terraforming 0.15.0 → 0.16.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 2e84d837a0dba1a8c3f14a86c4c7f93598e024a5
4
- data.tar.gz: c7ef19c07166185719c56eababac3eb68c96e5d2
3
+ metadata.gz: 9e8974debd8988dc251d0ea827a67fdc5042583c
4
+ data.tar.gz: abc7cebb5bd5859305c02e57900d7a3b9ea038b7
5
5
  SHA512:
6
- metadata.gz: 7dc8ddfd1720d5b92ae44c2360b5421db204f7da909567b72dbead96588640c61bf5e5c880217119430655ec82dd05ef0ac0505d9bc7c2fefc23c4ce57b82eaf
7
- data.tar.gz: b656c4214cb331e3cafcb59a97741c94df06be17f8a3cdf76e58975e55e0c814c0e4e88e2b801ec74125a8e671538d1e25f2c237d000bc9ec1a1899c67d59896
6
+ metadata.gz: 9b4bbbe089a66b450b79b3bb54f473b2ac1118a60d88314ffb9d804f481ecbcd6adc4f2444656d0dd7d8372b04e7d0a6cf67b8ae5789cb4a38fe7ce2e37f9de6
7
+ data.tar.gz: 9d287e2b5fc87b76c0e44d61211efa34ffe544b9f144e965e55fbd871592ed2cb3b33c5979e46a0c556af446cf0f63c6a7e0a2171d0ec9c75429e823a1f1a683
@@ -9,6 +9,9 @@ env:
9
9
  matrix:
10
10
  - OJ=0
11
11
  - OJ=1
12
+ branches:
13
+ only:
14
+ - master
12
15
  before_install:
13
16
  - gem update --system
14
17
  - gem update bundler
@@ -1,3 +1,16 @@
1
+ # [v0.16.0](https://github.com/dtan4/terraforming/releases/tag/v0.16.0) (2017-10-23)
2
+
3
+ - Declare supported Terraform version: v0.9.3 or higher
4
+
5
+ ## New feature
6
+
7
+ - Support assuming role `--assume` [#379](https://github.com/dtan4/terraforming/pull/379) (thanks @cmedley)
8
+
9
+ ## Fixed / Updated
10
+
11
+ - Use ENCRYPT_DECRYPT as KMS key usage [#380](https://github.com/dtan4/terraforming/pull/380)
12
+ - Fix IAM instance profile [#376](https://github.com/dtan4/terraforming/pull/376) (thanks @chroju)
13
+
1
14
  # [v0.15.0](https://github.com/dtan4/terraforming/releases/tag/v0.15.0) (2017-09-18)
2
15
 
3
16
  ## Fixed / Updated
@@ -2,6 +2,15 @@
2
2
 
3
3
  I love pull requests from everyone! By the way, I have a favor to ask you with your contribution :bow:
4
4
 
5
+ ## Reporting issue
6
+
7
+ - Please write your ...
8
+ - platform (macOS, Linux, Windows, ...)
9
+ - Ruby version
10
+ - Terraforming version
11
+ - Terraform version (if `terraform plan` failed)
12
+ - executed command and error message (if any)
13
+
5
14
  ## Making changes
6
15
 
7
16
  - Currently, this gem supports only __AWS__ resources. Other providers are supported as separated gems.
data/README.md CHANGED
@@ -25,7 +25,9 @@ Export existing AWS resources to [Terraform](https://terraform.io/) style (tf, t
25
25
 
26
26
  ## Supported version
27
27
 
28
- Ruby 2.1 or higher
28
+ - Ruby 2.1 or higher is required
29
+ - Terraform v0.9.3 or higher is recommended
30
+ - Some resources (e.g. `iam_instance_profile`) uses newer resource specification
29
31
 
30
32
  ## Installation
31
33
 
@@ -65,6 +67,12 @@ aws_secret_access_key = FugaFuga
65
67
  $ terraforming s3 --profile hoge
66
68
  ```
67
69
 
70
+ You can assume a role by using the `--assume` option.
71
+
72
+ ```bash
73
+ $ terraforming s3 --assume arn:aws:iam::123456789123:role/test-role
74
+ ```
75
+
68
76
  You can force the AWS SDK to utilize the CA certificate that is bundled with the SDK for systems where the default OpenSSL certificate is not installed (e.g. Windows) by utilizing the `--use-bundled-cert` option.
69
77
 
70
78
  ```bash
@@ -5,6 +5,7 @@ module Terraforming
5
5
  class_option :tfstate, type: :boolean, desc: "Generate tfstate"
6
6
  class_option :profile, type: :string, desc: "AWS credentials profile"
7
7
  class_option :region, type: :string, desc: "AWS region"
8
+ class_option :assume, type: :string, desc: "Role ARN to assume"
8
9
  class_option :use_bundled_cert,
9
10
  type: :boolean,
10
11
  desc: "Use the bundled CA certificate from AWS SDK"
@@ -229,6 +230,13 @@ module Terraforming
229
230
  def configure_aws(options)
230
231
  Aws.config[:credentials] = Aws::SharedCredentials.new(profile_name: options[:profile]) if options[:profile]
231
232
  Aws.config[:region] = options[:region] if options[:region]
233
+
234
+ if options[:assume]
235
+ args = { role_arn: options[:assume], role_session_name: "terraforming-session-#{Time.now.to_i}" }
236
+ args[:client] = Aws::STS::Client.new(profile: options[:profile]) if options[:profile]
237
+ Aws.config[:credentials] = Aws::AssumeRoleCredentials.new(args)
238
+ end
239
+
232
240
  Aws.use_bundled_cert! if options[:use_bundled_cert]
233
241
  end
234
242
 
@@ -26,6 +26,7 @@ module Terraforming
26
26
  "id" => profile.instance_profile_name,
27
27
  "name" => profile.instance_profile_name,
28
28
  "path" => profile.path,
29
+ "role" => profile.roles[0].role_name,
29
30
  "roles.#" => profile.roles.length.to_s,
30
31
  }
31
32
  resources["aws_iam_instance_profile.#{module_name_of(profile)}"] = {
@@ -32,7 +32,7 @@ module Terraforming
32
32
  "id" => key.key_id,
33
33
  "is_enabled" => key.enabled.to_s,
34
34
  "key_id" => key.key_id,
35
- "key_usage" => key_usage_of(key),
35
+ "key_usage" => key.key_usage,
36
36
  "policy" => key_policy_of(key),
37
37
  },
38
38
  },
@@ -69,10 +69,6 @@ module Terraforming
69
69
  @client.get_key_rotation_status(key_id: key.key_id)
70
70
  end
71
71
 
72
- def key_usage_of(key)
73
- key.key_usage.tr("_", "/")
74
- end
75
-
76
72
  def managed_master_key?(key)
77
73
  !aliases.select { |a| a.target_key_id == key.key_id && a.alias_name =~ %r{\Aalias/aws/} }.empty?
78
74
  end
@@ -1,8 +1,8 @@
1
1
  <% iam_instance_profiles.each do |profile| -%>
2
2
  resource "aws_iam_instance_profile" "<%= module_name_of(profile) %>" {
3
- name = "<%= profile.instance_profile_name %>"
4
- path = "<%= profile.path %>"
5
- roles = <%= profile.roles.map { |role| role.role_name }.inspect %>
3
+ name = "<%= profile.instance_profile_name %>"
4
+ path = "<%= profile.path %>"
5
+ role = "<%= profile.roles[0].role_name %>"
6
6
  }
7
7
 
8
8
  <% end -%>
@@ -1,7 +1,7 @@
1
1
  <% keys.each do |key| -%>
2
2
  resource "aws_kms_key" "<%= module_name_of(key) %>" {
3
3
  description = "<%= key.description %>"
4
- key_usage = "<%= key_usage_of(key) %>"
4
+ key_usage = "<%= key.key_usage %>"
5
5
  is_enabled = <%= key.enabled %>
6
6
  enable_key_rotation = <%= key_rotation_status_of(key).key_rotation_enabled %>
7
7
 
@@ -1,3 +1,3 @@
1
1
  module Terraforming
2
- VERSION = "0.15.0"
2
+ VERSION = "0.16.0"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: terraforming
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.15.0
4
+ version: 0.16.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Daisuke Fujita
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-09-18 00:00:00.000000000 Z
11
+ date: 2017-10-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-autoscaling
@@ -457,7 +457,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
457
457
  version: '0'
458
458
  requirements: []
459
459
  rubyforge_project:
460
- rubygems_version: 2.6.11
460
+ rubygems_version: 2.6.13
461
461
  signing_key:
462
462
  specification_version: 4
463
463
  summary: Export existing AWS resources to Terraform style (tf, tfstate)