Module: Conjur::Provisioner::Layer::AWS

Defined in:: lib/conjur/provisioner/layer/aws.rb

Class Method Summary collapse

.included(base) ⇒ Object

Instance Method Summary collapse

#aws_role ⇒ Object
#provision ⇒ Object

Creates an AWS IAM Role corresponding to the Layer.

Class Method Details

.included(base) ⇒ `Object`

# File 'lib/conjur/provisioner/layer/aws.rb', line 27

def self.included(base)
  base.instance_eval do
    attr_accessor :aws_bucket_name
    attr_accessor :aws_credentialid
  end
end

Instance Method Details

#aws_role ⇒ `Object`



34
35
36

# File 'lib/conjur/provisioner/layer/aws.rb', line 34

def aws_role
  aws_iam.role[self.id.parameterize]
end

#provision ⇒ `Object`

Creates an AWS IAM Role corresponding to the Layer. The Role can be assumed by EC2 instances. Creates a system user (deputy) and adds it to the layer. In S3, a file is created with the identity of the system user, along with other information needed by Conjur chef-solo. The file is in chef-solo JSON format. It will be used by the [conjur-client Upstart job](github.com/conjur-cookbooks/conjur-client/blob/master/templates/default/conjur-bootstrap.conf.erb) to finish the server configuration.

# File 'lib/conjur/provisioner/layer/aws.rb', line 44

def provision
  aws_create_role
  aws_create_s3_bootstrap_file
end