Class: Awscli::Iam::Policies
- Inherits:
-
Object
- Object
- Awscli::Iam::Policies
- Defined in:
- lib/awscli/iam.rb
Instance Method Summary collapse
- #add_policy_document(options) ⇒ Object
- #delete_policy(options) ⇒ Object
-
#initialize(connection) ⇒ Policies
constructor
A new instance of Policies.
- #list(options) ⇒ Object
- #valid_json?(json_string) ⇒ Boolean
Constructor Details
#initialize(connection) ⇒ Policies
Returns a new instance of Policies.
262 263 264 |
# File 'lib/awscli/iam.rb', line 262 def initialize(connection) @conn = connection end |
Instance Method Details
#add_policy_document(options) ⇒ Object
288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 |
# File 'lib/awscli/iam.rb', line 288 def add_policy_document() document = [:policy_document] policyname = [:policy_name] #validate json document doc_path = File.(document) abort "Invalid file path: #{file_path}" unless File.exist?(doc_path) json_string = File.read(doc_path) abort "Invalid JSON format found in the document: #{document}" unless valid_json?(json_string) begin if [:user_name] @conn.put_user_policy([:user_name], policyname, JSON.parse(json_string) #json parsed to hash ) puts "Added policy: #{policyname} to user: #{[:user_name]}" elsif [:group_name] @conn.put_group_policy(option[:group_name], policyname, JSON.parse(json_string) ) puts "Added policy: #{policyname} to group: #{[:group_name]}" elsif [:role_name] @conn.put_role_policy([:role_name], policyname, JSON.parse(json_string) ) end puts "Added Policy #{policyname} from #{document}" rescue Fog::AWS::IAM::NotFound puts "[Error]: #{$!}" rescue Fog::AWS::IAM::Error puts "[Error]: #{$!}" end # => Example Documents # iam.put_user_policy(username, 'UserKeyPolicy', { # 'Statement' => [ # 'Effect' => 'Allow', # 'Action' => 'iam:*AccessKey*', # 'Resource' => arn # ] # }) # iam.put_user_policy(username, 'UserS3Policy', { # 'Statement' => [ # { # 'Effect' => 'Allow', # 'Action' => ['s3:*'], # 'Resource' => [ # "arn:aws:s3:::#{bucket_name}", # "arn:aws:s3:::#{bucket_name}/*" # ] # }, { # 'Effect' => 'Deny', # 'Action' => ['s3:*'], # 'NotResource' => [ # "arn:aws:s3:::#{bucket_name}", # "arn:aws:s3:::#{bucket_name}/*" # ] # } # ] # }) end |
#delete_policy(options) ⇒ Object
353 354 355 356 357 358 359 360 361 362 363 364 365 366 |
# File 'lib/awscli/iam.rb', line 353 def delete_policy() if [:user_name] @conn.delete_user_policy([:user_name], [:policy_name]) elsif [:group_name] @conn.delete_group_policy([:group_name], [:policy_name]) elsif [:role_name] @conn.delete_role_policy([:role_name], [:policy_name]) end puts "Deleted Policy #{[:policy_name]}" rescue Fog::AWS::IAM::NotFound puts "[Error]: #{$!}" rescue Fog::AWS::IAM::Error puts "[Error]: #{$!}" end |
#list(options) ⇒ Object
266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 |
# File 'lib/awscli/iam.rb', line 266 def list() if [:user_name] user = @conn.users.get([:user_name]) abort "[Error]: User not found #{user}" unless user user.policies.table elsif [:group_name] begin grp_policies = @conn.list_group_policies([:group_name]).body['PolicyNames'].map { |p| { 'Policy' => p } } Formatador.display_table(grp_policies) rescue Fog::AWS::IAM::NotFound puts "[Error]: #{$!}" end elsif [:role_name] begin role_policies = @conn.list_role_policies([:role_name]).body['PolicyNames'].map { |p| {'Policy' => p} } Formatador.display_table(role_policies) rescue Fog::AWS::IAM::NotFound puts "[Error]: #{$!}" end end end |
#valid_json?(json_string) ⇒ Boolean
368 369 370 371 372 373 |
# File 'lib/awscli/iam.rb', line 368 def valid_json?(json_string) JSON.parse(json_string) return true rescue JSON::ParserError return false end |