Class: StackMaster::Identity

Inherits:

Object

• Object
• StackMaster::Identity

Defined in:

lib/stack_master/identity.rb

Constant Summary

AllowedAccountAliasesError =

Class.new(StandardError)

MissingIamPermissionsError =

Class.new(StandardError)

Instance Method Summary

• #account ⇒ Object
• #account_aliases ⇒ Object
• #running_in_account?(accounts) ⇒ Boolean

Instance Method Details

#account ⇒ Object

# File 'lib/stack_master/identity.rb', line 17

def account
  @account ||= sts.get_caller_identity.account
end

#account_aliases ⇒ Object

# File 'lib/stack_master/identity.rb', line 21

def account_aliases
  @aliases ||= iam.list_account_aliases.account_aliases
rescue Aws::IAM::Errors::AccessDenied
  raise MissingIamPermissionsError, 'Failed to retrieve account aliases. Missing required IAM permission: iam:ListAccountAliases'
end

#running_in_account?(accounts) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/stack_master/identity.rb', line 6

def running_in_account?(accounts)
  return true if accounts.nil? || accounts.empty? || contains_account_id?(accounts)

  # skip alias check (which makes an API call) if all values are account IDs
  return false if accounts.all? { |account| account_id?(account) }

  contains_account_alias?(accounts)
rescue MissingIamPermissionsError
  raise AllowedAccountAliasesError, 'Failed to validate whether the current AWS account is allowed'
end