Class: Fog::AWS::IAM::Mock
- Inherits:
-
Object
- Object
- Fog::AWS::IAM::Mock
- Defined in:
- lib/fog/aws/iam.rb,
lib/fog/aws/iam/default_policies.rb,
lib/fog/aws/requests/iam/get_role.rb,
lib/fog/aws/requests/iam/get_user.rb,
lib/fog/aws/requests/iam/get_group.rb,
lib/fog/aws/requests/iam/get_policy.rb,
lib/fog/aws/requests/iam/list_roles.rb,
lib/fog/aws/requests/iam/list_users.rb,
lib/fog/aws/requests/iam/create_role.rb,
lib/fog/aws/requests/iam/create_user.rb,
lib/fog/aws/requests/iam/delete_role.rb,
lib/fog/aws/requests/iam/delete_user.rb,
lib/fog/aws/requests/iam/list_groups.rb,
lib/fog/aws/requests/iam/create_group.rb,
lib/fog/aws/requests/iam/delete_group.rb,
lib/fog/aws/requests/iam/update_group.rb,
lib/fog/aws/requests/iam/create_policy.rb,
lib/fog/aws/requests/iam/delete_policy.rb,
lib/fog/aws/requests/iam/list_policies.rb,
lib/fog/aws/requests/iam/get_user_policy.rb,
lib/fog/aws/requests/iam/put_user_policy.rb,
lib/fog/aws/requests/iam/get_group_policy.rb,
lib/fog/aws/requests/iam/list_access_keys.rb,
lib/fog/aws/requests/iam/list_mfa_devices.rb,
lib/fog/aws/requests/iam/put_group_policy.rb,
lib/fog/aws/requests/iam/add_user_to_group.rb,
lib/fog/aws/requests/iam/create_access_key.rb,
lib/fog/aws/requests/iam/delete_access_key.rb,
lib/fog/aws/requests/iam/get_login_profile.rb,
lib/fog/aws/requests/iam/update_access_key.rb,
lib/fog/aws/requests/iam/attach_role_policy.rb,
lib/fog/aws/requests/iam/attach_user_policy.rb,
lib/fog/aws/requests/iam/delete_user_policy.rb,
lib/fog/aws/requests/iam/detach_role_policy.rb,
lib/fog/aws/requests/iam/detach_user_policy.rb,
lib/fog/aws/requests/iam/get_policy_version.rb,
lib/fog/aws/requests/iam/list_user_policies.rb,
lib/fog/aws/requests/iam/attach_group_policy.rb,
lib/fog/aws/requests/iam/delete_group_policy.rb,
lib/fog/aws/requests/iam/detach_group_policy.rb,
lib/fog/aws/requests/iam/get_account_summary.rb,
lib/fog/aws/requests/iam/list_group_policies.rb,
lib/fog/aws/requests/iam/create_login_profile.rb,
lib/fog/aws/requests/iam/delete_login_profile.rb,
lib/fog/aws/requests/iam/get_instance_profile.rb,
lib/fog/aws/requests/iam/list_groups_for_user.rb,
lib/fog/aws/requests/iam/list_policy_versions.rb,
lib/fog/aws/requests/iam/update_login_profile.rb,
lib/fog/aws/requests/iam/create_policy_version.rb,
lib/fog/aws/requests/iam/get_server_certificate.rb,
lib/fog/aws/requests/iam/list_instance_profiles.rb,
lib/fog/aws/requests/iam/remove_user_from_group.rb,
lib/fog/aws/requests/iam/create_instance_profile.rb,
lib/fog/aws/requests/iam/delete_instance_profile.rb,
lib/fog/aws/requests/iam/list_server_certificates.rb,
lib/fog/aws/requests/iam/delete_server_certificate.rb,
lib/fog/aws/requests/iam/update_server_certificate.rb,
lib/fog/aws/requests/iam/upload_server_certificate.rb,
lib/fog/aws/requests/iam/set_default_policy_version.rb,
lib/fog/aws/requests/iam/get_account_password_policy.rb,
lib/fog/aws/requests/iam/list_attached_role_policies.rb,
lib/fog/aws/requests/iam/list_attached_user_policies.rb,
lib/fog/aws/requests/iam/add_role_to_instance_profile.rb,
lib/fog/aws/requests/iam/list_attached_group_policies.rb,
lib/fog/aws/requests/iam/delete_account_password_policy.rb,
lib/fog/aws/requests/iam/update_account_password_policy.rb,
lib/fog/aws/requests/iam/list_instance_profiles_for_role.rb,
lib/fog/aws/requests/iam/remove_role_from_instance_profile.rb
Instance Attribute Summary collapse
-
#current_user_name ⇒ Object
readonly
Returns the value of attribute current_user_name.
Class Method Summary collapse
- .data ⇒ Object
- .default_policies ⇒ Object
- .default_policy_versions ⇒ Object
- .reset ⇒ Object
- .server_certificate_id ⇒ Object
Instance Method Summary collapse
- #account_id ⇒ Object
- #add_role_to_instance_profile(role_name, instance_profile_name) ⇒ Object
- #add_user_to_group(group_name, user_name) ⇒ Object
- #attach_group_policy(group_name, policy_arn) ⇒ Object
- #attach_role_policy(role_name, policy_arn) ⇒ Object
- #attach_user_policy(user_name, policy_arn) ⇒ Object
- #create_access_key(options) ⇒ Object
- #create_group(group_name, path = '/') ⇒ Object
- #create_instance_profile(instance_profile_name, path = '/', options = {}) ⇒ Object
- #create_login_profile(user_name, password) ⇒ Object
- #create_policy(policy_name, policy_document, path = "/", description = nil) ⇒ Object
- #create_policy_version(policy_arn, policy_document, set_as_default = true) ⇒ Object
- #create_role(role_name, assume_role_policy_document, path = '/') ⇒ Object
- #create_user(user_name, path = '/') ⇒ Object
- #current_user ⇒ Object
- #data ⇒ Object
- #delete_access_key(access_key_id, options = {}) ⇒ Object
- #delete_account_password_policy ⇒ Object
- #delete_group(group_name) ⇒ Object
- #delete_group_policy(group_name, policy_name) ⇒ Object
- #delete_instance_profile(instance_profile_name) ⇒ Object
- #delete_login_profile(user_name) ⇒ Object
- #delete_policy(policy_arn) ⇒ Object
- #delete_role(role_name) ⇒ Object
- #delete_server_certificate(server_certificate_name) ⇒ Object
- #delete_user(user_name) ⇒ Object
- #delete_user_policy(user_name, policy_name) ⇒ Object
- #detach_group_policy(group_name, policy_arn) ⇒ Object
- #detach_role_policy(role_name, policy_arn) ⇒ Object
- #detach_user_policy(user_name, policy_arn) ⇒ Object
- #get_account_password_policy ⇒ Object
- #get_account_summary ⇒ Object
- #get_group(group_name, options = {}) ⇒ Object
- #get_group_policy(policy_name, group_name) ⇒ Object
- #get_instance_profile(instance_profile_name) ⇒ Object
- #get_login_profile(user_name) ⇒ Object
- #get_policy(policy_arn) ⇒ Object
- #get_policy_version(policy_arn, version_id) ⇒ Object
- #get_role(role_name) ⇒ Object
- #get_server_certificate(name) ⇒ Object
- #get_user(username = nil, options = {}) ⇒ Object
- #get_user_policy(policy_name, user_name) ⇒ Object
-
#initialize(options = {}) ⇒ Mock
constructor
A new instance of Mock.
- #list_access_keys(options = {}) ⇒ Object
- #list_attached_group_policies(group_name, options = {}) ⇒ Object
- #list_attached_role_policies(role_name, options = {}) ⇒ Object
- #list_attached_user_policies(user_name, options = {}) ⇒ Object
- #list_group_policies(group_name, options = {}) ⇒ Object
- #list_groups(options = {}) ⇒ Object
- #list_groups_for_user(user_name, options = {}) ⇒ Object
- #list_instance_profiles(options = {}) ⇒ Object
- #list_instance_profiles_for_role(role_name, options = {}) ⇒ Object
- #list_mfa_devices(options = {}) ⇒ Object
- #list_policies(options = {}) ⇒ Object
- #list_policy_versions(policy_arn, options = {}) ⇒ Object
- #list_roles(options = {}) ⇒ Object
- #list_server_certificates(options = {}) ⇒ Object
- #list_user_policies(user_name, options = {}) ⇒ Object
- #list_users(options = {}) ⇒ Object
-
#put_group_policy(group_name, policy_name, policy_document) ⇒ Object
FIXME: You can’t actually use the credentials for anything elsewhere in Fog FIXME: Doesn’t do any validation on the policy.
-
#put_user_policy(user_name, policy_name, policy_document) ⇒ Object
FIXME: You can’t actually use the credentials for anything elsewhere in Fog FIXME: Doesn’t do any validation on the policy.
- #remove_role_from_instance_profile(role_name, instance_profile_name) ⇒ Object
- #remove_user_from_group(group_name, user_name) ⇒ Object
- #reset_data ⇒ Object
- #set_default_policy_version(policy_arn, version_id) ⇒ Object
- #setup_credentials(options) ⇒ Object
- #update_access_key(access_key_id, status, options = {}) ⇒ Object
- #update_account_password_policy(minimum_password_length, max_password_age, password_reuse_prevention, require_symbols, require_numbers, require_uppercase_characters, require_lowercase_characters, allow_users_to_change_password, hard_expiry, expire_passwords) ⇒ Object
- #update_group(group_name, options = {}) ⇒ Object
- #update_login_profile(user_name, password) ⇒ Object
- #update_server_certificate(server_certificate_name, options = {}) ⇒ Object
- #upload_server_certificate(certificate, private_key, name, options = {}) ⇒ Object
Constructor Details
#initialize(options = {}) ⇒ Mock
Returns a new instance of Mock.
196 197 198 199 200 201 |
# File 'lib/fog/aws/iam.rb', line 196 def initialize(={}) @use_iam_profile = [:use_iam_profile] @aws_credentials_expire_at = Time::now + 20 setup_credentials() end |
Instance Attribute Details
#current_user_name ⇒ Object (readonly)
Returns the value of attribute current_user_name.
194 195 196 |
# File 'lib/fog/aws/iam.rb', line 194 def current_user_name @current_user_name end |
Class Method Details
.data ⇒ Object
116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 |
# File 'lib/fog/aws/iam.rb', line 116 def self.data @data ||= Hash.new do |hash, key| owner_id = Fog::AWS::Mock.owner_id hash[key] = { :owner_id => owner_id, :instance_profiles => {}, :server_certificates => {}, :access_keys => [{ "Status" => "Active", "AccessKeyId" => key }], :devices => [{ :enable_date => Time.now, :serial_number => 'R1234', :user_name => 'Bob' }], :markers => Hash.new { |mhash, mkey| mhash[mkey] = [] }, :managed_policies => Fog::AWS::IAM::Mock.default_policies.inject({}) { |r,p| r.merge(p['Arn'] => p) }, :managed_policy_versions => Fog::AWS::IAM::Mock.default_policy_versions.inject({}) { |r,(arn,pv)| r.merge(arn => {pv["VersionId"] => pv}) }, :users => Hash.new do |uhash, ukey| uhash[ukey] = { :access_keys => [], :arn => "arn:aws:iam::#{owner_id}:user/#{ukey}", :attached_policies => [], :created_at => Time.now, :path => '/', :policies => {}, :user_id => Fog::AWS::Mock.key_id } end, :groups => Hash.new do |ghash, gkey| ghash[gkey] = { :arn => "arn:aws:iam::#{owner_id}:group/#{gkey}", :attached_policies => [], :created_at => Time.now, :group_id => Fog::AWS::Mock.key_id, :members => [], :policies => {} } end, :roles => Hash.new do |rhash, rkey| rhash[rkey] = { :role_id => Fog::AWS::Mock.key_id, :arn => "arn:aws:iam:#{owner_id}:role/#{rkey}", :create_date => Time.now, :assume_role_policy_document => { "Version" => "2012-10-17", "Statement" => [ { "Effect" => "Allow", "Principal" => { "Service" => [ "ec2.amazonaws.com" ] }, "Action" => ["sts:AssumeRole"] } ] }, } end } end end |
.default_policies ⇒ Object
5 6 7 |
# File 'lib/fog/aws/iam/default_policies.rb', line 5 def self.default_policies Fog::JSON.decode(File.read(File.("../default_policies.json", __FILE__))) end |
.default_policy_versions ⇒ Object
9 10 11 |
# File 'lib/fog/aws/iam/default_policies.rb', line 9 def self.default_policy_versions Fog::JSON.decode(File.read(File.("../default_policy_versions.json", __FILE__))) end |
.reset ⇒ Object
186 187 188 |
# File 'lib/fog/aws/iam.rb', line 186 def self.reset @data = nil end |
.server_certificate_id ⇒ Object
190 191 192 |
# File 'lib/fog/aws/iam.rb', line 190 def self.server_certificate_id Fog::Mock.random_hex(16) end |
Instance Method Details
#account_id ⇒ Object
207 208 209 |
# File 'lib/fog/aws/iam.rb', line 207 def account_id self.data[:owner_id] end |
#add_role_to_instance_profile(role_name, instance_profile_name) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/fog/aws/requests/iam/add_role_to_instance_profile.rb', line 32 def add_role_to_instance_profile(role_name, instance_profile_name) response = Excon::Response.new unless profile = self.data[:instance_profiles][instance_profile_name] raise Fog::AWS::IAM::NotFound.new("Instance Profile #{instance_profile_name} cannot be found.") end unless role = self.data[:roles][role_name] raise Fog::AWS::IAM::NotFound.new("Role #{role_name} cannot be found.") end profile["Roles"] << role_name response.body = {"RequestId" => Fog::AWS::Mock.request_id} response end |
#add_user_to_group(group_name, user_name) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/fog/aws/requests/iam/add_user_to_group.rb', line 32 def add_user_to_group(group_name, user_name) unless data[:groups].key?(group_name) raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end unless data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end unless data[:groups][group_name][:members].include?(user_name) data[:groups][group_name][:members] << user_name end Excon::Response.new.tap do |response| response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } end end |
#attach_group_policy(group_name, policy_arn) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/attach_group_policy.rb', line 32 def attach_group_policy(group_name, policy_arn) if policy_arn.nil? raise Fog::AWS::IAM::ValidationError, "1 validation error detected: Value null at 'policyArn' failed to satisfy constraint: Member must not be null" end managed_policy = self.data[:managed_policies][policy_arn] unless managed_policy raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} does not exist." end unless self.data[:groups].key?(group_name) raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end group = self.data[:groups][group_name] group[:attached_policies] << policy_arn managed_policy["AttachmentCount"] += 1 Excon::Response.new.tap { |response| response.status = 200 response.body = { "RequestId" => Fog::AWS::Mock.request_id } } end |
#attach_role_policy(role_name, policy_arn) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/fog/aws/requests/iam/attach_role_policy.rb', line 32 def attach_role_policy(role_name, policy_arn) response = Excon::Response.new if policy_arn.nil? raise Fog::AWS::IAM::ValidationError, "1 validation error detected: Value null at 'policyArn' failed to satisfy constraint: Member must not be null" end managed_policy = self.data[:managed_policies][policy_arn] unless managed_policy raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} does not exist." end unless self.data[:roles][role_name] raise Fog::AWS::IAM::NotFound.new("The role with name #{role_name} cannot be found.") end role = self.data[:roles][role_name] role[:attached_policies] ||= [] role[:attached_policies] << managed_policy['Arn'] managed_policy['AttachmentCount'] += 1 response.body = {"RequestId" => Fog::AWS::Mock.request_id} response end |
#attach_user_policy(user_name, policy_arn) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/attach_user_policy.rb', line 32 def attach_user_policy(user_name, policy_arn) if policy_arn.nil? raise Fog::AWS::IAM::ValidationError, "1 validation error detected: Value null at 'policyArn' failed to satisfy constraint: Member must not be null" end managed_policy = self.data[:managed_policies][policy_arn] unless managed_policy raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} does not exist." end unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end user = self.data[:users][user_name] user[:attached_policies] << policy_arn managed_policy['AttachmentCount'] += 1 Excon::Response.new.tap { |response| response.status = 200 response.body = { "RequestId" => Fog::AWS::Mock.request_id } } end |
#create_access_key(options) ⇒ Object
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 |
# File 'lib/fog/aws/requests/iam/create_access_key.rb', line 34 def create_access_key() #FIXME: Not 100% correct as AWS will use the signing credentials when there is no 'UserName' in the options hash # Also doesn't raise an error when there are too many keys if user = ['UserName'] if data[:users].key? user access_keys_data = data[:users][user][:access_keys] else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end else access_keys_data = data[:access_keys] end key = { 'SecretAccessKey' => Fog::Mock.random_base64(40), 'Status' => 'Active', 'AccessKeyId' => Fog::AWS::Mock.key_id(20), } if user key["UserName"] = user end access_keys_data << key Excon::Response.new.tap do |response| response.status = 200 response.body = { 'AccessKey' => key, 'RequestId' => Fog::AWS::Mock.request_id } end end |
#create_group(group_name, path = '/') ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/fog/aws/requests/iam/create_group.rb', line 37 def create_group(group_name, path = '/') if data[:groups].key? group_name raise Fog::AWS::IAM::EntityAlreadyExists.new("Group with name #{group_name} already exists.") else data[:groups][group_name][:path] = path Excon::Response.new.tap do |response| response.body = { 'Group' => { 'GroupId' => (data[:groups][group_name][:group_id]).strip, 'GroupName' => group_name, 'Path' => path, 'Arn' => (data[:groups][group_name][:arn]).strip }, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end end |
#create_instance_profile(instance_profile_name, path = '/', options = {}) ⇒ Object
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'lib/fog/aws/requests/iam/create_instance_profile.rb', line 45 def create_instance_profile(instance_profile_name, path='/', ={}) response = Excon::Response.new profile = { "Arn" => "arn:aws:iam::#{Fog::AWS::Mock.owner_id}:instance-profile#{path}#{instance_profile_name}", "CreateDate" => Time.now.utc, "InstanceProfileId" => Fog::Mock.random_hex(21), "InstanceProfileName" => instance_profile_name, "Path" => path, "Roles" => [], } self.data[:instance_profiles][instance_profile_name] = profile response.body = {"InstanceProfile" => profile, "RequestId" => Fog::AWS::Mock.request_id} response end |
#create_login_profile(user_name, password) ⇒ Object
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/fog/aws/requests/iam/create_login_profile.rb', line 34 def create_login_profile(user_name, password) unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end user = self.data[:users][user_name] if user[:login_profile] raise Fog::AWS::IAM::EntityAlreadyExists, "Login Profile for user #{user_name} already exists." end created_at = Time.now user[:login_profile] = { :created_at => created_at, :password => password, } response = Excon::Response.new response.status = 200 response.body = { "LoginProfile" => { "UserName" => user_name, "CreateDate" => created_at }, "RequestId" => Fog::AWS::Mock.request_id } response end |
#create_policy(policy_name, policy_document, path = "/", description = nil) ⇒ Object
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
# File 'lib/fog/aws/requests/iam/create_policy.rb', line 45 def create_policy(policy_name, policy_document, path="/", description=nil) response = Excon::Response.new arn = "arn:aws:iam:#{Fog::AWS::Mock.owner_id}:policy/#{policy_name}" policy = { "Arn" => arn, "AttachmentCount" => 0, "CreateDate" => Time.now.utc, "DefaultVersionId" => "v1", "Description" => description, "IsAttachable" => true, "Path" => path, "PolicyId" => Fog::Mock.random_hex(21), "PolicyName" => policy_name, "UpdateDate" => Time.now.utc, } self.data[:managed_policies][arn] = policy response.body = {"RequestId" => Fog::AWS::Mock.request_id, "Policy" => policy} response end |
#create_policy_version(policy_arn, policy_document, set_as_default = true) ⇒ Object
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/fog/aws/requests/iam/create_policy_version.rb', line 38 def create_policy_version(policy_arn, policy_document, set_as_default=true) managed_policy_versions = self.data[:managed_policy_versions][policy_arn] unless managed_policy_versions raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} version #{version_id} does not exist." end version = managed_policy_versions[version_id] unless version raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} version #{version_id} does not exist." end Excon::Response.new.tap do |response| response.body = { 'PolicyVersion' => version, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#create_role(role_name, assume_role_policy_document, path = '/') ⇒ Object
55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/fog/aws/requests/iam/create_role.rb', line 55 def create_role(role_name, assume_role_policy_document, path = '/') if data[:roles].key?(role_name) raise Fog::AWS::IAM::EntityAlreadyExists.new("Role with name #{role_name} already exists") else data[:roles][role_name][:path] = path Excon::Response.new.tap do |response| response.body = { 'Role' => { 'Arn' => data[:roles][role_name][:arn].strip, 'AssumeRolePolicyDocument' => Fog::JSON.encode(data[:roles][role_name][:assume_role_policy_document]), 'CreateDate' => data[:roles][role_name][:create_date], 'Path' => path || "/", 'RoleId' => data[:roles][role_name][:role_id].strip, 'RoleName' => role_name, }, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end end |
#create_user(user_name, path = '/') ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/create_user.rb', line 37 def create_user(user_name, path='/') if data[:users].key?(user_name) raise Fog::AWS::IAM::EntityAlreadyExists.new "User with name #{user_name} already exists." end data[:users][user_name][:path] = path Excon::Response.new.tap do |response| response.status = 200 response.body = { 'User' => { "UserId" => data[:users][user_name][:user_id], "Path" => path, "UserName" => user_name, "Arn" => (data[:users][user_name][:arn]).strip, }, 'RequestId' => Fog::AWS::Mock.request_id } end end |
#current_user ⇒ Object
232 233 234 235 236 237 238 239 |
# File 'lib/fog/aws/iam.rb', line 232 def current_user unless self.data[:users].key?("root") root = self.data[:users]["root"] # sets the hash root[:arn].gsub!("user/", "") # root user doesn't have "user/" key prefix end self.data[:users][self.current_user_name] end |
#data ⇒ Object
203 204 205 |
# File 'lib/fog/aws/iam.rb', line 203 def data self.class.data[@root_access_key_id] end |
#delete_access_key(access_key_id, options = {}) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/fog/aws/requests/iam/delete_access_key.rb', line 32 def delete_access_key(access_key_id, = {}) user_name = ['UserName'] if user_name && data[:users].key?(user_name) && data[:users][user_name][:access_keys].any? { |akey| akey['AccessKeyId'] == access_key_id } data[:users][user_name][:access_keys].delete_if { |akey| akey['AccessKeyId'] == access_key_id } Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The Access Key with id #{access_key_id} cannot be found.") end end |
#delete_account_password_policy ⇒ Object
27 28 29 30 31 32 |
# File 'lib/fog/aws/requests/iam/delete_account_password_policy.rb', line 27 def delete_account_password_policy Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#delete_group(group_name) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/fog/aws/requests/iam/delete_group.rb', line 30 def delete_group(group_name) if data[:groups].key? group_name if data[:groups][group_name][:members].empty? data[:groups].delete group_name Excon::Response.new.tap do |response| response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::Error.new("DeleteConflict => Cannot delete entity, must delete users in group first.") end else raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end end |
#delete_group_policy(group_name, policy_name) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 |
# File 'lib/fog/aws/requests/iam/delete_group_policy.rb', line 32 def delete_group_policy(group_name, policy_name) if !data[:groups].key? group_name raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") elsif !data[:groups][group_name][:policies].key? policy_name raise Fog::AWS::IAM::NotFound.new("The group policy with name #{policy_name} cannot be found.") else data[:groups][group_name][:policies].delete(policy_name) Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end end |
#delete_instance_profile(instance_profile_name) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/fog/aws/requests/iam/delete_instance_profile.rb', line 30 def delete_instance_profile(instance_profile_name) response = Excon::Response.new unless profile = self.data[:instance_profiles][instance_profile_name] raise Fog::AWS::IAM::NotFound.new("Instance Profile #{instance_profile_name} cannot be found.") end self.data[:instance_profiles].delete(instance_profile_name) response.body = {"RequestId" => Fog::AWS::Mock.request_id} response end |
#delete_login_profile(user_name) ⇒ Object
29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'lib/fog/aws/requests/iam/delete_login_profile.rb', line 29 def delete_login_profile(user_name) unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end user = self.data[:users][user_name] unless user[:login_profile] raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}" end user.delete(:login_profile) response = Excon::Response.new response.status = 200 response.body = { "RequestId" => Fog::AWS::Mock.request_id } response end |
#delete_policy(policy_arn) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/fog/aws/requests/iam/delete_policy.rb', line 30 def delete_policy(policy_arn) response = Excon::Response.new policy = self.data[:managed_policies][policy_arn] if policy.nil? raise Fog::AWS::IAM::NotFound.new("Policy #{policy_arn} does not exist or is not attachable.") end self.data[:managed_policies].delete(policy_arn) response.body = {"RequestId" => Fog::AWS::Mock.request_id} response end |
#delete_role(role_name) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 42 |
# File 'lib/fog/aws/requests/iam/delete_role.rb', line 30 def delete_role(role_name) role = data[:roles][role_name] if role data[:roles].delete(role_name) Excon::Response.new.tap do |response| response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::NotFound.new("The role with name #{role_name} cannot be found.") end end |
#delete_server_certificate(server_certificate_name) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 42 |
# File 'lib/fog/aws/requests/iam/delete_server_certificate.rb', line 30 def delete_server_certificate(server_certificate_name) response = Excon::Response.new response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } unless self.data[:server_certificates].delete(server_certificate_name) raise Fog::AWS::IAM::NotFound.new("The Server Certificate with name #{server_certificate_name} cannot be found.") end response end |
#delete_user(user_name) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 |
# File 'lib/fog/aws/requests/iam/delete_user.rb', line 30 def delete_user(user_name) if data[:users].key? user_name data[:users].delete user_name Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#delete_user_policy(user_name, policy_name) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 |
# File 'lib/fog/aws/requests/iam/delete_user_policy.rb', line 32 def delete_user_policy(user_name, policy_name) if data[:users].key?(user_name) && data[:users][user_name][:policies].key?(policy_name) data[:users][user_name][:policies].delete policy_name Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user policy with name #{policy_name} cannot be found.") end end |
#detach_group_policy(group_name, policy_arn) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/detach_group_policy.rb', line 32 def detach_group_policy(group_name, policy_arn) if policy_arn.nil? raise Fog::AWS::IAM::ValidationError, "1 validation error detected: Value null at 'policyArn' failed to satisfy constraint: Member must not be null" end managed_policy = self.data[:managed_policies][policy_arn] unless managed_policy raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} does not exist." end unless self.data[:groups].key?(group_name) raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end group = self.data[:groups][group_name] group[:attached_policies].delete(policy_arn) managed_policy["AttachmentCount"] -= 1 Excon::Response.new.tap { |response| response.status = 200 response.body = { "RequestId" => Fog::AWS::Mock.request_id } } end |
#detach_role_policy(role_name, policy_arn) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/detach_role_policy.rb', line 32 def detach_role_policy(role_name, policy_arn) response = Excon::Response.new if policy_arn.nil? raise Fog::AWS::IAM::ValidationError, "1 validation error detected: Value null at 'policyArn' failed to satisfy constraint: Member must not be null" end managed_policy = self.data[:managed_policies][policy_arn] unless managed_policy raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} does not exist." end unless self.data[:roles].key?(role_name) raise Fog::AWS::IAM::NotFound.new("The role with name #{role_name} cannot be found.") end role = self.data[:roles][role_name] role[:attached_policies].delete(policy_arn) managed_policy["AttachmentCount"] -= 1 response.body = {"RequestId" => Fog::AWS::Mock.request_id} response end |
#detach_user_policy(user_name, policy_arn) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/detach_user_policy.rb', line 32 def detach_user_policy(user_name, policy_arn) if policy_arn.nil? raise Fog::AWS::IAM::ValidationError, "1 validation error detected: Value null at 'policyArn' failed to satisfy constraint: Member must not be null" end managed_policy = self.data[:managed_policies][policy_arn] unless managed_policy raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} does not exist." end unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end user = self.data[:users][user_name] user[:attached_policies].delete(policy_arn) managed_policy["AttachmentCount"] -= 1 Excon::Response.new.tap { |response| response.status = 200 response.body = { "RequestId" => Fog::AWS::Mock.request_id } } end |
#get_account_password_policy ⇒ Object
27 28 29 30 31 32 |
# File 'lib/fog/aws/requests/iam/get_account_password_policy.rb', line 27 def get_account_password_policy() Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#get_account_summary ⇒ Object
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'lib/fog/aws/requests/iam/get_account_summary.rb', line 48 def get_account_summary Excon::Response.new.tap do |response| response.status = 200 response.body = { 'Summary' => { 'AccessKeysPerUserQuota' => 2, 'AccountMFAEnabled' => 0, 'GroupPolicySizeQuota' => 10240, 'Groups' => 31, 'GroupsPerUserQuota' => 10, 'GroupsQuota' => 50, 'MFADevices' => 20, 'MFADevicesInUse' => 10, 'ServerCertificates' => 5, 'ServerCertificatesQuota' => 10, 'SigningCertificatesPerUserQuota' => 2, 'UserPolicySizeQuota' => 10240, 'Users' => 35, 'UsersQuota' => 150, }, 'RequestId' => Fog::AWS::Mock.request_id } end end |
#get_group(group_name, options = {}) ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/fog/aws/requests/iam/get_group.rb', line 41 def get_group(group_name, = {}) raise Fog::AWS::IAM::NotFound.new( "The user with name #{group_name} cannot be found." ) unless self.data[:groups].key?(group_name) Excon::Response.new.tap do |response| response.body = { 'Group' => { 'GroupId' => data[:groups][group_name][:group_id], 'Path' => data[:groups][group_name][:path], 'GroupName' => group_name, 'Arn' => (data[:groups][group_name][:arn]).strip }, 'Users' => data[:groups][group_name][:members].map { |user| get_user(user).body['User'] }, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#get_group_policy(policy_name, group_name) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/fog/aws/requests/iam/get_group_policy.rb', line 33 def get_group_policy(policy_name, group_name) raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") unless self.data[:groups].key?(group_name) raise Fog::AWS::IAM::NotFound.new("The policy with name #{policy_name} cannot be found.") unless self.data[:groups][group_name][:policies].key?(policy_name) Excon::Response.new.tap do |response| response.body = { 'Policy' => { 'PolicyName' => policy_name, 'GroupName' => group_name, 'PolicyDocument' => data[:groups][group_name][:policies][policy_name] }, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#get_instance_profile(instance_profile_name) ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/fog/aws/requests/iam/get_instance_profile.rb', line 40 def get_instance_profile(instance_profile_name) response = Excon::Response.new instance_profile = self.data[:instance_profiles][instance_profile_name] unless instance_profile raise Fog::AWS::IAM::NotFound.new("Instance Profile #{instance_profile_name} cannot be found.") end instance_profile = instance_profile.dup instance_profile["Roles"].map! { |r| self.data[:roles][r] } response.body = {"InstanceProfile" => instance_profile, "RequestId" => Fog::AWS::Mock.request_id} response end |
#get_login_profile(user_name) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/fog/aws/requests/iam/get_login_profile.rb', line 33 def get_login_profile(user_name) unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end profile = self.data[:users][user_name][:login_profile] unless profile raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}" end response = Excon::Response.new response.status = 200 response.body = { "LoginProfile" => { "UserName" => user_name, "CreateDate" => profile[:created_at] }, "RequestId" => Fog::AWS::Mock.request_id } response end |
#get_policy(policy_arn) ⇒ Object
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/fog/aws/requests/iam/get_policy.rb', line 39 def get_policy(policy_arn) managed_policy = self.data[:managed_policies][policy_arn] unless managed_policy raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} does not exist." end Excon::Response.new.tap do |response| response.body = { 'Policy' => managed_policy, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#get_policy_version(policy_arn, version_id) ⇒ Object
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/get_policy_version.rb', line 35 def get_policy_version(policy_arn, version_id) managed_policy_versions = self.data[:managed_policy_versions][policy_arn] unless managed_policy_versions raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} version #{version_id} does not exist." end version = managed_policy_versions[version_id] unless version raise Fog::AWS::IAM::NotFound, "Policy #{policy_arn} version #{version_id} does not exist." end Excon::Response.new.tap do |response| response.body = { 'PolicyVersion' => version, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#get_role(role_name) ⇒ Object
36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/fog/aws/requests/iam/get_role.rb', line 36 def get_role(role_name) unless self.data[:roles].key?(role_name) raise Fog::AWS::IAM::NotFound.new("The role with name #{role_name} cannot be found") end role = self.data[:roles][role_name] Excon::Response.new.tap do |response| response.body = { 'Role' => { 'Arn' => role[:arn].strip, 'AssumeRolePolicyDocument' => Fog::JSON.encode(role[:assume_role_policy_document]), 'CreateDate' => role[:create_date], 'Path' => role[:path], 'RoleId' => role[:role_id].strip, 'RoleName' => role_name, }, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#get_server_certificate(name) ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/fog/aws/requests/iam/get_server_certificate.rb', line 30 def get_server_certificate(name) raise Fog::AWS::IAM::NotFound unless certificate = self.data[:server_certificates][name] response = Excon::Response.new response.status = 200 response.body = { 'Certificate' => certificate, 'RequestId' => Fog::AWS::Mock.request_id } response end |
#get_user(username = nil, options = {}) ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 |
# File 'lib/fog/aws/requests/iam/get_user.rb', line 41 def get_user(username = nil, = {}) response = Excon::Response.new user_body = nil if username.nil? # show current user user = self.current_user user_body = { 'UserId' => user[:user_id], 'Arn' => user[:arn].strip, 'CreateDate' => user[:created_at] } unless @current_user_name == "root" user_body.merge!( 'Path' => user[:path], 'UserName' => @current_user_name ) end elsif !self.data[:users].key?(username) raise Fog::AWS::IAM::NotFound.new("The user with name #{username} cannot be found.") else user = self.data[:users][username] user_body = { 'UserId' => user[:user_id], 'Path' => user[:path], 'UserName' => username, 'Arn' => user[:arn].strip, 'CreateDate' => user[:created_at] } end response.status = 200 response.body = { 'User' => user_body, 'RequestId' => Fog::AWS::Mock.request_id } response end |
#get_user_policy(policy_name, user_name) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/fog/aws/requests/iam/get_user_policy.rb', line 33 def get_user_policy(policy_name, user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The policy with name #{policy_name} cannot be found.") unless self.data[:users][user_name][:policies].key?(policy_name) Excon::Response.new.tap do |response| response.body = { 'Policy' => { 'PolicyName' => policy_name, 'UserName' => user_name, 'PolicyDocument' => data[:users][user_name][:policies][policy_name] }, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#list_access_keys(options = {}) ⇒ Object
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
# File 'lib/fog/aws/requests/iam/list_access_keys.rb', line 38 def list_access_keys( = {}) #FIXME: Doesn't do anything with options, aside from UserName if user = ['UserName'] if data[:users].key? user access_keys_data = data[:users][user][:access_keys] else raise Fog::AWS::IAM::NotFound.new("The user with name #{user} cannot be found.") end else access_keys_data = data[:access_keys] end Excon::Response.new.tap do |response| response.body = { 'AccessKeys' => access_keys_data.map do |akey| {'Status' => akey['Status'], 'AccessKeyId' => akey['AccessKeyId']} end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#list_attached_group_policies(group_name, options = {}) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'lib/fog/aws/requests/iam/list_attached_group_policies.rb', line 33 def list_attached_group_policies(group_name, ={}) unless self.data[:groups].key?(group_name) raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end limit = ['MaxItems'] marker = ['Marker'] group = self.data[:groups][group_name] if limit if limit > 1_000 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value less than or equal to 1000" ) elsif limit < 1 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value greater than or equal to 1" ) end end data_set = if marker self.data[:markers][marker] || [] else group[:attached_policies].map { |arn| self.data[:managed_policies].fetch(arn) }.map { |mp| { "PolicyName" => mp.fetch("PolicyName"), "PolicyArn" => mp.fetch("Arn") } } end data = data_set.slice!(0, limit || 100) truncated = data_set.size > 0 marker = truncated && Base64.encode64("metadata/l/#{account_id}/#{UUID.uuid}") response = Excon::Response.new body = { 'Policies' => data, 'IsTruncated' => truncated, 'RequestId' => Fog::AWS::Mock.request_id } if marker self.data[:markers][marker] = data_set body.merge!('Marker' => marker) end response.body = body response.status = 200 response end |
#list_attached_role_policies(role_name, options = {}) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'lib/fog/aws/requests/iam/list_attached_role_policies.rb', line 33 def list_attached_role_policies(role_name, ={}) unless self.data[:roles].key?(role_name) raise Fog::AWS::IAM::NotFound.new("The role with name #{role_name} cannot be found.") end limit = ['MaxItems'] marker = ['Marker'] role = self.data[:roles][role_name] if limit if limit > 1_000 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value less than or equal to 1000" ) elsif limit < 1 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value greater than or equal to 1" ) end end data_set = if marker self.data[:markers][marker] || [] else role[:attached_policies].map { |arn| self.data[:managed_policies].fetch(arn) }.map { |mp| { "PolicyName" => mp.fetch("PolicyName"), "PolicyArn" => mp.fetch("Arn") } } end data = data_set.slice!(0, limit || 100) truncated = data_set.size > 0 marker = truncated && Base64.encode64("metadata/l/#{account_id}/#{UUID.uuid}") response = Excon::Response.new body = { 'Policies' => data, 'IsTruncated' => truncated, 'RequestId' => Fog::AWS::Mock.request_id } if marker self.data[:markers][marker] = data_set body.merge!('Marker' => marker) end response.body = body response.status = 200 response end |
#list_attached_user_policies(user_name, options = {}) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/fog/aws/requests/iam/list_attached_user_policies.rb', line 33 def list_attached_user_policies(user_name, ={}) unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end limit = ['MaxItems'] marker = ['Marker'] user = self.data[:users][user_name] if limit if limit > 1_000 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value less than or equal to 1000" ) elsif limit < 1 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value greater than or equal to 1" ) end end data_set = if marker self.data[:markers][marker] || [] else user[:attached_policies].map { |arn| self.data[:managed_policies].fetch(arn) }.map { |mp| { "PolicyName" => mp.fetch("PolicyName"), "PolicyArn" => mp.fetch("Arn") } } end data = data_set.slice!(0, limit || 100) truncated = data_set.size > 0 marker = truncated && Base64.encode64("metadata/l/#{account_id}/#{UUID.uuid}") response = Excon::Response.new body = { 'Policies' => data, 'IsTruncated' => truncated, 'RequestId' => Fog::AWS::Mock.request_id, 'Marker' => nil } if marker self.data[:markers][marker] = data_set body.merge!('Marker' => marker) end response.body = body response.status = 200 response end |
#list_group_policies(group_name, options = {}) ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/fog/aws/requests/iam/list_group_policies.rb', line 37 def list_group_policies(group_name, = {}) #FIXME: doesn't use options atm if data[:groups].key? group_name Excon::Response.new.tap do |response| response.body = { 'PolicyNames' => data[:groups][group_name][:policies].keys, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#list_groups(options = {}) ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/fog/aws/requests/iam/list_groups.rb', line 40 def list_groups( = {} ) #FIXME: Doesn't observe options Excon::Response.new.tap do |response| response.status = 200 response.body = { 'Groups' => data[:groups].map do |name, group| { 'GroupId' => group[:group_id], 'GroupName' => name, 'Path' => group[:path], 'Arn' => (group[:arn]).strip } end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } end end |
#list_groups_for_user(user_name, options = {}) ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
# File 'lib/fog/aws/requests/iam/list_groups_for_user.rb', line 41 def list_groups_for_user(user_name, = {}) #FIXME: Does not consider options if data[:users].key? user_name Excon::Response.new.tap do |response| response.status = 200 response.body = { 'GroupsForUser' => data[:groups].select do |name, group| group[:members].include? user_name end.map do |name, group| { 'GroupId' => group[:group_id], 'GroupName' => name, 'Path' => group[:path], 'Arn' => (group[:arn]).strip } end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#list_instance_profiles(options = {}) ⇒ Object
48 49 50 51 52 53 |
# File 'lib/fog/aws/requests/iam/list_instance_profiles.rb', line 48 def list_instance_profiles(={}) response = Excon::Response.new profiles = self.data[:instance_profiles].values response.body = { "InstanceProfiles" => profiles, "IsTruncated" => false, "RequestId" => Fog::AWS::Mock.request_id } response end |
#list_instance_profiles_for_role(role_name, options = {}) ⇒ Object
49 50 51 52 53 54 55 |
# File 'lib/fog/aws/requests/iam/list_instance_profiles_for_role.rb', line 49 def list_instance_profiles_for_role(role_name, ={}) response = Excon::Response.new profiles = self.data[:instance_profiles].values.select { |p| p["Roles"].include?(role_name) } response.body = { "InstanceProfiles" => profiles, "IsTruncated" => false, "RequestId" => Fog::AWS::Mock.request_id } response end |
#list_mfa_devices(options = {}) ⇒ Object
39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/fog/aws/requests/iam/list_mfa_devices.rb', line 39 def list_mfa_devices( = {}) #FIXME: Doesn't observe options Excon::Response.new.tap do |response| response.status = 200 response.body = { 'MFADevices' => data[:devices].map do |device| { 'EnableDate' => device[:enable_date], 'SerialNumber' => device[:serial_number], 'UserName' => device[:user_name] } end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } end end |
#list_policies(options = {}) ⇒ Object
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 |
# File 'lib/fog/aws/requests/iam/list_policies.rb', line 45 def list_policies(={}) limit = ['MaxItems'] marker = ['Marker'] if limit if limit > 1_000 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value less than or equal to 1000" ) elsif limit < 1 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value greater than or equal to 1" ) end end data_set = if marker self.data[:markers][marker] || [] else self.data[:managed_policies].values end if ["PathPrefix"] data_set = data_set.select { |p| p["Path"].match(/^#{["PathPrefix"]}/) } end data = data_set.slice!(0, limit || 100) truncated = data_set.size > 0 marker = truncated && Base64.encode64("metadata/l/#{account_id}/#{UUID.uuid}") response = Excon::Response.new body = { 'Policies' => data, 'IsTruncated' => truncated, 'RequestId' => Fog::AWS::Mock.request_id } if marker self.data[:markers][marker] = data_set body.merge!('Marker' => marker) end response.body = body response.status = 200 response end |
#list_policy_versions(policy_arn, options = {}) ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'lib/fog/aws/requests/iam/list_policy_versions.rb', line 37 def list_policy_versions(policy_arn, ={}) limit = ['MaxItems'] marker = ['Marker'] if limit if limit > 1_000 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value less than or equal to 1000" ) elsif limit < 1 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value greater than or equal to 1" ) end end data_set = if marker self.data[:markers][marker] || [] else self.data[:policy_versions].values end data = data_set.slice!(0, limit || 100) truncated = data_set.size > 0 marker = truncated && Base64.encode64("metadata/l/#{account_id}/#{UUID.uuid}") response = Excon::Response.new body = { 'Versions' => data, 'IsTruncated' => truncated, 'RequestId' => Fog::AWS::Mock.request_id } if marker self.data[:markers][marker] = data_set body.merge!('Marker' => marker) end response.body = body response.status = 200 response end |
#list_roles(options = {}) ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'lib/fog/aws/requests/iam/list_roles.rb', line 41 def list_roles(={}) limit = ['MaxItems'] marker = ['Marker'] if limit if limit > 1_000 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value less than or equal to 1000" ) elsif limit < 1 raise Fog::AWS::IAM::Error.new( "ValidationError => 1 validation error detected: Value '#{limit}' at 'limit' failed to satisfy constraint: Member must have value greater than or equal to 1" ) end end data_set = if marker self.data[:markers][marker] || [] else data[:roles].map { |role, data| { 'Arn' => data[:arn].strip, 'AssumeRolePolicyDocument' => Fog::JSON.encode(data[:assume_role_policy_document]), 'RoleId' => data[:role_id], 'Path' => data[:path], 'RoleName' => role, 'CreateDate' => data[:create_date], } } end data = data_set.slice!(0, limit || 100) truncated = data_set.size > 0 marker = truncated && Base64.encode64("metadata/l/#{account_id}/#{UUID.uuid}") response = Excon::Response.new body = { 'Roles' => data, 'IsTruncated' => truncated, 'RequestId' => Fog::AWS::Mock.request_id } if marker self.data[:markers][marker] = data_set body.merge!('Marker' => marker) end response.body = body response.status = 200 response end |
#list_server_certificates(options = {}) ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 |
# File 'lib/fog/aws/requests/iam/list_server_certificates.rb', line 40 def list_server_certificates( = {}) certificates = self.data[:server_certificates].values certificates = certificates.select { |certificate| certificate['Path'] =~ Regexp.new("^#{['PathPrefix']}") } if ['PathPrefix'] response = Excon::Response.new response.status = 200 response.body = { 'Certificates' => certificates } response end |
#list_user_policies(user_name, options = {}) ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 |
# File 'lib/fog/aws/requests/iam/list_user_policies.rb', line 37 def list_user_policies(user_name, = {}) #FIXME: doesn't use options atm if data[:users].key? user_name Excon::Response.new.tap do |response| response.body = { 'PolicyNames' => data[:users][user_name][:policies].keys, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#list_users(options = {}) ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/fog/aws/requests/iam/list_users.rb', line 40 def list_users( = {}) #FIXME: none of the options are currently supported Excon::Response.new.tap do |response| response.body = {'Users' => data[:users].map do |user, data| { 'UserId' => data[:user_id], 'Path' => data[:path], 'UserName' => user, 'Arn' => (data[:arn]).strip, 'CreateDate' => data[:created_at]} end, 'IsTruncated' => false, 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#put_group_policy(group_name, policy_name, policy_document) ⇒ Object
FIXME: You can’t actually use the credentials for anything elsewhere in Fog FIXME: Doesn’t do any validation on the policy
35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'lib/fog/aws/requests/iam/put_group_policy.rb', line 35 def put_group_policy(group_name, policy_name, policy_document) if data[:groups].key? group_name data[:groups][group_name][:policies][policy_name] = policy_document Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end end |
#put_user_policy(user_name, policy_name, policy_document) ⇒ Object
FIXME: You can’t actually use the credentials for anything elsewhere in Fog FIXME: Doesn’t do any validation on the policy
36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/fog/aws/requests/iam/put_user_policy.rb', line 36 def put_user_policy(user_name, policy_name, policy_document) if data[:users].key? user_name data[:users][user_name][:policies][policy_name] = policy_document Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end end |
#remove_role_from_instance_profile(role_name, instance_profile_name) ⇒ Object
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# File 'lib/fog/aws/requests/iam/remove_role_from_instance_profile.rb', line 33 def remove_role_from_instance_profile(role_name, instance_profile_name) response = Excon::Response.new unless profile = self.data[:instance_profiles][instance_profile_name] raise Fog::AWS::IAM::NotFound.new("Instance Profile #{instance_profile_name} cannot be found.") end unless role = self.data[:roles][role_name] raise Fog::AWS::IAM::NotFound.new("Role #{role_name} cannot be found.") end profile["Roles"].delete(role_name) response.body = {"RequestId" => Fog::AWS::Mock.request_id} response end |
#remove_user_from_group(group_name, user_name) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'lib/fog/aws/requests/iam/remove_user_from_group.rb', line 32 def remove_user_from_group(group_name, user_name) if data[:groups].key? group_name if data[:users].key? user_name data[:groups][group_name][:members].delete_if { |item| item == user_name } Excon::Response.new.tap do |response| response.status = 200 response.body = { 'RequestId' => Fog::AWS::Mock.request_id } end else raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end else raise Fog::AWS::IAM::NotFound.new("The group with name #{group_name} cannot be found.") end end |
#reset_data ⇒ Object
211 212 213 214 |
# File 'lib/fog/aws/iam.rb', line 211 def reset_data self.class.data.delete(@root_access_key_id) current_user end |
#set_default_policy_version(policy_arn, version_id) ⇒ Object
32 33 34 35 36 37 |
# File 'lib/fog/aws/requests/iam/set_default_policy_version.rb', line 32 def set_default_policy_version(policy_arn, version_id) Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#setup_credentials(options) ⇒ Object
216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 |
# File 'lib/fog/aws/iam.rb', line 216 def setup_credentials() @aws_access_key_id = [:aws_access_key_id] existing_user = nil @root_access_key_id, _ = self.class.data.find { |_, d| d[:users].find { |_, user| existing_user = user[:access_keys].find { |key| key["AccessKeyId"] == @aws_access_key_id } } } @root_access_key_id ||= @aws_access_key_id @current_user_name = existing_user ? existing_user["UserName"] : "root" end |
#update_access_key(access_key_id, status, options = {}) ⇒ Object
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/fog/aws/requests/iam/update_access_key.rb', line 34 def update_access_key(access_key_id, status, = {}) if user = ['UserName'] if data[:users].key? user access_keys_data = data[:users][user][:access_keys] else raise Fog::AWS::IAM::NotFound.new('The user with name #{user_name} cannot be found.') end else access_keys_data = data[:access_keys] end key = access_keys_data.find{|k| k["AccessKeyId"] == access_key_id} key["Status"] = status Excon::Response.new.tap do |response| response.status = 200 response.body = { 'AccessKey' => key, 'RequestId' => Fog::AWS::Mock.request_id } end end |
#update_account_password_policy(minimum_password_length, max_password_age, password_reuse_prevention, require_symbols, require_numbers, require_uppercase_characters, require_lowercase_characters, allow_users_to_change_password, hard_expiry, expire_passwords) ⇒ Object
47 48 49 50 51 52 |
# File 'lib/fog/aws/requests/iam/update_account_password_policy.rb', line 47 def update_account_password_policy(minimum_password_length, max_password_age, password_reuse_prevention,require_symbols,require_numbers,require_uppercase_characters, require_lowercase_characters,allow_users_to_change_password, hard_expiry, expire_passwords) Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#update_group(group_name, options = {}) ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
# File 'lib/fog/aws/requests/iam/update_group.rb', line 37 def update_group(group_name, = {}) raise Fog::AWS::IAM::NotFound.new( "The user with name #{group_name} cannot be found." ) unless self.data[:groups].key?(group_name) response = Excon::Response.new group = self.data[:groups][group_name] new_path = ['NewPath'] new_group_name = ['NewGroupName'] if new_path unless new_path.match(/\A\/[a-zA-Z0-9]+\/\Z/) raise Fog::AWS::IAM::ValidationError, "The specified value for path is invalid. It must begin and end with / and contain only alphanumeric characters and/or / characters." end group[:path] = new_path end if new_group_name self.data[:groups].delete(group_name) self.data[:groups][new_group_name] = group end response.status = 200 response.body = { 'Group' => {}, 'RequestId' => Fog::AWS::Mock.request_id } response end |
#update_login_profile(user_name, password) ⇒ Object
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'lib/fog/aws/requests/iam/update_login_profile.rb', line 31 def update_login_profile(user_name, password) unless self.data[:users].key?(user_name) raise Fog::AWS::IAM::NotFound.new("The user with name #{user_name} cannot be found.") end user = self.data[:users][user_name] unless user[:login_profile] raise Fog::AWS::IAM::NotFound, "Cannot find Login Profile for User #{user_name}" end user[:login_profile][:password] = password response = Excon::Response.new response.status = 200 response.body = { "RequestId" => Fog::AWS::Mock.request_id } response end |
#update_server_certificate(server_certificate_name, options = {}) ⇒ Object
36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 |
# File 'lib/fog/aws/requests/iam/update_server_certificate.rb', line 36 def update_server_certificate(server_certificate_name, = {}) new_server_certificate_name = ['NewServerCertificateName'] if self.data[:server_certificates][new_server_certificate_name] raise Fog::AWS::IAM::EntityAlreadyExists.new("The Server Certificate with name #{server_certificate_name} already exists.") end unless certificate = self.data[:server_certificates].delete(server_certificate_name) raise Fog::AWS::IAM::NotFound.new("The Server Certificate with name #{server_certificate_name} cannot be found.") end if new_server_certificate_name certificate['ServerCertificateName'] = new_server_certificate_name end if new_path = ['NewPath'] certificate['Path'] = new_path end self.data[:server_certificates][certificate['ServerCertificateName']] = certificate Excon::Response.new.tap do |response| response.body = { 'RequestId' => Fog::AWS::Mock.request_id } response.status = 200 end end |
#upload_server_certificate(certificate, private_key, name, options = {}) ⇒ Object
44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 |
# File 'lib/fog/aws/requests/iam/upload_server_certificate.rb', line 44 def upload_server_certificate(certificate, private_key, name, = {}) if certificate.nil? || certificate.empty? || private_key.nil? || private_key.empty? raise Fog::AWS::IAM::ValidationError.new end response = Excon::Response.new # Validate cert and key begin # must be an RSA private key raise OpenSSL::PKey::RSAError unless private_key =~ /BEGIN RSA PRIVATE KEY/ cert = OpenSSL::X509::Certificate.new(certificate) chain = OpenSSL::X509::Certificate.new(['CertificateChain']) if ['CertificateChain'] key = OpenSSL::PKey::RSA.new(private_key) rescue OpenSSL::X509::CertificateError, OpenSSL::PKey::RSAError => e = if e.is_a?(OpenSSL::X509::CertificateError) "Invalid Public Key Certificate." else "Invalid Private Key." end raise Fog::AWS::IAM::MalformedCertificate.new() end unless cert.check_private_key(key) raise Fog::AWS::IAM::KeyPairMismatch.new end if self.data[:server_certificates][name] raise Fog::AWS::IAM::EntityAlreadyExists.new("The Server Certificate with name #{name} already exists.") else response.status = 200 path = ['Path'] || "/" data = { 'Arn' => Fog::AWS::Mock.arn('iam', self.data[:owner_id], "server-certificate/#{name}"), 'Path' => path, 'ServerCertificateId' => Fog::AWS::IAM::Mock.server_certificate_id, 'ServerCertificateName' => name, 'UploadDate' => Time.now } self.data[:server_certificates][name] = data response.body = { 'Certificate' => data, 'RequestId' => Fog::AWS::Mock.request_id } end response end |