vagrant-aws-iam-decoder 0.7.2

data/lib/vagrant-aws/errors.rb

@@ -0,0 +1,43 @@
+require "vagrant"
+
+module VagrantPlugins
+  module AWS
+    module Errors
+      class VagrantAWSError < Vagrant::Errors::VagrantError
+        error_namespace("vagrant_aws.errors")
+      end
+
+      class FogError < VagrantAWSError
+        error_key(:fog_error)
+      end
+
+      class InternalFogError < VagrantAWSError
+        error_key(:internal_fog_error)
+      end
+
+      class InstanceReadyTimeout < VagrantAWSError
+        error_key(:instance_ready_timeout)
+      end
+
+      class InstancePackageError < VagrantAWSError
+        error_key(:instance_package_error)
+      end
+
+      class InstancePackageTimeout < VagrantAWSError
+        error_key(:instance_package_timeout)
+      end
+
+      class RsyncError < VagrantAWSError
+        error_key(:rsync_error)
+      end
+
+      class MkdirError < VagrantAWSError
+        error_key(:mkdir_error)
+      end
+
+      class ElbDoesNotExistError < VagrantAWSError
+        error_key("elb_does_not_exist")
+      end
+    end
+  end
+end

data/lib/vagrant-aws/plugin.rb

@@ -0,0 +1,73 @@
+begin
+  require "vagrant"
+rescue LoadError
+  raise "The Vagrant AWS plugin must be run within Vagrant."
+end
+
+# This is a sanity check to make sure no one is attempting to install
+# this into an early Vagrant version.
+if Vagrant::VERSION < "1.2.0"
+  raise "The Vagrant AWS plugin is only compatible with Vagrant 1.2+"
+end
+
+module VagrantPlugins
+  module AWS
+    class Plugin < Vagrant.plugin("2")
+      name "AWS"
+      description <<-DESC
+      This plugin installs a provider that allows Vagrant to manage
+      machines in AWS (EC2/VPC).
+      DESC
+
+      config(:aws, :provider) do
+        require_relative "config"
+        Config
+      end
+
+      provider(:aws, parallel: true) do
+        # Setup logging and i18n
+        setup_logging
+        setup_i18n
+
+        # Return the provider
+        require_relative "provider"
+        Provider
+      end
+
+      # This initializes the internationalization strings.
+      def self.setup_i18n
+        I18n.load_path << File.expand_path("locales/en.yml", AWS.source_root)
+        I18n.reload!
+      end
+
+      # This sets up our log level to be whatever VAGRANT_LOG is.
+      def self.setup_logging
+        require "log4r"
+
+        level = nil
+        begin
+          level = Log4r.const_get(ENV["VAGRANT_LOG"].upcase)
+        rescue NameError
+          # This means that the logging constant wasn't found,
+          # which is fine. We just keep `level` as `nil`. But
+          # we tell the user.
+          level = nil
+        end
+
+        # Some constants, such as "true" resolve to booleans, so the
+        # above error checking doesn't catch it. This will check to make
+        # sure that the log level is an integer, as Log4r requires.
+        level = nil if !level.is_a?(Integer)
+
+        # Set the logging level on all "vagrant" namespaced
+        # logs as long as we have a valid level.
+        if level
+          logger = Log4r::Logger.new("vagrant_aws")
+          logger.outputters = Log4r::Outputter.stderr
+          logger.level = level
+          logger = nil
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-aws/provider.rb

@@ -0,0 +1,50 @@
+require "log4r"
+require "vagrant"
+
+module VagrantPlugins
+  module AWS
+    class Provider < Vagrant.plugin("2", :provider)
+      def initialize(machine)
+        @machine = machine
+      end
+
+      def action(name)
+        # Attempt to get the action method from the Action class if it
+        # exists, otherwise return nil to show that we don't support the
+        # given action.
+        action_method = "action_#{name}"
+        return Action.send(action_method) if Action.respond_to?(action_method)
+        nil
+      end
+
+      def ssh_info
+        # Run a custom action called "read_ssh_info" which does what it
+        # says and puts the resulting SSH info into the `:machine_ssh_info`
+        # key in the environment.
+        env = @machine.action("read_ssh_info", lock: false)
+        env[:machine_ssh_info]
+      end
+
+      def state
+        # Run a custom action we define called "read_state" which does
+        # what it says. It puts the state in the `:machine_state_id`
+        # key in the environment.
+        env = @machine.action("read_state", lock: false)
+
+        state_id = env[:machine_state_id]
+
+        # Get the short and long description
+        short = I18n.t("vagrant_aws.states.short_#{state_id}")
+        long  = I18n.t("vagrant_aws.states.long_#{state_id}")
+
+        # Return the MachineState object
+        Vagrant::MachineState.new(state_id, short, long)
+      end
+
+      def to_s
+        id = @machine.id.nil? ? "new" : @machine.id
+        "AWS (#{id})"
+      end
+    end
+  end
+end

data/lib/vagrant-aws/util/elb.rb

@@ -0,0 +1,58 @@
+module VagrantPlugins
+  module AWS
+    module ElasticLoadBalancer
+
+      def register_instance(env, elb_name, instance_id)
+        env[:ui].info I18n.t("vagrant_aws.elb.registering", instance_id: instance_id, elb_name: elb_name), :new_line => false
+        elb = get_load_balancer(env[:aws_elb], elb_name)
+        unless elb.instances.include? instance_id
+          elb.register_instances([instance_id])
+          env[:ui].info I18n.t("vagrant_aws.elb.ok"), :prefix => false
+          adjust_availability_zones env, elb
+        else
+          env[:ui].info I18n.t("vagrant_aws.elb.skipped"), :prefix => false
+        end
+      end
+
+      def deregister_instance(env, elb_name, instance_id)
+        env[:ui].info I18n.t("vagrant_aws.elb.deregistering", instance_id: instance_id, elb_name: elb_name), :new_line => false
+        elb = get_load_balancer(env[:aws_elb], elb_name)
+        if elb.instances.include? instance_id
+          elb.deregister_instances([instance_id])
+          env[:ui].info I18n.t("vagrant_aws.elb.ok"), :prefix => false
+          if env[:machine].provider_config.unregister_elb_from_az
+            adjust_availability_zones env, elb
+          end
+        else
+          env[:ui].info I18n.t("vagrant_aws.elb.skipped"), :prefix => false
+        end
+      end
+
+      def adjust_availability_zones(env, elb)
+        env[:ui].info I18n.t("vagrant_aws.elb.adjusting", elb_name: elb.id), :new_line => false
+
+        instances = env[:aws_compute].servers.all("instance-id" => elb.instances)
+        
+        azs = if instances.empty?
+                ["#{env[:machine].provider_config.region}a"]
+              else
+                instances.map(&:availability_zone).uniq
+              end
+
+        az_to_disable = elb.availability_zones - azs
+        az_to_enable = azs - elb.availability_zones
+
+        elb.enable_availability_zones az_to_enable unless az_to_enable.empty?
+        elb.disable_availability_zones az_to_disable unless az_to_disable.empty?
+
+        env[:ui].info I18n.t("vagrant_aws.elb.ok"), :prefix => false
+      end
+
+      private
+
+      def get_load_balancer(aws, name)
+        aws.load_balancers.find { |lb| lb.id == name } or raise Errors::ElbDoesNotExistError
+      end
+    end
+  end
+end

data/lib/vagrant-aws/util/timer.rb

@@ -0,0 +1,17 @@
+module VagrantPlugins
+  module AWS
+    module Util
+      class Timer
+        # A basic utility method that times the execution of the given
+        # block and returns it.
+        def self.time
+          start_time = Time.now.to_f
+          yield
+          end_time = Time.now.to_f
+
+          end_time - start_time
+        end
+      end
+    end
+  end
+end

data/lib/vagrant-aws/version.rb

@@ -0,0 +1,5 @@
+module VagrantPlugins
+  module AWS
+    VERSION = '0.7.2'
+  end
+end

data/locales/en.yml

@@ -0,0 +1,161 @@
+en:
+  vagrant_aws:
+    already_status: |-
+      The machine is already %{status}.
+    burning_ami: |-
+      Waiting for the AMI '%{ami_id}' to burn...
+    elb:
+      adjusting: |-
+        Adjusting availability zones of ELB %{elb_name}...
+      registering: |-
+        Registering %{instance_id} at ELB %{elb_name}...
+      deregistering: |-
+        Deregistering %{instance_id} from ELB %{elb_name}...
+      ok: |-
+        ok
+      skipped: |-
+        skipped
+
+    launching_instance: |-
+      Launching an instance with the following settings...
+    launching_spot_instance: |-
+       Launching a spot request instance with the following settings...
+    launch_no_keypair: |-
+      Warning! You didn't specify a keypair to launch your instance with.
+      This can sometimes result in not being able to access your instance.
+    launch_vpc_warning: |-
+      Warning! You're launching this instance into a VPC without an
+      elastic IP. Please verify you're properly connected to a VPN so
+      you can access this machine, otherwise Vagrant will not be able
+      to SSH into it.
+    not_created: |-
+      Instance is not created. Please run `vagrant up` first.
+    packaging_instance: |-
+      Burning instance %{instance_id} into an ami
+    packaging_instance_complete: |-
+      Burn was successful in %{time_seconds}s
+    ready: |-
+      Machine is booted and ready for use!
+    rsync_not_found_warning: |-
+      Warning! Folder sync disabled because the rsync binary is missing in the %{side}.
+      Make sure rsync is installed and the binary can be found in the PATH.
+    rsync_folder: |-
+      Rsyncing folder: %{hostpath} => %{guestpath}
+    source_dest_checks_no_vpc: |-
+      Warning! Ignoring source_dest_checks flag as it can only be configured on
+      a VPC instance.
+    starting: |-
+      Starting the instance...
+    stopping: |-
+      Stopping the instance...
+    terminating: |-
+      Terminating the instance...
+    waiting_for_ready: |-
+      Waiting for instance to become "ready"...
+    waiting_for_ssh: |-
+      Waiting for SSH to become available...
+    warn_networks: |-
+      Warning! The AWS provider doesn't support any of the Vagrant
+      high-level network configurations (`config.vm.network`). They
+      will be silently ignored.
+    warn_ssh_access: |-
+      Warning! Vagrant might not be able to SSH into the instance.
+      Please check your security groups settings.
+    will_not_destroy: |-
+      The instance '%{name}' will not be destroyed, since the confirmation
+      was declined.
+
+    config:
+      access_key_id_required: |-
+        An access key ID must be specified via "access_key_id"
+      ami_required: |-
+        An AMI must be configured via "ami" (region: #{region})
+      private_key_missing: |-
+        The specified private key for AWS could not be found
+      region_required: |-
+        A region must be specified via "region"
+      secret_access_key_required: |-
+        A secret access key is required via "secret_access_key"
+      subnet_id_required_with_public_ip: |-
+        If you assign a public IP address to an instance in a VPC, a subnet must be specifed via "subnet_id"
+      aws_info_required: |-
+        One or more of the needed AWS credentials are missing. No environment variables
+        are set nor profile '%{profile}' exists at '%{location}'
+
+    errors:
+      fog_error: |-
+        There was an error talking to AWS. The error message is shown
+        below:
+
+        %{message}
+      internal_fog_error: |-
+        There was an error talking to AWS. The error message is shown
+        below:
+
+        Error: %{error}
+        Response: %{response}
+      instance_ready_timeout: |-
+        The instance never became "ready" in AWS. The timeout currently
+        set waiting for the instance to become ready is %{timeout} seconds.
+        Please verify that the machine properly boots. If you need more time
+        set the `instance_ready_timeout` configuration on the AWS provider.
+      instance_package_error: |-
+        There was an error packaging the instance. See details below for more info.
+
+        AMI Id: %{ami_id}
+        Error: %{err}
+      instance_package_timeout: |-
+        The AMI failed to become "ready" in AWS. The timeout currently
+        set waiting for the instance to become ready is %{timeout} seconds. For
+        larger instances AMI burning may take long periods of time. Please
+        ensure the timeout is set high enough, it can be changed by adjusting
+        the `instance_package_timeout` configuration on the AWS provider.
+      rsync_error: |-
+        There was an error when attempting to rsync a shared folder.
+        Please inspect the error message below for more info.
+
+        Host path: %{hostpath}
+        Guest path: %{guestpath}
+        Error: %{stderr}
+      mkdir_error: |-
+        There was an error when attempting to create a shared host folder.
+        Please inspect the error message below for more info.
+
+        Host path: %{hostpath}
+        Error: %{err}
+      elb_does_not_exist: |-
+        ELB configured for the instance does not exist
+
+    states:
+      short_not_created: |-
+        not created
+      long_not_created: |-
+        The EC2 instance is not created. Run `vagrant up` to create it.
+
+      short_stopped: |-
+        stopped
+      long_stopped: |-
+        The EC2 instance is stopped. Run `vagrant up` to start it.
+
+      short_stopping: |-
+        stopping
+      long_stopping: |-
+        The EC2 instance is stopping. Wait until is completely stopped to
+        run `vagrant up` and start it.
+
+      short_pending: |-
+        pending
+      long_pending: |-
+        The EC2 instance is pending a start (i.e. this is a transition state).
+
+      short_running: |-
+        running
+      long_running: |-
+        The EC2 instance is running. To stop this machine, you can run
+        `vagrant halt`. To destroy the machine, you can run `vagrant destroy`.
+
+      short_pending: |-
+        pending
+      long_pending: |-
+        The EC2 instance is still being initialized. To destroy this machine,
+        you can run `vagrant destroy`.

data/spec/spec_helper.rb

@@ -0,0 +1 @@
+

data/spec/vagrant-aws/config_spec.rb

@@ -0,0 +1,395 @@
+require "vagrant-aws/config"
+require 'rspec/its'
+
+# remove deprecation warnings
+# (until someone decides to update the whole spec file to rspec 3.4)
+RSpec.configure do |config|
+  # ...
+  config.mock_with :rspec do |c|
+    c.syntax = [:should, :expect]
+  end
+  config.expect_with :rspec do |c|
+    c.syntax = [:should, :expect]
+  end
+end
+
+describe VagrantPlugins::AWS::Config do
+  let(:instance) { described_class.new }
+
+  # Ensure tests are not affected by AWS credential environment variables
+  before :each do
+    ENV.stub(:[] => nil)
+  end
+
+  describe "defaults" do
+    subject do
+      instance.tap do |o|
+        o.finalize!
+      end
+    end
+
+    its("access_key_id")     { should be_nil }
+    its("ami")               { should be_nil }
+    its("availability_zone") { should be_nil }
+    its("instance_ready_timeout") { should == 120 }
+    its("instance_check_interval") { should == 2 }
+    its("instance_package_timeout") { should == 600 }
+    its("instance_type")     { should == "m3.medium" }
+    its("keypair_name")      { should be_nil }
+    its("private_ip_address") { should be_nil }
+    its("region")            { should == "us-east-1" }
+    its("secret_access_key") { should be_nil }
+    its("session_token") { should be_nil }
+    its("security_groups")   { should == [] }
+    its("subnet_id")         { should be_nil }
+    its("iam_instance_profile_arn") { should be_nil }
+    its("iam_instance_profile_name") { should be_nil }
+    its("tags")              { should == {} }
+    its("package_tags")      { should == {} }
+    its("user_data")         { should be_nil }
+    its("use_iam_profile")   { should be false }
+    its("block_device_mapping")  {should == [] }
+    its("elastic_ip")        { should be_nil }
+    its("terminate_on_shutdown") { should == false }
+    its("ssh_host_attribute") { should be_nil }
+    its("monitoring")        { should == false }
+    its("ebs_optimized")     { should == false }
+    its("source_dest_check")       { should be_nil }
+    its("associate_public_ip")     { should == false }
+    its("unregister_elb_from_az") { should == true }
+    its("tenancy")     { should == "default" }
+    its("spot_instance")     { should == false }
+    its("spot_max_price")    { should be_nil }
+    its("spot_price_product_description")  { should be_nil }
+    its("spot_valid_until")  { should be_nil }
+  end
+
+  describe "overriding defaults" do
+    # I typically don't meta-program in tests, but this is a very
+    # simple boilerplate test, so I cut corners here. It just sets
+    # each of these attributes to "foo" in isolation, and reads the value
+    # and asserts the proper result comes back out.
+    [:access_key_id, :ami, :availability_zone, :instance_ready_timeout,
+      :instance_package_timeout, :instance_type, :keypair_name, :ssh_host_attribute,
+      :ebs_optimized, :region, :secret_access_key, :session_token, :monitoring,
+      :associate_public_ip, :subnet_id, :tags, :package_tags, :elastic_ip,
+      :terminate_on_shutdown, :iam_instance_profile_arn, :iam_instance_profile_name,
+      :use_iam_profile, :user_data, :block_device_mapping,
+      :source_dest_check].each do |attribute|
+
+      it "should not default #{attribute} if overridden" do
+        # but these should always come together, so you need to set them all or nothing
+        instance.send("access_key_id=".to_sym, "foo")
+        instance.send("secret_access_key=".to_sym, "foo")
+        instance.send("session_token=".to_sym, "foo")
+        instance.send("#{attribute}=".to_sym, "foo")
+        instance.finalize!
+        instance.send(attribute).should == "foo"
+      end
+    end
+    it "should not default security_groups if overridden" do
+      instance.security_groups = "foo"
+      instance.finalize!
+      instance.security_groups.should == ["foo"]
+    end
+  end
+
+  describe "getting credentials from environment" do
+    context "without EC2 credential environment variables" do
+      subject do
+        instance.tap do |o|
+          o.finalize!
+        end
+      end
+
+      its("access_key_id")     { should be_nil }
+      its("secret_access_key") { should be_nil }
+      its("session_token")     { should be_nil }
+    end
+
+    context "with EC2 credential environment variables" do
+      before :each do
+        ENV.stub(:[]).with("AWS_ACCESS_KEY_ID").and_return("access_key")
+        ENV.stub(:[]).with("AWS_SECRET_ACCESS_KEY").and_return("secret_key")
+        ENV.stub(:[]).with("AWS_SESSION_TOKEN").and_return("session_token")
+      end
+
+      subject do
+        instance.tap do |o|
+          o.finalize!
+        end
+      end
+
+      its("access_key_id")     { should == "access_key" }
+      its("secret_access_key") { should == "secret_key" }
+      its("session_token")     { should == "session_token" }
+    end
+  end
+
+
+  describe "getting credentials when there is an AWS profile" do
+    ## ENV has been nuked so ENV['HOME'] will be a empty string when Credentials#get_aws_info gets called
+    let(:filename_cfg)  { "/.aws/config" }
+    let(:filename_keys) { "/.aws/credentials" }
+    let(:data_cfg)      {
+"[default]
+region=eu-west-1
+output=json
+
+[profile user1]
+region=us-east-1
+output=text
+
+[profile user2]
+region=us-east-1
+output=text
+
+[profile user3]
+region=us-west-2
+output=text
+" }
+    let(:data_keys)     {
+"[default]
+aws_access_key_id=AKIdefault
+aws_secret_access_key=PASSdefault
+
+[user1]
+aws_access_key_id=AKIuser1
+aws_secret_access_key=PASSuser1
+
+[user2]
+aws_access_key_id=AKIuser2
+aws_secret_access_key=PASSuser2
+aws_session_token=TOKuser2
+
+[user3]
+aws_access_key_id=AKIuser3
+aws_secret_access_key=PASSuser3
+aws_session_token= TOKuser3
+" }
+    # filenames and file data when using AWS_SHARED_CREDENTIALS_FILE and AWS_CONFIG_FILE
+    let(:sh_dir)           { "/aws_shared/" }
+    let(:sh_filename_cfg)  { sh_dir + "config" }
+    let(:sh_filename_keys) { sh_dir + "credentials" }
+    let(:sh_data_cfg)      { "[default]\nregion=sh-region\noutput=text" }
+    let(:sh_data_keys)     { "[default]\naws_access_key_id=AKI_set_shared\naws_secret_access_key=set_shared_foobar" }
+
+    context "with EC2 credential environment variables set" do
+      subject do
+        ENV.stub(:[]).with("AWS_ACCESS_KEY_ID").and_return("env_access_key")
+        ENV.stub(:[]).with("AWS_SECRET_ACCESS_KEY").and_return("env_secret_key")
+        ENV.stub(:[]).with("AWS_SESSION_TOKEN").and_return("env_session_token")
+        ENV.stub(:[]).with("AWS_DEFAULT_REGION").and_return("env_region")
+        allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
+        allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
+        instance.tap do |o|
+          o.finalize!
+        end
+      end
+      its("access_key_id")        { should == "env_access_key" }
+      its("secret_access_key")    { should == "env_secret_key" }
+      its("session_token")        { should == "env_session_token" }
+      its("region")               { should == "env_region" }
+    end
+
+    context "without EC2 credential environment variables but with AWS_CONFIG_FILE and AWS_SHARED_CREDENTIALS_FILE set" do
+      subject do
+        allow(File).to receive(:exist?).and_return(true)
+        allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
+        allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
+        ENV.stub(:[]).with("AWS_CONFIG_FILE").and_return(sh_filename_cfg)
+        ENV.stub(:[]).with("AWS_SHARED_CREDENTIALS_FILE").and_return(sh_filename_keys)
+        allow(File).to receive(:read).with(sh_filename_cfg).and_return(sh_data_cfg)
+        allow(File).to receive(:read).with(sh_filename_keys).and_return(sh_data_keys)
+        instance.tap do |o|
+          o.finalize!
+        end
+      end
+      its("access_key_id")         { should == "AKI_set_shared" }
+      its("secret_access_key")     { should == "set_shared_foobar" }
+      its("session_token")         { should be_nil }
+      its("region")                { should == "sh-region" }
+    end
+
+    context "without any credential environment variables and fallback to default profile at default location" do
+      subject do
+        allow(File).to receive(:exist?).and_return(true)
+        allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
+        allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
+        instance.tap do |o|
+          o.finalize!
+        end
+      end
+      its("access_key_id")         { should == "AKIdefault" }
+      its("secret_access_key")     { should == "PASSdefault" }
+      its("session_token")         { should be_nil }
+      its("region")                { should == "eu-west-1" }
+    end
+
+    context "with default profile and overriding region" do
+      subject do
+        allow(File).to receive(:exist?).and_return(true)
+        allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
+        allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
+        instance.region = "eu-central-1"
+        instance.tap do |o|
+          o.finalize!
+        end
+      end
+      its("access_key_id")         { should == "AKIdefault" }
+      its("secret_access_key")     { should == "PASSdefault" }
+      its("session_token")         { should be_nil }
+      its("region")                { should == "eu-central-1" }
+    end
+
+    context "without any credential environment variables and chosing a profile" do
+      subject do
+        allow(File).to receive(:exist?).and_return(true)
+        allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
+        allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
+        instance.aws_profile = "user3"
+        instance.tap do |o|
+          o.finalize!
+        end
+      end
+      its("access_key_id")         { should == "AKIuser3" }
+      its("secret_access_key")     { should == "PASSuser3" }
+      its("session_token")         { should == "TOKuser3" }
+      its("region")                { should == "us-west-2" }
+    end
+  end
+
+
+
+  describe "region config" do
+    let(:config_access_key_id)     { "foo" }
+    let(:config_ami)               { "foo" }
+    let(:config_instance_type)     { "foo" }
+    let(:config_keypair_name)      { "foo" }
+    let(:config_region)            { "foo" }
+    let(:config_secret_access_key) { "foo" }
+    let(:config_session_token)     { "foo" }
+
+    def set_test_values(instance)
+      instance.access_key_id     = config_access_key_id
+      instance.ami               = config_ami
+      instance.instance_type     = config_instance_type
+      instance.keypair_name      = config_keypair_name
+      instance.region            = config_region
+      instance.secret_access_key = config_secret_access_key
+      instance.session_token     = config_session_token
+    end
+
+    it "should raise an exception if not finalized" do
+      expect { instance.get_region_config("us-east-1") }.
+        to raise_error
+    end
+
+    context "with no specific config set" do
+      subject do
+        # Set the values on the top-level object
+        set_test_values(instance)
+
+        # Finalize so we can get the region config
+        instance.finalize!
+
+        # Get a lower level region
+        instance.get_region_config("us-east-1")
+      end
+
+      its("access_key_id")     { should == config_access_key_id }
+      its("ami")               { should == config_ami }
+      its("instance_type")     { should == config_instance_type }
+      its("keypair_name")      { should == config_keypair_name }
+      its("region")            { should == config_region }
+      its("secret_access_key") { should == config_secret_access_key }
+      its("session_token")     { should == config_session_token }
+    end
+
+    context "with a specific config set" do
+      let(:region_name) { "hashi-region" }
+
+      subject do
+        # Set the values on a specific region
+        instance.region_config region_name do |config|
+          set_test_values(config)
+        end
+
+        # Finalize so we can get the region config
+        instance.finalize!
+
+        # Get the region
+        instance.get_region_config(region_name)
+      end
+
+      its("access_key_id")     { should == config_access_key_id }
+      its("ami")               { should == config_ami }
+      its("instance_type")     { should == config_instance_type }
+      its("keypair_name")      { should == config_keypair_name }
+      its("region")            { should == region_name }
+      its("secret_access_key") { should == config_secret_access_key }
+      its("session_token")     { should == config_session_token }
+    end
+
+    describe "inheritance of parent config" do
+      let(:region_name) { "hashi-region" }
+
+      subject do
+        # Set the values on a specific region
+        instance.region_config region_name do |config|
+          config.ami = "child"
+        end
+
+        # Set some top-level values
+        instance.access_key_id = "parent"
+        instance.secret_access_key = "parent"
+        instance.ami = "parent"
+
+        # Finalize and get the region
+        instance.finalize!
+        instance.get_region_config(region_name)
+      end
+
+      its("access_key_id") { should == "parent" }
+      its("secret_access_key") { should == "parent" }
+      its("ami")           { should == "child" }
+    end
+
+    describe "shortcut configuration" do
+      subject do
+        # Use the shortcut configuration to set some values
+        instance.region_config "us-east-1", :ami => "child"
+        instance.finalize!
+        instance.get_region_config("us-east-1")
+      end
+
+      its("ami") { should == "child" }
+    end
+
+    describe "merging" do
+      let(:first)  { described_class.new }
+      let(:second) { described_class.new }
+
+      it "should merge the tags and block_device_mappings" do
+        first.tags["one"] = "one"
+        second.tags["two"] = "two"
+        first.package_tags["three"] = "three"
+        second.package_tags["four"] = "four"
+        first.block_device_mapping = [{:one => "one"}]
+        second.block_device_mapping = [{:two => "two"}]
+
+        third = first.merge(second)
+        third.tags.should == {
+          "one" => "one",
+          "two" => "two"
+        }
+        third.package_tags.should == {
+          "three" => "three",
+          "four" => "four"
+        }
+        third.block_device_mapping.index({:one => "one"}).should_not be_nil
+        third.block_device_mapping.index({:two => "two"}).should_not be_nil
+      end
+    end
+  end
+end