Module: Formatron::CloudFormation::Resources::IAM

Defined in:: lib/formatron/cloud_formation/resources/iam.rb

Overview

Generates CloudFormation template IAM resources

Class Method Summary collapse

.access_key(user_name:) ⇒ Object

rubocop:enable Metrics/MethodLength.
.instance_profile(role:) ⇒ Object

rubocop:enable Metrics/MethodLength.
.policy(role:, name:, statements:) ⇒ Object

rubocop:disable Metrics/MethodLength.
.role ⇒ Object

rubocop:disable Metrics/MethodLength.
.user(policy_name:, statements:) ⇒ Object

rubocop:disable Metrics/MethodLength.

Class Method Details

.access_key(user_name:) ⇒ `Object`

rubocop:enable Metrics/MethodLength

# File 'lib/formatron/cloud_formation/resources/iam.rb', line 83

def self.access_key(user_name:)
  {
    Type: 'AWS::IAM::AccessKey',
    Properties: {
      UserName: user_name
    }
  }
end

.instance_profile(role:) ⇒ `Object`

rubocop:enable Metrics/MethodLength

# File 'lib/formatron/cloud_formation/resources/iam.rb', line 27

def self.instance_profile(role:)
  {
    Type: 'AWS::IAM::InstanceProfile',
    Properties: {
      Path: '/',
      Roles: [Template.ref(role)]
    }
  }
end

.policy(role:, name:, statements:) ⇒ `Object`

rubocop:disable Metrics/MethodLength

# File 'lib/formatron/cloud_formation/resources/iam.rb', line 38

def self.policy(role:, name:, statements:)
  {
    Type: 'AWS::IAM::Policy',
    Properties: {
      Roles: [Template.ref(role)],
      PolicyName: name,
      PolicyDocument: {
        Version: '2012-10-17',
        Statement: statements.collect do |statement|
          {
            Effect: 'Allow',
            Action: statement[:actions],
            Resource: statement[:resources]
          }
        end
      }
    }
  }
end

.role ⇒ `Object`

rubocop:disable Metrics/MethodLength

# File 'lib/formatron/cloud_formation/resources/iam.rb', line 9

def self.role
  {
    Type: 'AWS::IAM::Role',
    Properties: {
      AssumeRolePolicyDocument: {
        Version: '2012-10-17',
        Statement: [{
          Effect: 'Allow',
          Principal: { Service: ['ec2.amazonaws.com'] },
          Action: ['sts:AssumeRole']
        }]
      },
      Path: '/'
    }
  }
end

.user(policy_name:, statements:) ⇒ `Object`

rubocop:disable Metrics/MethodLength

# File 'lib/formatron/cloud_formation/resources/iam.rb', line 60

def self.user(policy_name:, statements:)
  {
    Type: 'AWS::IAM::User',
    Properties: {
      Path: '/',
      Policies: [{
        PolicyName: policy_name,
        PolicyDocument: {
          Version: '2012-10-17',
          Statement: statements.collect do |statement|
            {
              Effect: 'Allow',
              Action: statement[:actions],
              Resource: statement[:resources]
            }
          end
        }
      }]
    }
  }
end

Module: Formatron::CloudFormation::Resources::IAM

Overview

Class Method Summary collapse

Class Method Details

.access_key(user_name:) ⇒ Object

.instance_profile(role:) ⇒ Object

.policy(role:, name:, statements:) ⇒ Object

.role ⇒ Object

.user(policy_name:, statements:) ⇒ Object

.access_key(user_name:) ⇒ `Object`

.instance_profile(role:) ⇒ `Object`

.policy(role:, name:, statements:) ⇒ `Object`

.role ⇒ `Object`

.user(policy_name:, statements:) ⇒ `Object`