end
|
data/lib/sumomo/ecs.rb
CHANGED
|
@@ -6,21 +6,67 @@ module Sumomo
|
|
|
6
6
|
str.gsub(/[^0-9a-zA-Z]/, "_")
|
|
7
7
|
end
|
|
8
8
|
|
|
9
|
-
def
|
|
9
|
+
def make_ecs_role
|
|
10
|
+
make "AWS::IAM::Role", name: "ECSServiceRole" do
|
|
11
|
+
|
|
12
|
+
role_policy_doc = {
|
|
13
|
+
"Version" => "2012-10-17",
|
|
14
|
+
"Statement" => [{
|
|
15
|
+
"Effect" => "Allow",
|
|
16
|
+
"Principal" => {"Service" => ["ecs.amazonaws.com"]},
|
|
17
|
+
"Action" => ["sts:AssumeRole"]
|
|
18
|
+
}]
|
|
19
|
+
}
|
|
10
20
|
|
|
11
|
-
|
|
21
|
+
AssumeRolePolicyDocument role_policy_doc
|
|
22
|
+
Path "/"
|
|
23
|
+
Policies [
|
|
24
|
+
{
|
|
25
|
+
"PolicyName" => "ecs-service",
|
|
26
|
+
"PolicyDocument" => {
|
|
27
|
+
"Version" => "2012-10-17",
|
|
28
|
+
"Statement" => [{
|
|
29
|
+
"Effect" => "Allow",
|
|
30
|
+
"Action" => [
|
|
31
|
+
"ec2:AuthorizeSecurityGroupIngress",
|
|
32
|
+
"ec2:Describe*",
|
|
33
|
+
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
|
|
34
|
+
"elasticloadbalancing:DeregisterTargets",
|
|
35
|
+
"elasticloadbalancing:Describe*",
|
|
36
|
+
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
|
|
37
|
+
"elasticloadbalancing:RegisterTargets"
|
|
38
|
+
],
|
|
39
|
+
"Resource" => "*"
|
|
40
|
+
}]
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
]
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
def make_ecs_cluster(name:make_default_resource_name("ECSCluster"),services:[],machine_config:{},network:,log_retention:30,dependencies:[])
|
|
48
|
+
|
|
49
|
+
ecs = make "AWS::ECS::Cluster", name: "#{name}" do
|
|
50
|
+
dependencies.each do |x|
|
|
51
|
+
depends_on x
|
|
52
|
+
end
|
|
53
|
+
end
|
|
12
54
|
|
|
13
55
|
volumes = []
|
|
14
56
|
machine_volume_locations = {}
|
|
15
57
|
|
|
16
|
-
|
|
58
|
+
service_number = 0
|
|
17
59
|
|
|
18
60
|
services.each do |service|
|
|
19
61
|
|
|
20
|
-
|
|
62
|
+
alb = service[:alb]
|
|
63
|
+
certificate = service[:certificate]
|
|
64
|
+
alb_ports = {}
|
|
65
|
+
|
|
66
|
+
service_number += 1
|
|
21
67
|
|
|
22
68
|
containers = service[:containers]
|
|
23
|
-
service_name = service[:name] || "Service#{
|
|
69
|
+
service_name = service[:name] || "Service#{service_number}"
|
|
24
70
|
service_count = service[:count] || 1
|
|
25
71
|
|
|
26
72
|
container_defs = containers.map do |container|
|
|
@@ -29,7 +75,7 @@ module Sumomo
|
|
|
29
75
|
definition["Name"] = "#{sluggify(container[:image]).camelize}"
|
|
30
76
|
definition["Name"] = container[:name] if container[:name]
|
|
31
77
|
|
|
32
|
-
definition["Memory"] = 1024
|
|
78
|
+
definition["Memory"] = container[:memory] || 1024
|
|
33
79
|
|
|
34
80
|
loggroup = make "AWS::Logs::LogGroup", name: "#{name}#{definition["Name"]}Logs" do
|
|
35
81
|
LogGroupName "#{definition["Name"].underscore}_logs"
|
|
@@ -68,11 +114,68 @@ module Sumomo
|
|
|
68
114
|
end
|
|
69
115
|
|
|
70
116
|
if container[:ports]
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
117
|
+
if !alb
|
|
118
|
+
definition["PortMappings"] = container[:ports].map do |from_port, to_port|
|
|
119
|
+
{
|
|
120
|
+
"ContainerPort" => from_port,
|
|
121
|
+
"HostPort" => to_port
|
|
122
|
+
}
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
else
|
|
126
|
+
definition["PortMappings"] = container[:ports].map do |from_port, to_port|
|
|
127
|
+
{
|
|
128
|
+
"ContainerPort" => from_port
|
|
129
|
+
}
|
|
130
|
+
end
|
|
131
|
+
|
|
132
|
+
container[:ports].each do |container_port, host_port|
|
|
133
|
+
|
|
134
|
+
if alb_ports[host_port.to_i]
|
|
135
|
+
raise "Container #{alb_ports[host_port][:name]} is already using #{host_port}"
|
|
136
|
+
end
|
|
137
|
+
|
|
138
|
+
alb_target = make "AWS::ElasticLoadBalancingV2::TargetGroup", name: "#{name}#{definition["Name"]}Target" do
|
|
139
|
+
HealthCheckIntervalSeconds 60
|
|
140
|
+
UnhealthyThresholdCount 10
|
|
141
|
+
HealthCheckPath "/"
|
|
142
|
+
Name "#{name}Port#{host_port}Target"
|
|
143
|
+
Port container_port
|
|
144
|
+
Protocol "HTTP"
|
|
145
|
+
VpcId network[:vpc]
|
|
146
|
+
end
|
|
147
|
+
|
|
148
|
+
alb_action = {
|
|
149
|
+
"Type" => "forward",
|
|
150
|
+
"TargetGroupArn" => alb_target
|
|
151
|
+
}
|
|
152
|
+
|
|
153
|
+
if certificate
|
|
154
|
+
alb_listener = make "AWS::ElasticLoadBalancingV2::Listener", name: "#{name}#{definition["Name"]}Listener" do
|
|
155
|
+
Certificates [{ CertificateArn: certificate }]
|
|
156
|
+
DefaultActions [ alb_action ]
|
|
157
|
+
LoadBalancerArn alb
|
|
158
|
+
Port host_port
|
|
159
|
+
Protocol "HTTPS"
|
|
160
|
+
end
|
|
161
|
+
else
|
|
162
|
+
alb_listener = make "AWS::ElasticLoadBalancingV2::Listener", name: "#{name}#{definition["Name"]}Listener" do
|
|
163
|
+
DefaultActions [ alb_action ]
|
|
164
|
+
LoadBalancerArn alb
|
|
165
|
+
Port host_port
|
|
166
|
+
Protocol "HTTP"
|
|
167
|
+
end
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
alb_ports[host_port.to_i] = {
|
|
171
|
+
listener: alb_listener,
|
|
172
|
+
target: alb_target,
|
|
173
|
+
port: container_port,
|
|
174
|
+
name: definition["Name"]
|
|
175
|
+
}
|
|
176
|
+
|
|
177
|
+
end
|
|
178
|
+
|
|
76
179
|
end
|
|
77
180
|
container.delete(:ports)
|
|
78
181
|
end
|
|
@@ -87,13 +190,12 @@ module Sumomo
|
|
|
87
190
|
container.delete(:envvars)
|
|
88
191
|
end
|
|
89
192
|
|
|
90
|
-
|
|
91
193
|
container.each do |key, value|
|
|
92
194
|
definition["#{key}".camelize] = value
|
|
93
195
|
end
|
|
94
196
|
|
|
95
197
|
definition
|
|
96
|
-
end
|
|
198
|
+
end
|
|
97
199
|
|
|
98
200
|
|
|
99
201
|
deployment_config = {
|
|
@@ -106,13 +208,31 @@ module Sumomo
|
|
|
106
208
|
Volumes volumes
|
|
107
209
|
end
|
|
108
210
|
|
|
211
|
+
stack = self
|
|
212
|
+
|
|
109
213
|
ecs_service = make "AWS::ECS::Service", name: "#{name}#{service_name}" do
|
|
214
|
+
alb_ports.each do |host_port, info|
|
|
215
|
+
depends_on info[:listener]
|
|
216
|
+
end
|
|
217
|
+
|
|
110
218
|
Cluster ecs
|
|
111
219
|
DesiredCount service_count
|
|
112
220
|
TaskDefinition ecs_task
|
|
113
221
|
DeploymentConfiguration deployment_config
|
|
222
|
+
|
|
223
|
+
if alb_ports.keys.count != 0
|
|
224
|
+
Role stack.make_ecs_role
|
|
225
|
+
LoadBalancers alb_ports.values.map { |info|
|
|
226
|
+
{
|
|
227
|
+
"TargetGroupArn" => info[:target],
|
|
228
|
+
"ContainerPort" => info[:port],
|
|
229
|
+
"ContainerName" => info[:name]
|
|
230
|
+
}
|
|
231
|
+
}
|
|
232
|
+
end
|
|
233
|
+
|
|
114
234
|
end
|
|
115
|
-
end
|
|
235
|
+
end #services
|
|
116
236
|
|
|
117
237
|
machine_config[:methods].each do |method_name|
|
|
118
238
|
parameters = {ecs_cluster: ecs}
|
|
@@ -121,6 +241,8 @@ module Sumomo
|
|
|
121
241
|
parameters[param[1]] = machine_config[param[1]] if (param[0] == :keyreq or param[0] == :key) and machine_config[param[1]]
|
|
122
242
|
end
|
|
123
243
|
|
|
244
|
+
parameters[:network] = network if !parameters[:network]
|
|
245
|
+
|
|
124
246
|
method(method_name).call(parameters) do
|
|
125
247
|
machine_volume_locations.each do |s3_loc, machine_loc|
|
|
126
248
|
mkdir File.dirname(machine_loc)
|
data/lib/sumomo/network.rb
CHANGED
|
@@ -38,9 +38,47 @@ module Sumomo
|
|
|
38
38
|
GatewayId gateway
|
|
39
39
|
end
|
|
40
40
|
|
|
41
|
+
last_unused_number = 0
|
|
42
|
+
|
|
43
|
+
subnet_numbers = []
|
|
44
|
+
|
|
45
|
+
#load current config
|
|
46
|
+
number_hash = {}
|
|
47
|
+
subnet_hash = {}
|
|
48
|
+
|
|
49
|
+
ec2 = Aws::EC2::Client.new(region: @region)
|
|
50
|
+
ec2_subnets = ec2.describe_subnets().subnets
|
|
51
|
+
ec2_subnets.each do |subnet|
|
|
52
|
+
if subnet.tags.select {|x| x.key == "aws:cloudformation:stack-name" && x.value == @bucket_name}.length == 1
|
|
53
|
+
layer = /^#{@bucket_name}-(?<layer_name>.+)-[a-z]+$/.match(subnet.tags.select{|x| x.key == "Name"}.first.value)[:layer_name]
|
|
54
|
+
zone = subnet.availability_zone
|
|
55
|
+
number = /^10.0.(?<num>[0-9]+).0/.match(subnet.cidr_block)[:num].to_i
|
|
56
|
+
|
|
57
|
+
key = "#{layer}/#{zone}"
|
|
58
|
+
number_hash[number] = key
|
|
59
|
+
subnet_hash[key] = number
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
# assign numbers to unassigned subnets
|
|
64
|
+
layers.product(zones).each do |e|
|
|
65
|
+
key = "#{e[0]}/#{e[1]}"
|
|
66
|
+
if !subnet_hash.has_key?(key)
|
|
67
|
+
loop do
|
|
68
|
+
break if !number_hash.has_key?(last_unused_number)
|
|
69
|
+
last_unused_number += 1
|
|
70
|
+
end
|
|
71
|
+
number_hash[last_unused_number] = key
|
|
72
|
+
subnet_hash[key] = last_unused_number
|
|
73
|
+
subnet_numbers << [e, last_unused_number]
|
|
74
|
+
else
|
|
75
|
+
subnet_numbers << [e, subnet_hash[key]]
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
|
|
41
79
|
subnets = {}
|
|
42
80
|
|
|
43
|
-
|
|
81
|
+
subnet_numbers.each do |e, subnet_number|
|
|
44
82
|
layer = e[0]
|
|
45
83
|
zone = e[1]
|
|
46
84
|
|
data/lib/sumomo/stack.rb
CHANGED
|
@@ -17,6 +17,7 @@ module Sumomo
|
|
|
17
17
|
end
|
|
18
18
|
|
|
19
19
|
def upload_file(name,content)
|
|
20
|
+
puts "Uploaded #{name}"
|
|
20
21
|
@store.set_raw("uploads/#{name}", content)
|
|
21
22
|
end
|
|
22
23
|
|
|
@@ -139,6 +140,11 @@ module Sumomo
|
|
|
139
140
|
"Effect" => "Allow",
|
|
140
141
|
"Action" => ["s3:DeleteObject", "s3:GetObject", "s3:PutObject"],
|
|
141
142
|
"Resource" => "arn:aws:s3:::#{bucket_name}/*"
|
|
143
|
+
},
|
|
144
|
+
{
|
|
145
|
+
"Effect" => "Allow",
|
|
146
|
+
"Action" => ["cloudfront:CreateCloudFrontOriginAccessIdentity", "cloudfront:DeleteCloudFrontOriginAccessIdentity"],
|
|
147
|
+
"Resource" => "*"
|
|
142
148
|
}]
|
|
143
149
|
}
|
|
144
150
|
}
|
data/lib/sumomo/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sumomo
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Siaw
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-
|
|
11
|
+
date: 2017-06-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -171,6 +171,7 @@ files:
|
|
|
171
171
|
- data/sumomo/custom_resources/AvailabilityZones.js
|
|
172
172
|
- data/sumomo/custom_resources/CloudflareCNAME.js
|
|
173
173
|
- data/sumomo/custom_resources/DeployTime.js
|
|
174
|
+
- data/sumomo/custom_resources/OriginAccessIdentity.js
|
|
174
175
|
- data/sumomo/custom_resources/SelectSpot.js
|
|
175
176
|
- data/sumomo/sources/spot-watcher-poller.sh
|
|
176
177
|
- data/sumomo/sources/spot-watcher.sh
|